News

DDoS Risk Assessments

The NCUA in the 13-Risk-01 Letter to Credit Unions, Mitigating Distributed Denial-of-Service Attacks, discussed DDoS and managing DDoS risk.  This white paper will focus on what DDoS is and what  you can do as a credit union to protect yourself, as well as prepare for examinations. 2013-4-29 DDoS Assessment Whitepaper – FINAL

Credit Union Liability for Security Breaches and Consumer Notification

The following three whitepapers can help a credit union understand their liability for a security breach under Uniform Commercial Code 4A (UCC 4A), negligence theories, and consumer notification.  Reading these in order (SM001, 002, and 003) will provide the reader with a better understanding of the entire picture regarding credit union liability for security breaches. […]

March 27, 2013 Webinar

Thank you to everyone who joined us last Wednesday for the Concentration Risk and Abnormal Activity Monitoring Best Practice webinar.  As promised, I have attached the PowerPoint presentation. Concentration Risk and abnormal activity montitoring 3-27

Responding to NCUA Risk Alert 13-Risk-01 for Managing Distributed Denial-of-Service Attacks

In February 2013, the NCUA published a risk alert advising credit union CEOs and boards of directors on steps they should take to evaluate risks associated with Distributed Denial-of-Service (DDoS) attacks. The risk alert addresses three strategies for mitigation: Performing risk assessments to identify risks associated with DDoS attacks Ensuring that incident-response programs include a […]

FFIEC Releases Social Media Guidence Letter

The FFIEC has released a proposed Social Media Guidance document for public comment.  Credit unions should be aware that if this guidance is released in final form, it is likely that the NCUA will adopt this document and require compliance with the guidance. The content and our opinion of the document can be summarized as […]

NCUA Supervisory Focus Letter for 2013

The NCUA has released their Supervisory Focus Letter for 2013.  Headlining the letter are concerns by the NCUA about information security and fraud detection.  Prior to an examination, management and the board of directors should review controls in CU*BASE regarding employee security, online banking security, and abnormal activity monitoring.  In addition, the NCUA still has […]

CU*Answers Releases New Retention Dashboard in GOLD

CU*Answers announced another data mining dashboard was included in the Fall release of CU*BASE® GOLD revolving around the retention rates of both membership and sub-accounts. The release allows credit unions to understand the decay rates based upon the year the accounts are opened. The new dashboard was originally intended to provide credit union executives the […]

Network Compliance Teacher Celebrates First Year

AuditLink has recently launched its’ fourth edition of their Network Compliance Teacher (NCT) magazine.  NCT is a collaboration of compliance professionals that span coast to coast.  Originally intended to be authored by CU*Answers clients, NCT 2013 goal is to open its pages beyond the CU*Answers client base and invite other firms that support the compliance […]