Changeflow GovPing Banking Enforcement Bayview Fined $20M for Cybersecurity Lapses
Urgent Enforcement Amended Final

Bayview Fined $20M for Cybersecurity Lapses

Favicon for flofr.gov FL OFR Press Releases
Filed January 8th, 2025
Detected February 12th, 2026
Email

Summary

The Office of Financial Regulation and 52 state agencies fined Bayview Asset Management and its affiliates $20 million for deficient cybersecurity practices and failure to cooperate following a data breach impacting 5.8 million customers. The companies must also implement corrective actions and undergo independent assessments.

View original document View source feed page

What changed

The Office of Financial Regulation (OFR) and 52 state financial regulatory agencies have imposed a $20 million penalty on Bayview Asset Management LLC and its affiliates (Lakeview Loan Servicing, Community Loan Servicing, and Pingora Holdings). This enforcement action stems from findings of deficient cybersecurity practices and a failure to fully cooperate with state regulators during an examination following a data breach that affected approximately 5.8 million customers. The settlement also mandates corrective actions, improvements to cybersecurity programs, independent assessments, and three years of additional reporting to state regulators.

Financial services companies, particularly those handling large amounts of customer data, must ensure their cybersecurity programs meet state and federal requirements and that they cooperate fully and promptly with regulatory examinations. Failure to do so can result in significant financial penalties and reputational damage. Bayview's settlement includes specific requirements for enhanced security measures and ongoing reporting, highlighting the need for robust compliance frameworks and proactive risk management in the financial sector. While no specific compliance deadline for the corrective actions is detailed, the ongoing reporting requirement implies a continuous obligation.

What to do next

  1. Review and enhance cybersecurity programs to meet state and federal requirements.
  2. Ensure timely and complete cooperation with regulatory examinations.
  3. Implement mandated corrective actions and undergo independent cybersecurity assessments.

Penalties

$20 million penalty

Source document (simplified)

$20 Million Fine Levied Against Bayview Companies

01/08/2025

Tallahassee, Fla. – Today, the Office of Financial Regulation (OFR) and 52 state financial regulatory agencies announced a coordinated enforcement action against Bayview Asset Management LLC, and three of its affiliates, Lakeview Loan Servicing, Community Loan Servicing, and Pingora Holdings, for deficient cybersecurity practices and failing to fully cooperate with state regulators following a data breach that impacted 5.8 million customers.

In addition to the $20 million penalty, the Bayview companies have agreed to take specified corrective actions, improve cybersecurity programs, undergo independent assessments, and provide three years of additional reporting to state regulators.

“Today’s action highlights the need for financial services companies to take seriously their customer data safety responsibilities,” said Commissioner Russell C. Weigel, III. “The Office of Financial Regulation will continue to work tirelessly with our partners to protect Floridians and ensure the integrity of Florida’s financial services market.”

The multistate effort found that the Bayview companies’ information technology and cybersecurity practices did not meet state or federal requirements. Further, the Bayview companies delayed the supervisory process by failing to comply with state requests in a timely or complete manner in the early stages of the examination.

Florida residents with questions about the settlement should contact the OFR at (850) 487-9687. Floridians can also visit www.flofr.gov to verify that a financial services company is licensed to do business in Florida and view past enforcement actions.

Back to Press Releases

Related changes

Favicon for www.dol.gov OSHA Cites Contractor After Fatal Electrocution and Worker Injuries
Urgent Mar 14, 2026 DOL News Releases Labor Regulation
Favicon for leg.colorado.gov Colorado Bill on Legacy Giving to Charities
Priority review Mar 14, 2026 CO Legislature Bill Search Legislation
Favicon for leg.colorado.gov Colorado Bill Funds Memorials on State Capitol Grounds
Routine Mar 14, 2026 CO Legislature Bill Search Legislation
Favicon for www.fca.org.uk FCA bans Kasim Garipoglu from UK financial services
Urgent Mar 14, 2026 FCA News & Press Releases Government
Favicon for www.find-tender.service.gov.uk VAT Advisory Services Tender Award Notice
Routine Mar 14, 2026 Find a Tender - Latest Notices Trade Procurement
Favicon for www.apra.gov.au APRA Statement on Gender Pay Gap
Routine Mar 13, 2026 news-and-publications Government

Source

Favicon for flofr.gov
FL OFR Press Releases flofr.gov/news/press-releases
Banking Enforcement
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Various Federal Agencies
Filed
January 8th, 2025
Instrument
Enforcement
Legal weight
Binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Financial advisers Insurers
Geographic scope
National (US)

Taxonomy

Primary area
Financial Services
Operational domain
Compliance
Topics
Cybersecurity Data Privacy

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Banking Enforcement alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when FL OFR Press Releases publishes new changes.

Free. Unsubscribe anytime.