AI is already a DFS
‍compliance risk.

It's in the tools your staff use every day. And an examiner can ask about it today.

No new rule, no grace period: AI already falls under NYDFS Part 500.

In 45 focused minutes, we’ll break down:

1. AI you never approved: features switched on by default
in tools you already run.
2. Shadow AI & PII leaks: staff pasting client data into
public AI tools.
3. The security hole it opens: data outside your MFA, encryption, and logging.

Save your seat

Free to attend · live online · takes under a minute.

🎟️ Every attendee gets a complimentary Risk Assessment —
your AI & compliance exposure mapped to what DFS expects.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

By registering you agree to be contacted about this event. Your details are never
entered into public AI systems.

The exposure is already live

The AI you've already deployed
has already put you in scope for
a DFS audit.

No new rule. No grace period. The AI already running in your agency falls under the Part
500 obligations you already have and an examiner can ask about it today.

Staff pasting client details into ChatGPT. Copilot reading your policy files. AI quietly baked
into the vendor tools you already pay for. That's nonpublic customer information moving
through AI you haven't policy-checked, documented, or risk-assessed, the exact thing
DFS now expects you to control.

"We just started using it" isn't a defense
when the obligation was already yours.

What we cover

Three exposures you've
probably already created.

Most agencies have all three right now without anyone ever
deciding to. Each is something a DFS examiner can ask you to
demonstrate.

Exposure 01 · AI you never approved

AI got switched on without a decision.

The AI features that quietly turned on in their CRM, email, and platforms via updates — AI they're already running on client data without a review.

Exposure 02 · Shadow AI & PII leaks

Your team is pasting client PII into public AI.

Staff dropping names, SSNs, policy details, and loan files into ChatGPT/Copilot/Gemini/Claude, sending personal information to servers no one vetted.

Exposure 03 · The security hole it opens

Every leak widens your attack surface.

The cybersecurity consequence: that data now sits outside their MFA, encryption, and logging. This is unseeable, unauditable, and capable of triggering DFS breach-notification obligations

What you'll leave with

Clarity on where you stand
and what to do next

No theory. Four concrete takeaways you
can act on the same week.

What DFS expects

A plain-English breakdown of what DFS now expects on AI under Part 500.

The examiner's questions

The exact questions an examiner is likely to ask and how to be ready.

A practical checklist

Acceptable use, training, vendor review, data handling, and incident response.

Where you stand

How to find out whether you're exposed before someone else forces the question.

"BUT, I can't attend the live session"

No problem, take the
checklist with you.

If you can't make it live, get the DFS AI Readiness Checklist
instead: the same framework the webinar walks through, in
‍a one-page self-audit you can run on your own time.
‍

- The questions an examiner is expected to ask, in order
- A quick acceptable-use & shadow-AI self-check
- A vendor-AI review prompt list you can hand to your
team

The DFS AI Readiness Checklist

PDF · self-audit · 1 page
‍

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

We'll send the PDF and the occasional Motiva insight. Unsubscribe anytime.

For attendees only

The webinar ends with
a complimentary Risk
Assessment

You can't manage a risk you haven't identified. We'll map your current posture
against exactly what DFS is looking for so you know where you stand before an
examiner does.

AI acceptable-use policy

Employee AI awareness

AI vendor risk review

Data handling standards

Risk-assessment documentation

Deep-fake & social engineering controls

Reserve my seat & claim assessment

Your speakers

Two perspectives most
agencies never hear
together.

The cybersecurity and compliance side and the legal, errors-and-omissions
side. Led by experts, not sales reps.

HOST

Walter Contreras

Cybersecurity practitioner · DFS-approved instructor · Motiva

For 25 years, Walter has helped New York insurance agencies, mortgage lenders, and financial firms strengthen cybersecurity, reduce operational risk, and meet NYCRR 500, without the confusion or overwhelm. A graduate of Columbia Business School, he doesn't run sales calls. He runs working sessions.

SPECIAL GUEST

Howard Kronberg, Esq.

The E&O attorney for the Big I

For 40 years, Howard S. Kronberg has defended New York insurance agents and brokers in errors and omissions (E&O) litigation and regulatory matters. A certified Big I continuing education lecturer and author of 30 E&O articles, he is a name New York agents already trust.

make sure you don’t miss it

Know where you stand before
an examiner does.

A focused, free session for NY insurance professionals. No pitch
just clarity on what DFS expects from your use of AI.

Free · Live online · Q&A included

Save your seat

🎟️ Every attendee gets a complimentary Risk Assessment mapped to what DFS expects.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

By registering you agree to be contacted about this event.

AI is already a DFS‍compliance risk.

Save your seat

TRUSTED ACROSS NEW YORK’S BEST

No problem, take thechecklist with you.

The DFS AI Readiness Checklist

Walter Contreras

Cybersecurity practitioner · DFS-approved instructor · Motiva

Howard Kronberg, Esq.

The E&O attorney for the Big I

Save your seat

AI is already a DFS
‍compliance risk.

No problem, take the
checklist with you.