IT Examination Resource Guide

The American Bankers Association released a guidebook and companion to the FFIEC IT Information Security Booklet, which reformats the exam booklet into a checklist with direct links to cross-referenced statutes, regulation and guidance. Passwords to access the blog posts, and blog posts are only for CSG owners and retained clients. These should not be shared outside of the organization. Blog … Read More

Customer-Authorized Financial Data Sharing and Aggregation

The CFPB released its outline of principles for protecting consumers when they authorize third party companies to access their financial data to provide certain financial products and services (think – digital wallets).  The principles are intended to help foster the development of innovative financial products and services, increase competition in financial markets, and empower consumers to take greater control of their … Read More

WA DCU Bulletin B-17-14 Website Accessibility and Compliance with the Americans with Disabilities Act

On July 25, the DCU released Bulletin B-17-14, reminding credit unions that their website should be accessible to persons with disabilities.  This was probably from the DOJ changing the rule making priority status on “Nondiscrimination on the Bases of Disability; Accessibility of Web Information and Service of Public Accommodations” to inactive on its most recent priorities update. *  *  * … Read More

Update to Cybersecurity Assessment Tool

The FFIEC released an update the the Cybersecurity Assessment Tool.  This update to the Assessment addresses changes to the FFIEC IT Examination Handbook by providing a revised mapping in Appendix A to the updated Information Security and Management booklets. The updated Assessment will also provide additional response options, allowing financial institution management to include supplementary or complementary behaviors, practices and … Read More

WA DCU Bulletin B-17-12 WannaCry Ransomware Exploit

The DCU released bulletin B-17-12 regarding the recent WannaCry Ransomware. WannaCry Ransomware Exploit As you probably are aware, a widespread ransomware campaign is affecting various organizations with reports of a large number of infections in many countries, including the United States. Currently, the latest version of this ransomware variant is recognized as WannaCry, WCry, or Wanna Decryptor. Per the United … Read More

dot creditunion

From CUNA News 03/28/2017: CUNA, with the generous support of CUNA Mutual Group and CO-OP Financial Services, was able to secure the rights to the .creditunion domain from the Internet Corp. for Assigned Names and Numbers (ICANN). Beginning this summer, credit unions will be able to register and use a .creditunion domain name of their choice to serve as a … Read More

NASCUS Cybersecurity Symposium

On March 24, the DCU published bulletin B-17-09 regarding the NASCUS Cybersecurity Symposium June 5-6 in San Diego, CA.  The bulletin is reprinted below. NASCUS Cybersecurity Symposium, June 5-6, 2017 Make plans to attend the NASCUS Cybersecurity Symposium San Diego, CA Division of Credit Unions (DCU) encourages credit unions to continue training on cybersecurity. While there are many resources available … Read More

Oregon – Proposed HB 2581 Access Device and Security Breaches

Proposed House Bill 2581 would require a person that possesses or has access to account information to report breach of security to the financial institution that issued financial access device.  Person includes:  an individual, a private or public corporation, partnership, cooperative, association, estate, limited liability company, organization or other entity. The Bill proposes to: Require a person to safeguard account … Read More

ADA Website Accessibility Tools

The Department of Justice recently published an “ADA Best Practices Tool Kit,” which includes website accessibility guidance and a checklist that can be used to verify compliance with the Americans with Disabilities Act. While the tool kit is primarily geared toward state and local governments, which are governed by Title II of the ADA, it will be helpful to banks … Read More

Website Compliance Exams

The Washington State DCU plans on restarting to conduct website compliance exams beginning mid-December.  These exams will not be performed in conjunction with regular safety and soundness examinations, nor will there be giving a separate website compliance rating. Examiner’s concerns and findings will be included in a separate website compliance exam report. The exam report will be brief in nature … Read More