Newsroom

Merchant data breaches are the greatest cyber-threat concern for credit unions, followed by third-party vendor breaches, according to NAFCU's latest Economic & CU Monitor, which is now available for download.

No credit union survey respondent said they are "not concerned" about their credit union's risk from merchant data breaches. The survey results also show that the percentage of respondents' overall operating budgets devoted to information technology/cybersecurity has nearly doubled over the past five years.

The majority of respondents (87.5 percent) also hold some form of cybersecurity insurance.

Nearly all credit union respondents (93.7 percent) reported that their institutions participate in some form of information sharing to keep pace with cybersecurity threats. Additionally, 87.5 percent said they have used either the Federal Financial Institutions Examination Council's cybersecurity assessment tool or NAFCU's easy-to-use, shareable version of that tool.

NCUA has also begun to incorporate the FFIEC's cybersecurity tool into its examinations. According to the survey results, on average, respondents said 19.4 percent of their most recent NCUA exams was devoted to cybersecurity. NCUA is continuing to train its examiners on cybersecurity assessments and develop a more robust exam protocol, which is expected to be formalized in late 2017.

Also in this month's Monitor, data show that member and loan growth are still near their highest levels in more than a decade. However, regulatory burden continues to stress the industry, with earnings declining from a year ago and a still-elevated industry consolidation rate. Also, due to an unevenly performing economy and the labor market being an area of strength, NAFCU expects the Federal Reserve to raise interest rates later this year.