The American Bankers Association released a guidebook and companion to the FFIEC IT Information Security Booklet, which reformats the exam booklet into a checklist with direct links to cross-referenced statutes, regulation and guidance. Passwords to access the blog posts, and blog posts are only for CSG owners and retained clients. These should not be shared outside of the organization. Blog … Read More
Customer-Authorized Financial Data Sharing and Aggregation
The CFPB released its outline of principles for protecting consumers when they authorize third party companies to access their financial data to provide certain financial products and services (think – digital wallets). The principles are intended to help foster the development of innovative financial products and services, increase competition in financial markets, and empower consumers to take greater control of their … Read More
WA DCU Bulletin B-17-14 Website Accessibility and Compliance with the Americans with Disabilities Act
On July 25, the DCU released Bulletin B-17-14, reminding credit unions that their website should be accessible to persons with disabilities. This was probably from the DOJ changing the rule making priority status on “Nondiscrimination on the Bases of Disability; Accessibility of Web Information and Service of Public Accommodations” to inactive on its most recent priorities update. * * * … Read More
Update to Cybersecurity Assessment Tool
The FFIEC released an update the the Cybersecurity Assessment Tool. This update to the Assessment addresses changes to the FFIEC IT Examination Handbook by providing a revised mapping in Appendix A to the updated Information Security and Management booklets. The updated Assessment will also provide additional response options, allowing financial institution management to include supplementary or complementary behaviors, practices and … Read More
WA DCU Bulletin B-17-12 WannaCry Ransomware Exploit
The DCU released bulletin B-17-12 regarding the recent WannaCry Ransomware. WannaCry Ransomware Exploit As you probably are aware, a widespread ransomware campaign is affecting various organizations with reports of a large number of infections in many countries, including the United States. Currently, the latest version of this ransomware variant is recognized as WannaCry, WCry, or Wanna Decryptor. Per the United … Read More
dot creditunion
From CUNA News 03/28/2017: CUNA, with the generous support of CUNA Mutual Group and CO-OP Financial Services, was able to secure the rights to the .creditunion domain from the Internet Corp. for Assigned Names and Numbers (ICANN). Beginning this summer, credit unions will be able to register and use a .creditunion domain name of their choice to serve as a … Read More
NASCUS Cybersecurity Symposium
On March 24, the DCU published bulletin B-17-09 regarding the NASCUS Cybersecurity Symposium June 5-6 in San Diego, CA. The bulletin is reprinted below. NASCUS Cybersecurity Symposium, June 5-6, 2017 Make plans to attend the NASCUS Cybersecurity Symposium San Diego, CA Division of Credit Unions (DCU) encourages credit unions to continue training on cybersecurity. While there are many resources available … Read More
Oregon – Proposed HB 2581 Access Device and Security Breaches
Proposed House Bill 2581 would require a person that possesses or has access to account information to report breach of security to the financial institution that issued financial access device. Person includes: an individual, a private or public corporation, partnership, cooperative, association, estate, limited liability company, organization or other entity. The Bill proposes to: Require a person to safeguard account … Read More
ADA Website Accessibility Tools
The Department of Justice recently published an “ADA Best Practices Tool Kit,” which includes website accessibility guidance and a checklist that can be used to verify compliance with the Americans with Disabilities Act. While the tool kit is primarily geared toward state and local governments, which are governed by Title II of the ADA, it will be helpful to banks … Read More
Website Compliance Exams
The Washington State DCU plans on restarting to conduct website compliance exams beginning mid-December. These exams will not be performed in conjunction with regular safety and soundness examinations, nor will there be giving a separate website compliance rating. Examiner’s concerns and findings will be included in a separate website compliance exam report. The exam report will be brief in nature … Read More