CO-OP Financial Services, the payment CUSO parent of the CO-OP Network and CO-OP Shared Branching, has issued a statement supporting FIS in the wake of a critical supervisory letter from federal regulators that the processor has received and NCUA has forwarded to credit unions.
The March 16 NCUA letter urged credit unions to examine their vendor relationship with the processor in light of the supervisory letter that the agency enclosed but, after stressing that its operations were unaffected by the breach, CO-OP expressed confidence in the firm.
“FIS was the victim of a publicly-disclosed cyber-attack in early 2011 against a client of one of its prepaid card programs,” the CUSO, which is a partner with FIS in several areas, wrote on April 10. “CO-OP’s EFT and shared branching systems are operated under the direction of CO-OP and they were not involved in the 2011 incident.”
CO-OP also revealed more direct information about FIS' response to the breach than FIS has. According to CO-OP, “FIS has taken action in three areas: personnel, including a new executive-level Chief Information Security Officer; PCI Re-certification and enhanced information security measures,” adding “[w]e support FIS in their efforts to address these issues and feel their changes will benefit in the long term our relationship even though there was no impact to CO-OP-related business."
