NCUA Reminds CUs of Compliance Deadline for Internet Authentication

NCUA issued Letter to Credit Unions 06-CU-13 to remind credit unions that the deadline for compliance with Internet authentication is looming at year-end.

By Staff Writer | August 22, 2006 at 08:00 PM

WASHINGTON — NCUA issued Letter to Credit Unions 06-CU-13 to remind credit unions that the deadline for compliance with Internet authentication is looming at year-end.

The agency issued Guidance on Authentication in Internet Banking (Letter to Credit Unions 05-CU-18) in November 2005, which direct credit unions providing Internet-based services to determine whether appropriate methodologies and technologies are in place to authenticate members.

"Credit unions providing Internet-based services to members should complete a risk assessment of those products and services to determine if high-risk transactions are performed. High-risk transactions are defined as access to member information or the movement of funds to other parties," the letter read.

Recommended For You

In evaluating risk, credit unions should look at member transactional capabilities; the sensitivity of the member information being communicated to both the credit union and the members; the ease of using the communication method; and the volume of transactions, at a minimum.

The letter stated, "NCUA considers single-factor authentication, as the only control mechanism to authenticate members, to be inadequate for high-risk transactions." If there are high-risk transactions occurring and only single-factor authentication, then additional controls must be implemented. "Those controls can be multifactor authentication, layered security, or other controls reasonable to mitigate the risk," according to the letter.

Credit unions must also have a monitoring system in place to seek out unauthorized access to computer systems, as well as a plan for reporting to local law enforcement, NCUA, and members, as warranted.

NCUA also said that credit unions need to initia- te programs to provide fraud prevention education to members.

The Federal Financial Institutions Examination Council has released frequently asked questions, included with NCUA's letter, to aid in the implementation of the interagency guidance on Authentication in an Internet Banking Environment.

NOT FOR REPRINT

1 8 of the Year’s Biggest Credit Union Charitable Donations

2 12 CU Professionals Celebrate Big Moments in Their Careers

3 Lawmakers Demand Investigation Into NCUA Board Operations Following Firings

4 Lawsuit by Ousted NCUA Board Members Advances, Judge Sets Briefing Schedule

5 NCUA Liquidates Unilever Federal Credit Union Due to Insolvency

Workers' Compensation Risk Management Award for Excellence Nominations
May 05, 2025 - Nomination Deadline

The 2025 Workers Comp Risk Management Award for Excellence honors outstanding loss control, safety and return-to-work programs.
More Information
Insurance
BenefitsPRO Broker Expo 2025
May 06, 2025 - Boston

The premier educational and networking event for employee benefits brokers and agents.
More Information
Consulting
Consulting Top Consultants 2025
June 26, 2025 - New York

Consulting Magazine identifies consultants that have the biggest impact on their clients, firms and the profession.
More Information