Activity – As of June 30, 2012, credit unions will be required to use e-filing to submit CTRs, via the FinCEn website. Because CU*BASE does not support e-filing yet, in the meantime credit unions will print a CTR generated by CU*Base and manually re-enter the information into the e-filing system. Solution – CU*Answers is working […]
News
8. Enterprise Risk Management
Activity – ERM is not a new acronym in the financial institution industry. In 2003, the NCUA issued a letter to credit unions outlining the seven primary risks associated with running a credit union and went on to change the exam structure to a new risk-focused process. However, developing an ERM program with a n […]
9. Wire Transfer Enhancements for Fraud Prevention
Updated: May 14th, 2013 We are considering six potential additions to stave off future losses including the following: Add a call to the wire transfer outgoing screen for red flag warning the user that address changes have occurred in the last thirty days Check on deposits made to the account in the last 14 days […]
10. Expanding Enterprise Risk management with Additional 5300 Call Report Ratios
We are planning to add 30+ new ratios to the 5300 Call Report Ratios dashboard in phases over the next few development years. In addition to the Canary* ratios listed below, the first phase of the project will include a “category” assigned to each ratio that defines the level of risk. Ratios to be added […]
Remittance Transfers Final Rule released…..Again
On April 30, 2013 the CFPB issued the final Remittance Transfer Rule amending subpart B of Regulation E. This final rule modifies the final rules issued in February, July and August 2012. The rule: 1. Modifies the 2012 Final Rule to make optional, in certain circumstances, the requirement to disclose fees imposed by a designated […]
DDoS Risk Assessments
The NCUA in the 13-Risk-01 Letter to Credit Unions, Mitigating Distributed Denial-of-Service Attacks, discussed DDoS and managing DDoS risk. This white paper will focus on what DDoS is and what you can do as a credit union to protect yourself, as well as prepare for examinations. 2013-4-29 DDoS Assessment Whitepaper – FINAL
Credit Union Liability for Security Breaches and Consumer Notification
The following three whitepapers can help a credit union understand their liability for a security breach under Uniform Commercial Code 4A (UCC 4A), negligence theories, and consumer notification. Reading these in order (SM001, 002, and 003) will provide the reader with a better understanding of the entire picture regarding credit union liability for security breaches. […]
March 27, 2013 Webinar
Thank you to everyone who joined us last Wednesday for the Concentration Risk and Abnormal Activity Monitoring Best Practice webinar. As promised, I have attached the PowerPoint presentation. Concentration Risk and abnormal activity montitoring 3-27
Responding to NCUA Risk Alert 13-Risk-01 for Managing Distributed Denial-of-Service Attacks
In February 2013, the NCUA published a risk alert advising credit union CEOs and boards of directors on steps they should take to evaluate risks associated with Distributed Denial-of-Service (DDoS) attacks. The risk alert addresses three strategies for mitigation: Performing risk assessments to identify risks associated with DDoS attacks Ensuring that incident-response programs include a […]
FFIEC Releases Social Media Guidence Letter
The FFIEC has released a proposed Social Media Guidance document for public comment. Credit unions should be aware that if this guidance is released in final form, it is likely that the NCUA will adopt this document and require compliance with the guidance. The content and our opinion of the document can be summarized as […]