WASHINGTON – NCUA recently issued two Letters to Credit Unions dealing with securing transactions in cyber space. In a letter focused on authentication in electronic banking, NCUA advised CUs to review authentication guidance recently issued by the Federal Financial Institutions Examination Council (CU Times, August 22). “Member interaction with credit unions is migrating from paper-based transactions to remote electronic access and transaction initiation. This migration increases the risk of doing business with unauthorized or incorrectly identified parties that could result in financial loss or reputation to the credit union,” NCUA stated in the letter. To mitigate this risk, NCUA stated that “an effective authentication program should be implemented across a CU’s operations and the level of authentication used in a particular application should be appropriate to the level of risk in that application.” Methods outlined by the FFIEC for doing this, and echoed by NCUA, include the following: * An enterprise-wide assessment of the risk posed by the CU’s electronic banking systems; * Utilizing reliable methods to verify the identity of members during the account origination process, and authenticating members before granting access to online banking; * Authentication system should include auditing and monitoring features that can help detect fraud; * The CU’s authentication process should be reviewed periodically in light of changing or new risks. In another letter to CUs, NCUA focused on helping CUs develop a written security program as mandated by NCUA Rules and Regulations Part 748. NCUA stressed that the size of a CU isn’t a factor in securing electronic data. “Regardless of the size of your credit union, you must address the security of its systems and the data which resides on, or is transmitted across, those systems. Two credit unions of significantly different asset sizes, which provide services via the Internet, face and must deal with the same risks associated with that service,” NCUA stated. -firstname.lastname@example.org
The disruption could introduce new risks into the system by compelling banks to loosen lending standards and take on greater risk.
The CDFI awards support to developers, renters and buyers.
Without email authentication standards, hackers don’t need to compromise accounts to send emails that impersonate FIs.
Sponsored by Epic River
Learn how your credit union can onboard new sources of deposit revenue from hospital systems and healthcare providers in your community with the strategy outlined in this white paper.
Sponsored by Finastra
Taking the first step towards a complete digital mortgage experience can be the hardest. Learn six strategic steps to start your credit union’s journey today.
Credit Union Times
Don’t miss crucial strategic and tactical information necessary to run your institution and better serve your members. Join Credit Union Times now!
- Free unlimited access to Credit Union Times' trusted and independent team of experts for extensive industry news, conference coverage, people features, statistical analysis, and regulation and technology updates.
- Exclusive discounts on ALM and Credit Union Times events.
- Access to other award-winning ALM websites including TreasuryandRisk.com and Law.com.
Copyright © 2019 ALM Media Properties, LLC. All Rights Reserved.