New Jersey’s Dept. of Banking & Insurance Regulation 22-05 Compliance
All individuals and entities regulated by the New Jersey Department of Banking and Insurance must comply with NJ Regulation 22-05. This cybersecurity regulation sets minimum requirements for financial institutions, insurance companies, and all other NJDBI-licensed entities. Failure to comply can result in significant fines and enforcement action from the state.
Who Must Comply with NJ Regulation 22-05?
These verticals include, but are not limited to the following:
- Mortgage Lenders
- Insurance Companies
- Money transmitters
- Check Cashers
- Title Companies
- Consumer Finance Companies
- Travel Agencies
- Real Estate Brokers
- Pawnbrokers
- Investment companies
- Securities dealers
- Banks
- Credit unions
- Non-profit organizations (providing financial services)
Are You Exposed to Fines from the New Jersey Banking & Insurance Department?
Want to learn more about New Jersey’s NJDBI Regulation 22-05 cybersecurity requirements? When you speak with one of our cyber-compliance experts you will learn:
What cyber protection you must have.
How your employees are required to help protect you and your customers’ information.
If your network and data are REALLY protected from cybercriminals, ransomware and viruses who prey on your people and expose you to significant risk and fines.
If your protections are compliant with New Jersey law.
If your company currently meets the applicable compliance requirements of the New Jersey Banking & Insurance regulation 22-05 (a regulation that you MUST comply with!).
NJ Regulation 22-05 Compliance Requirements for 2026
As of 2026, NJ Regulation 22-05 remains a critical cybersecurity mandate for all entities licensed by the New Jersey Department of Banking and Insurance. The regulation requires covered entities to implement a formal cybersecurity program, designate a qualified individual to oversee it, and conduct periodic risk assessments to identify and address vulnerabilities.
Key requirements under NJ Regulation 22-05 include maintaining a written cybersecurity policy, implementing access controls and multi-factor authentication (MFA), encrypting nonpublic information in transit and at rest, and providing cybersecurity awareness training to all employees. Covered entities must also maintain an incident response plan and report cybersecurity events to the Commissioner of Banking and Insurance within 72 hours of discovery.
Recent Enforcement Updates and 2026 Compliance Deadlines
The NJDBI has continued to increase enforcement activity through 2025 and into 2026. Regulators are paying particular attention to third-party vendor management and whether covered entities have conducted and documented a current risk assessment. If your last assessment was performed before 2024, you are likely overdue for an update under the regulation’s annual review requirement.
With increasing ransomware attacks targeting NJ-licensed mortgage lenders, title companies, and insurance agencies, the NJDBI expects covered entities to demonstrate not just written policies but active, tested cybersecurity controls. eMDTec has helped dozens of NJ financial services firms complete their annual compliance assessments and remediate gaps identified by examiners.
How eMDTec Helps with NJ Regulation 22-05
Our team provides end-to-end cybersecurity services designed specifically for NJ-regulated financial entities. We conduct your initial gap assessment, help you build a compliant cybersecurity program, and provide ongoing managed security services to maintain your compliance year over year. We also assist with secure cloud infrastructure that meets the encryption and access control requirements of the regulation.
Whether you are a mortgage lender, insurance agency, check casher, or credit union in New Jersey, eMDTec can help you meet your obligations under NJ Regulation 22-05 and avoid costly fines. Contact us today for a free compliance consultation.
Sign Up for More Information
At eMDTec, our team of cybersecurity experts are here to help you understand the requirements imposed by New Jersey’s Dept. of Banking & Insurance and ensure you have the protections in place that are essential for your compliance. Sign up today to learn more about how we can help.