The New Y orkDepartment of Financial Services fined a crypto company $1.2 million for not conducting proper information security risk assessments and for using templated policies, without customizing them to fit the company.