Increasing regulations from state legislatures mean mortgage players should budget for more cybersecurity spending, according to Richey May.

The Federal Housing Administration last week formalized a 36-hour reporting requirement for cyber incidents, keeping it in line with guidelines by other federal and state financial agencies. Home loan companies will also have to comply with more consumer protections, such as a first-of-its-kind artificial intelligence law in Colorado. 

"I would expect in the mortgage space, a maybe 10% to 15% increase in their cyber spend year-over-year," said Michael Nouguier, chief information security officer and director of cybersecurity services at Richey May. "It's potentially something that's going to have to happen for them to comply and be secure."

The Denver-based company provides auditing, tax and cybersecurity services for mortgage companies and is working with its clients to prepare for the year ahead. Nouguier spoke with National Mortgage News about cybersecurity developments mortgage participants should watch for heading into the new year. 

This interview has been edited for length and clarity.