SCOTTSDALE, Ariz. — Credit unions unsure how to meet regulatory requirements concerning risk, data protection and privacy are often turning to technology for help.

That's one conclusion in "The Cornerstone Report: Benchmarks and Best Practices for Credit Unions," recently issued by Cornerstone Advisors (www.crnrstone.com.)

The 126-page report focuses on 10 different areas of a credit union's operation–from corporate administration and wealth management to information technology and enterprise risk management–and is based on metrics from more than 60 participating credit unions and nearly 100 mid-size banks.

Recommended For You

Twenty credit unions served on the advisory board that helped plan the study, ranging in size from $3.7 billion Wescom Credit Union to $354 million Vermont State Employees Credit Union.

Concerns over enterprise risk management are driving sales for technology solutions needed to comply with fraud detection, Bank Secrecy Act, anti-money laundering and member authentication regulations, the report says. Uncertainty is another major factor.

"Regulatory guidance on how to comply with managing the many forms of risk that credit unions face has been weak at best," the report says. "Technology is often seen by credit unions as a temporary answer in the absence of solid operating and risk assessment advice from the regulatory community." Fully 91% of the respondents have deployed an automated trace analytic system for Bank Secrecy Act and anti-money laundering purposes. Thirty-four respondents also provided details of their primary fraud detection system, with the most commonly used vendors including Falcon, eFunds/Chex Systems, Primary Payment Systems and Jack Henry's Yellow Hammer.

People also need to be put on the job, and "in lockstep with regulatory scrutiny, credit unions have been hiring personnel to help them stay in compliance," but not at the same rate as the responding banks, the study found.

For instance, 30% of responding banks have a chief risk officer compared to only 13% of credit unions. Size seems to be the determining factor, the report says. Only two of the responding credit unions of less than $1 billion in assets had a chief risk officer, while 12 had an information security officer.

"Given the current regulatory climate, Cornerstone expects to see the percentage of credit unions that have a chief risk officer and an information security officer to climb dramatically in the future, and these positions will be present at increasingly smaller credit unions," the report said.

Making such hires "as soon as credit union and size allow" is one of the best practices the consultancy recommends in the area of enterprise risk management.

That senior manager then could help the credit union deal with "inconsistent regulatory guidance regarding the need for and details of technology for risk management."

The report said a chief risk officer also could help the credit union avoid this trap: "Do not confuse the purchase of technology with regulatory compliance. Detailed, documented risk assessments should be considered as important as technology to help the credit union comply with risk-management solutions." –[email protected]

NOT FOR REPRINT

© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more inforrmation visit Asset & Logo Licensing.