Cybersecurity Compliance

Cybersecurity is a systemic risk that affects all levels of business, government and ordinary people. It is such a high risk area for credit unions that the National Credit Union Administration (NCUA) placed cybersecurity as a top focus for 2016 exams. As the cybersecurity world continues to evolve, it's important that your credit union is prepared for possible threats. Be proactive and shield your credit union from the ever-changing cybersecurity universe now.

Below you'll find credit union resources for cybersecurity compliance, including an interactive cybersecurity assessment tool, insightful blog posts, articles and webcasts, to help you stay on top of this evolving issue. (Resources marked by * are member-only. If you are not a NAFCU member, learn more about membership.)

FFIEC Cybersecurity Workbook ScreenshotCharts & Guides

Download PDFNAFCU FFIEC Cybersecurity Assessment Tool Workbook*
An editable, self-tallying file that allows credit unions to self-test cyber risk and readiness in a shareable format with a visual result. Updated December 2017 to reflect changes in the FFIEC IT Examination Handbook.

Download PDF[SAMPLE] NAFCU FFIEC Cybersecurity Assessment Tool Workbook
Not a NAFCU member? Download a sample workbook to calculate your credit union's inherent risk profile for delivery channels and cybersecurity maturity for threat intelligence and collaboration.

FinCEN Cyber Threats Advisory (October 25, 2016)

FinCEN FAQs Regarding the Reporting of Cyber-Events, Cyber-Enabled Crime, and Cyber-Related Information through Suspicious Activity Reports (October 25, 2016)

Blockchain Use-Case and Regulation (November 30, 2017)


An Introduction to Hyperledger and Blockchain*

The Before and After of the Equifax Breach*

FFIEC 2016 Updates to the IT Handbook*

Data Security Breaches at the Hands of Retailers, But at the Expense of Credit Unions: A Review of Current Litigation and Legislation*

FFIEC Updates the Management Section of the IT Handbook*

Getting a Head Start on Cybersecurity Exam Preparation*

Cyber Ready

Subscribe to NAFCU's Compliance Cyber Café member enewsletter to get compliance updates on the latest cybersecurity issues.

Upcoming Conferences

Risk Management Seminar
Grand Hyatt Denver | Denver, Colorado | July 24-26, 2017

Regulatory Compliance School
Westin San Diego | San Diego, California | October 9-13, 2017

Regulatory Compliance Seminar
Westin San Diego | San Diego, California | October 10-13, 2017

Online Training

NAFCU Compliance Blog Posts

Follow all Cybersecurity-related blog posts on The NAFCU Compliance Blog