November 22, 2019
Last week, the New York State Department of Financial Services (“DFS”) proposed a new regulation allowing regulated entities to share “confidential supervisory information” with their legal counsel and independent auditors without first obtaining approval from DFS. Announced by superintendent Linda Lacewell, DFS stated that the new regulation will make it easier for banks to share confidential information with attorneys and other advisors by seeking to “streamline” the disclosure process. The regulation will be subject to a 60-day comment period following publication in the state register on November 27, 2019.
DFS’s Current Outlier Approach
As New York’s chief financial regulator, DFS has broad “supervisory” authority to examine and investigate banks, trust companies, investment companies, and other banking organizations in order to “protect the public interest.” In exercising that authority, DFS has long mandated that reports, memoranda, or correspondence relating to such investigations and examinations, including materials from banks or regulatory agencies, be deemed “confidential” and not be subject to subpoena or disclosed to the public without DFS approval. This confidentiality requirement, which is more than a century old, applies even after an entity has received a disclosure request pursuant to New York’s Freedom of Information Law.
DFS and its predecessors have long maintained that such a rule is intended to “encourage frank and open communications” between regulated entities and DFS. And that is because the restriction can, in some cases, facilitate “effective” and “comprehensive” examinations by DFS and allow the agency to make “frank and forceful criticism” without fear of disclosure. Indeed, other important bank regulators have imposed similar restrictions on disclosure of confidential supervisory information, including the Consumer Financial Protection Bureau (“CFPB”), the Office of the Comptroller of the Currency (“OCC”), the Board of Governors of the Federal Reserve System (“FRB”), and the Federal Deposit Insurance Corporation (“FDIC”).
Nevertheless, the sheer breadth of DFS’s prohibition and the agency’s aggressive approach in interpreting its own mandate have led some to criticize DFS’s rule as out of step with more sensible restrictions imposed by other regulators. For example, DFS has often asserted restrictions to prevent regulated companies from sharing information with other regulators. It has also taken the position that its prohibition applies even when a regulated entity seeks to provide confidential supervisory information to important professional advisors such as legal counsel—an interpretation that raises constitutional concerns in light of its obvious impact on the attorney-client relationship and which, in any event, may lack statutory support given the New York Legislature’s prohibition on disclosure of such information to the “public.”
As a result of DFS’s aggressive approach, legal counsel with financial clients are often forced to take the cumbersome, time-consuming step of obtaining DFS approval before considering such confidential supervisory information and can be impaired from providing timely and thorough advice with respect to compliance with the state’s banking statutes.
The Proposed Regulation
The new regulation would provide a “limited exception” to DFS’s restrictions as they relate to regulated entities and professional advisors. In particular, regulated entities would now be able to share confidential supervisory information with legal counsel and auditors without first obtaining DFS’s approval, provided that they enter into a written agreement stating, among other things, that the information will be used solely to provide “legal representation or auditing services”; that the information will be disclosed solely to employees, directors, or officers on a “need to know” basis; that the counsel or auditors will notify DFS of demands or requests for such information; and that the advisors will assert legal privileges or protections as requested by DFS and on the agency’s behalf. In addition, the regulated entities must keep a record of all disclosed confidential supervisory information and a copy of each required written agreement.
The new regulation would place DFS closer in line with other regulators of financial institutions, which also permit disclosure to legal counsel and other professionals. The CFPB, FDIC, OCC, and FRB all currently allow certain service providers to access confidential supervisory information without seeking additional approval from the regulator.
“With this action, DFS is delivering on a promise I made to ensure the Department engages in an open dialogue with the financial services industry,” said Superintendent Lacewell, who was confirmed as Superintendent this year. “This is one of the many steps DFS is taking to ensure an efficient regulatory structure to assist the industry.”
The new DFS administration is likely to be applauded for this proposed regulation, which reflects a meaningful attempt to “modernize and transform” DFS’s practices and to adhere to its statutory mandate to “foster the growth of the financial industry in New York and spur state economic growth through judicious regulation.” Moving forward, financial institutions should view this new measure as a favorable development, and sophisticated legal counsel are likely to find it easier to provide prompt legal advice to their clients.
 Click here.
 Click here.
 N.Y. Banking Law § 36(10); 3 N.Y.C.R.R. Sup. Proc. G 106.8; see ch. 146, 1961 N.Y. Laws, 779, 680; see also here.
 See Banking Law § 36(10) (“All reports of examinations and investigations, correspondence and memoranda concerning or arising out of such examination and investigations . . . shall not be made public unless, in the judgment of the superintendent, the ends of justice and the public advantage will be subserved by the publication thereof.” (emphasis added)).
 See 3 N.Y.C.R.R. § 7.2(b) (proposed 2019); see also here.
 See 3 N.Y.C.R.R. § 7.2(c) (proposed 2019); see also here.
 See 3 N.Y.C.R.R. § 7.2(c) (proposed 2019); see also here.
Gibson, Dunn & Crutcher’s lawyers are available to assist with any questions you may have regarding these issues. For further information, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Public Policy or Financial Institutions practice groups, or the authors:
Mylan L. Denerstein – Co-Chair, Public Policy Practice, New York (+1 212-351-3850, firstname.lastname@example.org)
Matthew L. Biben – Co-Chair, Financial Institutions Practice, New York (+1 212-351-6300, email@example.com)
Seth M. Rokosky – New York (+1 212-351-6389, firstname.lastname@example.org)
Randi Kira Brown* – New York (+1 212-351-6205, email@example.com)
Please also feel free to contact the following practice group leaders:
Financial Institutions Group:
Arthur S. Long – New York (+1 212-351-2426, firstname.lastname@example.org)
Stephanie L. Brooker – Washington, D.C. (+1 202-887-3502, email@example.com)
M. Kendall Day – Washington, D.C. (+1 202-955-8220, firstname.lastname@example.org)
*Not admitted to practice in New York; practicing under the supervision of Gibson, Dunn & Crutcher LLP.
© 2019 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.