NCUA Advises on Wireless Technology Risks

ALEXANDRIA, Va.-NCUA released a Letter to Credit Unions (03-CU-03) in March providing credit unions with guidance on managing risks associated with wireless technology. While wireless technology may be a money saving measure for some credit unions and increase member accessibility, it can also increase a credit union’s risk exposure. In implementing technological improvements, credit unions can run into strategic risk (adverse business decisions, poor implementation); transactional risk (fraud, error, system reliability issues); compliance risk (law and regulations, prescribed practices, policies and procedures); and reputation risk due to inadequate management of the above risks. To mitigate those risks, NCUA recommended: 1) reviewing NCUA’s Letter to Credit Union 01-CU-11 regarding electronic data security available at NCUA’s Web site (www.ncua.gov), which outlines regulatory requirements and implementation of a security program; 2) studying the Attachment to the Federal Deposit Insurance Corporation’s Financial Institution Letter FIL-8-2002 Wireless Networks and Customer Access, which is just as applicable to credit unions as banks; and 3) examining the National Infrastructure Protection Center’s “Best Practices for Wireless Fidelity (802.11b) Network Vulnerabilities” publication, which is highly technical in nature and best suited for individuals responsible for technical planning, implementation and evaluation of wireless technology.