New York’s banking regulator may start to crack down on financial institutions in a few weeks, when many of them must be in full compliance with first-in-the-nation financial sector cybersecurity rules, attorneys told Bloomberg Law.

State-registered financial institutions, such as Equifax Inc., the Bank of New York Mellon Corp., and American Express Banking Corp., have until Feb. 15 to certify that they’re complying with the New York Department of Financial Services’ cybersecurity rules.

The rules also cover insurance companies, charities, mortgage brokers, and some foreign banks registered in the state, attorneys said.

Banks, mortgage brokers, and credit reporting bureaus face...