Mr. Kniaz is an associate in Davis Polk’s Litigation Department. [Full Bio]

Since the CFPB issued its Arbitration Rule in July, most commentators have focused on ways the rule may be blocked from going into effect. Chief among these is the possibility that Congress will vote to overturn the rule under the Congressional Review Act, and the House did promptly vote in
Continue Reading What Happens if the CFPB Arbitration Rule Isn’t Overturned? – Ten Practical Tips to Think About Now

Yesterday afternoon, the CFPB issued a final rule that, once it becomes effective, is designed to prohibit providers of certain consumer financial products or services from using pre-dispute arbitration clauses to bar consumers from participating in class action lawsuits.  Although covered providers will still be permitted to include mandatory arbitration
Continue Reading CFPB Issues Final Rule Limiting Use of Arbitration Clauses in Consumer Financial Contracts

In October 2016, the U.S. federal banking agencies jointly issued an advance notice of proposed rulemaking regarding enhanced cyber risk management standards (the “Enhanced Standards”).  The Enhanced Standards would apply on an enterprise-wide basis to large financial institutions and their service providers, as detailed in this memorandum.  The U.S. federal


Continue Reading Banking Regulators Float Broad Cyber Risk Approach

On October 25, 2016 FinCEN issued an advisory and FAQs to financial institutions regarding their Suspicious Activity Report (SAR) obligations with respect to cyber-events, cyber-enabled crime, and cyber-related information as those terms are defined. The FAQs supersede previous FAQs issued in 2001. The advisory and FAQ also discuss collaboration between


Continue Reading FinCEN issues Advisory and FAQs on Cyber-Events and Cyber-Enabled Crime

In September 2016, the New York State Department of Financial Services (the “NYDFS”) proposed new cybersecurity regulations (the “Proposed Rules”) for banks, insurance companies and other financial institutions regulated by the NYDFS (“Covered Entities”).[1]  The Proposed Rules reflect an ongoing interest in cybersecurity by


Continue Reading New York State Department of Financial Services Proposes New Cybersecurity Regulations

On March 2, 2016, the CFPB announced that it had settled an enforcement action with Dwolla, Inc., an online payment platform, for making allegedly deceptive statements regarding its data security practices and the safety of its online payment system. Dwolla agreed to pay a $100,000 civil penalty and to undertake


Continue Reading CFPB Brings First Ever Data Security Enforcement Action: Review and Analysis