Each year credit unions are faced with more challenges to create greater value for members and compete with other financial institutions as the cost of doing business increases overall. These challenges have heightened in the current market where financial giants continue to fail and consumers start to look at community-based credit unions to be a better source for banking. At the same time, credit union executives are burdened with developing and maintaining new compliance standards, including the Fair and Accurate Credit Transaction Act of 2003 Section 114, with a mandatory compliance date of Nov. 1. However, there are ways to reduce the weight of this new compliance initiative and leverage it to the credit union’s advantage.
Credit unions must take four actions to become fully compliant with the Red Flag regulations: identify Red Flags for accounts and incorporate them into the program; detect Red Flags that have been incorporated; respond to any Red Flags to detect and mitigate identify theft; and ensure the program is updated periodically.
A Red Flag is a pattern, practice or specific activity that indicates the possible existence of identity theft. Overall, this means that every credit union must put processes in place to take member information and verify it against existing data at the point of the transaction. On the back end, the data has to be updated during the entire life of the program.
The new regulations have broad standards for what they consider to be full compliance. In fact, many credit unions may already have processes in place that meet some or even all of the standards required. The key to creating a comprehensive plan is to conduct an internal assessment with all of the stakeholders: representatives from legal, compliance, fraud and information technology. Once all of the decision makers have gathered, they can agree on a foundation for the plan, an identity management process with account opening and funding technology that meets compliance criteria.
Obtaining and verifying identification of members during the account opening and funding process is not new to credit unions. FACTA builds upon that by listing 26 types of activity that should signal possible identify theft.
The account opening and funding process should be fully automated with identification verification and monitoring capabilities that flag all of the aforementioned activities. It is important for credit unions to ensure that these capabilities can be specific to the safeguards that they deem necessary to retain a high level of vigilance, since different sizes of institutions have different monitoring processes. The technology can also be deployed online, in the branch or at the call center, safeguarding all channels for the credit union and its members.
Currently, less than 5% of financial institutions use fully automated account opening and funding processes. As a result, most credit unions are completing some of their account opening and funding process steps manually. These credit unions continue to mix manual processes with automated technology as they work to comply with all of the FACTA rules. However, continuing with manual entry risks data being mishandled or required steps being neglected, resulting in failure to comply. Instead, the best approach is to automate all actions items, from setting up new deposit accounts to completing credit card and loan applications. This will not only ensure that the identity fraud detection and prevention is consistent but also that it is not labor intensive and fully auditable.
According to a survey conducted by Information Security Media Group, half of all financial institutions will not make the Nov. 1 FACTA compliance deadline. If a credit union has not deployed a fully automated account opening process powered with the right technology, it will fall behind the rest of the industry. In the short term, credit unions can perform compliance work manually, but in the long term credit unions must have commitment from executives to identify the right technology partner and create a phased approach to deployment of an account opening solution that includes full identity verification and consistent monitoring with the required reporting.
Due to the current fallout in the credit markets, credit unions can expect that new risk-related regulations will be a high priority on the legislative agenda over the course of the next one to two years. Regulators are going to require greater transparency in standard processes, which will likely call for a new level of documentation and accountability. This means that automation, accountability, the ease of performing internal and external audits and the cost of compliance must remain in the forefront of credit union strategic planning. Given today’s environment, these improvements not only better a credit union’s ability to stay in business, but also lead to a competitive advantage.
As credit unions make the necessary changes to meet the requirements of FACTA and prepare for additional compliance regulations that will target financial institutions, executives must focus on process improvement, efficiency, quality, cost reduction and ongoing staff education and training. Finally, it is critical to select account opening technology with identity management and a deployment timeline that best fits the credit union and its members.
Dinesh Sheth is the CEO of Memphis-based uMonitor-Parsam Technologies. He may be reached at 901-757-1212 or firstname.lastname@example.org