Investigations, Enforcement, & Compliance Alerts

On October 16, 2024, the New York Department of Financial Services (DFS) released an important industry guidance letter aimed at addressing the novel, complex cybersecurity risks associated with artificial intelligence (AI).

On August 27, 2024, the New York State Department of Financial Services (DFS) entered a Consent Order with Nordea Bank Abp and its New York branch requiring Nordea to pay $35 million within ten days of the Order. DFS’s investigation into Nordea Bank focused on the inadequacies of its Know Your Customer (KYC) and anti-money laundering (AML) policies, practices, and procedures at its banks in Latvia, Lithuania, Estonia, and Denmark—opened after the fall of the Soviet Union. DFS also found that Nordea failed to comply with the federal Bank Secrecy Act. As a result, Nordea was found to have violated 3 N.Y.C.R.R. § 116.2 for failing to maintain an effective and compliant AML program, failing to conduct adequate due diligence in its correspondent bank and Relationship Management Application relationships, and 3 N.Y.C.R.R. § 504.3 by failing to maintain an adequate transaction monitoring system.