Skip to main content

GLBA Safeguards and NYDFS 500: US Financial Privacy AI Requirements with Personal Liability

· 4 min read
David Sanker
David Sanker
Lawyer, Legal Knowledge Engineer & UAPK Inventor

Two US financial privacy regulations updated significantly in 2023: the FTC's Safeguards Rule under GLBA (effective June 2023) and New York DFS's 23 NYCRR 500 cybersecurity regulation (effective November 2023). Both have teeth that the originals lacked — and both attach personal liability to individuals for compliance failures.

If you're a US financial institution, non-bank financial company, or mortgage servicer, and you're deploying AI agents that touch customer financial data, both regulations apply.

GLBA Safeguards Rule 2023: What Changed

The FTC's updated Safeguards Rule expanded who's covered and what's required. Key changes relevant to AI:

Expanded covered entities: Now explicitly includes mortgage brokers, auto dealers with finance functions, tax preparers, payday lenders, and travel agencies that issue credit. If you process customer financial information as part of your business, you're likely covered.

Annual penetration testing: The rule now requires annual penetration testing of the systems that access customer financial data. For AI agents: the gateway's policy enforcement is in scope.

Encryption requirements: Customer financial data in transit and at rest must be encrypted. For AI agents: the data flowing through the gateway is covered.

Multi-factor authentication: Required for all systems accessing customer financial data. Capability tokens function as the AI agent's authentication credential.

Access controls: The rule requires "access controls consistent with the size and complexity of the financial institution." For AI agents: the tool allowlist and capability declarations define what the agent can access.

Qualified individual: The rule requires designation of a qualified individual to oversee the information security program. That individual must report annually to the board. For AI agents: the agent's compliance posture is part of what they're responsible for.

NYDFS 500 v2.0: CISO Personal Liability

The NYDFS regulation is notable for attaching personal liability to the CISO. Key v2.0 additions:

CISO annual certification: The CISO must certify annually that the cybersecurity program complies with the regulation. False certifications expose the CISO personally.

24-hour incident notification: Certain cybersecurity incidents must be reported to NYDFS within 24 hours. This is stricter than GLBA's 30-day timeline for covered entities.

Class A companies: The largest covered entities (>$20B revenue, >2000 employees, or >$1B in gross annual revenue from NY) face additional requirements including independent audits of their cybersecurity programs.

AI explicitly in scope: The v2.0 amendments explicitly reference "artificial intelligence" as a technology requiring risk assessment and controls.

For AI agents operating in New York financial services:

{
  "constraints": {
    "audit_retention_days": 1825,
    "require_human_approval": ["data:read", "payment:execute"]
  },
  "policy": {
    "jurisdiction_allowlist": ["US"],
    "require_capability_token": true
  }
}

audit_retention_days: 1825 — NYDFS requires 3 years minimum; 5 years is conservative best practice.

require_human_approval on sensitive action types ensures the CISO can truthfully certify that human oversight is implemented.

The 24-Hour Notification Clock

NYDFS's 24-hour incident notification requirement is the most aggressive incident reporting timeline in US financial regulation. For an AI agent incident:

  • Agent behaves unexpectedly at T+0
  • Team is alerted at T+2 hours
  • Initial assessment complete at T+6 hours
  • NYDFS notification due at T+24 hours

The UAPK audit log should be the first place you look when an incident is suspected. The interaction records, scoped to the suspect agent and time window, tell you exactly what the agent did. With a complete log, initial assessment can happen in minutes, not hours.

The 24-hour clock starts when you have reason to believe a covered event occurred — not when you've confirmed it. If you discover at T+0 that something may have happened and start investigating, the clock is already running.

The SEC Cyber Rule Stack

For public companies that are also NY-licensed financial entities, three incident reporting timelines apply simultaneously:

  • SEC Cybersecurity Rule: 4 business days for material incidents (Form 8-K)
  • NYDFS 500: 24 hours for covered events
  • GLBA Safeguards: 30 days notification to affected customers

The NYDFS 24-hour deadline is the fastest and most likely to be triggered first. Building the incident response process around the 24-hour requirement means you'll also meet the longer timelines.

The UAPK evidence bundle supports all three reporting requirements with the same underlying data — the audit log, scoped to the incident.

Non-Bank Financial Companies

GLBA's expanded coverage is catching companies that didn't previously think of themselves as "financial institutions":

  • Fintechs providing lending, payments, or money transmission
  • Buy Now Pay Later providers
  • Cryptocurrency exchanges registered as money service businesses
  • Investment advisors under the Investment Advisers Act

For these companies, GLBA compliance via the Safeguards Rule is a new requirement — and deploying AI agents without it creates direct FTC enforcement exposure. The FTC has been active in enforcing the Safeguards Rule since the 2023 update took effect.