The New York Department of Financial Services issued its artificial intelligence cybersecurity guidance in 2024, and for CCOs and CISOs at NYDFS-regulated institutions, it landed as a concrete set of expectations — not a distant policy signal. NYDFS AI cybersecurity guidance compliance is now an active examination priority, and regulated banks, insurers, and other covered entities need to understand exactly what the guidance requires, how examiners will test for it, and where it fits alongside the broader financial services AI regulatory environment. This post covers all of that.
What the NYDFS AI Cybersecurity Guidance Actually Requires
The NYDFS artificial intelligence cybersecurity guidance builds directly on the department’s existing cybersecurity regulation (23 NYCRR Part 500) and extends it to address risks specific to AI systems. It applies to all entities holding a license, registration, charter, certificate, or other authorization under New York Banking Law, Insurance Law, or Financial Services Law — a population that includes state-chartered banks, mortgage servicers, money transmitters, and insurance companies operating in New York. The guidance does not create a separate regulatory framework. Instead, it clarifies how existing NYDFS cybersecurity requirements apply when AI is involved. That framing matters: regulated institutions cannot treat AI governance as a future compliance project. If you are already subject to 23 NYCRR Part 500, the NYDFS AI guidance requirements banks must satisfy apply to you now. The core obligations the guidance addresses include:
- Risk assessment: AI systems must be included in the entity’s cybersecurity risk assessment. This means identifying where AI is used, what data it processes, and what failure modes it introduces.
- Access controls: AI systems that access nonpublic information require the same access management controls as any other system handling that data.
- Third-party risk: AI tools and models sourced from vendors are subject to the same third-party service provider requirements already embedded in Part 500.
- Incident response: AI-related incidents — including model manipulation, data poisoning, and adversarial attacks — must be covered by the entity’s incident response plan.
The guidance also addresses the specific threat vector of AI being used against regulated entities: social engineering attacks enhanced by generative AI, deepfake fraud, and automated vulnerability exploitation. Institutions are expected to account for these in their threat modeling.
Key AI Governance Obligations Under New York DFS Rules
Beyond the cybersecurity controls, the New York DFS AI governance framework introduces governance and accountability expectations that sit above the technical layer. These are the obligations most likely to surface gaps at institutions that have deployed AI tools without formal oversight structures.
- Board and senior management accountability. NYDFS expects that AI risk is owned at the senior level. The Chief Information Security Officer (required under Part 500 for larger entities) must have visibility into AI deployments. The board must receive reporting on AI-related cybersecurity risks as part of the annual cybersecurity report.
- Policies and procedures. Regulated entities must have written policies governing the use of AI in systems that touch nonpublic information or cybersecurity functions. These policies should address how AI tools are approved for use, how they are monitored, and how they are retired or replaced.
- Model inventory and documentation. While NYDFS AI governance requirements do not prescribe a specific model inventory format, examiners expect institutions to be able to demonstrate awareness of what AI systems are in use, who owns them, and what controls are applied. Institutions without a current inventory are starting from a significant deficit.
- Ongoing monitoring. AI systems are not static. The guidance expects that monitoring is continuous — not a one-time validation at deployment. This includes monitoring for model drift, unexpected outputs, and changes in the data environment that could affect model behavior.
For regional banks and credit unions building out these structures, the AI Governance Framework for Regional Banks and Credit Unions provides a practical starting point for operationalizing these requirements. The NYDFS guidance also intersects with model risk management expectations that have existed in banking supervision since SR 11-7. Institutions subject to both federal prudential oversight and NYDFS supervision need to reconcile those frameworks. The AI Model Risk Management and Validation Requirements Under NYDFS covers how those obligations layer.
How NYDFS Examiners Will Assess AI Compliance
NYDFS examination procedures for AI follow the same evidence-based approach used in cybersecurity examinations generally. Examiners will request documentation, conduct interviews with key personnel, and test whether written policies match actual practice. Institutions that have strong documentation but weak implementation — or strong implementation with no documentation — will find gaps. Based on the guidance and NYDFS’s established examination approach, here is what examiners are likely to request:
- Documentation requests:
- The entity’s current cybersecurity risk assessment, with AI systems explicitly addressed
- Written AI use policies and any AI-specific addenda to existing cybersecurity policies
- Evidence of board or senior management reporting on AI risk
- Third-party vendor contracts and due diligence records for AI tools
- Incident response plan, with confirmation that AI-specific scenarios are covered
- Personnel interviews:
- CISO or equivalent: What AI systems are in use? How are they monitored? Who approved them?
- Business line owners: How are AI tools selected and deployed? What controls exist at the point of use?
- Compliance: How is AI risk reported up the chain? What is the process for escalating AI-related incidents?
- Technical testing:
- Access controls on AI systems processing nonpublic information
- Logging and audit trail capabilities for AI-assisted decisions
- Evidence of penetration testing or vulnerability assessments that include AI components
The NYDFS AI guidance requirements banks face are not aspirational. Examiners will treat gaps in AI risk coverage the same way they treat gaps in any other Part 500 requirement — as findings that require remediation and, depending on severity, may result in enforcement action. The CCO and CISO Guide to AI Governance Responsibilities Under NYDFS goes deeper on how to structure internal accountability so that examination interviews produce consistent, credible answers.
Where NYDFS Fits in the Broader Financial Services AI Regulatory Landscape
NYDFS is not operating in isolation. Financial services AI regulation in 2024 and beyond involves multiple regulators issuing overlapping guidance, and institutions supervised by more than one regulator need a coherent picture of how these requirements interact.
- Federal banking regulators. The OCC, Federal Reserve, and FDIC have addressed AI primarily through the lens of model risk management (SR 11-7 / OCC 2011-12) and fair lending. No comprehensive federal AI rule for banks has been finalized. NYDFS has moved faster than federal prudential regulators on AI-specific cybersecurity requirements, which means institutions with both state and federal oversight must map NYDFS obligations onto existing federal model risk frameworks — not treat them as alternatives.
- The SEC. The Securities and Exchange Commission has focused on AI in investment advisory and broker-dealer contexts — particularly conflicts of interest in predictive data analytics. New York DFS AI cybersecurity requirements and SEC AI governance requirements address different risk surfaces, but institutions that are both NYDFS-licensed and SEC-registered face both sets of obligations simultaneously. The NYDFS vs. SEC AI Governance Requirements: A Multi-Regulator Compliance Guide maps where those requirements converge and diverge.
Other state and international frameworks — including activity in Colorado, California, and the EU AI Act — may apply to institutions with broader footprints, but the immediate compliance priority for NYDFS-regulated entities is resolving the federal prudential and SEC overlaps first. The practical implication: compliance programs built around a single regulator’s requirements will develop blind spots. A New York DFS AI governance framework designed to satisfy NYDFS requirements should be structured so that its documentation, controls, and governance structures can be mapped to other regulatory expectations without rebuilding from scratch.
Priority Actions for CCOs and CISOs at NYDFS-Regulated Institutions
NYDFS AI cybersecurity guidance compliance requires action across three time horizons: immediate gap assessment, near-term policy and control development, and ongoing monitoring and reporting.
Immediate (0–60 days):
- Complete an AI system inventory. Identify every AI tool in use across the institution that touches nonpublic information or cybersecurity functions — including vendor-provided tools, internally developed models, and AI features embedded in third-party platforms. If you cannot answer the question "what AI do we use and where," you cannot assess compliance.
- Review your cybersecurity risk assessment. Confirm that AI systems are explicitly addressed. If the current assessment predates your AI deployments or the NYDFS guidance, it needs to be updated.
- Audit your third-party AI vendor contracts. Confirm that contracts include the security and oversight provisions required under Part 500’s third-party service provider requirements.
Near-term (60–180 days):
- Develop or update AI use policies. Written policies should cover AI approval processes, acceptable use, monitoring requirements, and incident escalation. Policies that describe processes that do not actually exist will create examination risk, not reduce it.
- Update your incident response plan. Add AI-specific scenarios: model manipulation, adversarial inputs, AI-assisted phishing, and deepfake fraud. Run a tabletop exercise that includes at least one AI-related scenario.
- Establish board reporting on AI risk. If AI risk is not currently a standing item in cybersecurity reporting to the board, add it now.
Ongoing:
- Implement continuous monitoring for AI systems. Define what normal looks like for each material AI system, establish alerting for anomalies, and assign ownership for monitoring and response.
- Track regulatory developments. NYDFS has indicated its AI guidance will evolve. Assign someone to monitor developments and assess implications for your compliance program quarterly.
For a structured implementation roadmap with sequenced milestones, the NYDFS AI Compliance Checklist and Implementation Roadmap for Banks provides a step-by-step framework.
Assess your NYDFS AI compliance posture. If you are not certain whether your current cybersecurity program adequately addresses the NYDFS AI guidance requirements, a structured gap assessment is the right starting point. Schedule a consultation to review your AI governance and cybersecurity controls against NYDFS expectations.
For the complete compliance reference on this topic, see the NYDFS AI Cybersecurity Guidance Compliance pillar.