Compliance Blog

Never underestimate the value of attending a conference.  You get to pick up great tips from smart people, like Andy Keeney, a credit union attorney with Kaufman and Conoles.  (A Virginia-based law firm.)   Here's Andy's bio.
 
Andy mentioned the following.  Apparently, there are certain bankruptcy attorneys that are filing numerous lawsuits against credit unions and other creditors for discrepancies in credit reports.  The problem stems from the way that some credit unions are handling charge-off data.  Because the credit union is reporting (i.e., coding) the debt amount as “charged off” as opposed to “discharged in bankruptcy,” the debtor is asserting that the CU has frustrated his or her “fresh start,” in violation of bankruptcy laws.  Apparently there are a number of debtor attorneys who are filing these lawsuits against creditors in large numbers with the intent that the creditor will simply settle the case quickly, typically for around $3,500.  Andy wanted to bring attention to this growing problem as credit unions are seemingly being targeted by a few attorneys.

Thanks, Andy!

***

This FTC news item caught my eye.  In short, a mortgage company got slammed by the FTC for not adequately managing a third party's access to sensitive customer data.  The issue is a blend of privacy concerns and third party due diligence.  While the FTC does not examine FCUs for privacy compliance, this paragraph REALLY caught my eye.

The FTC complaint also alleges that Premier violated Section 5 of the FTC Act and the Privacy Rule by failing to live up to its own privacy policy, which claimed: “We take our responsibility to protect the privacy and confidentiality of customer information very seriously. We maintain physical, electronic, and procedural safeguards that comply with federal standards to store and secure information about you from unauthorized access, alteration and destruction. Our control policies, for example, authorize access to customer information only by individuals who need access to do their work.”

How many of you have read your privacy policy recently?  How many of you have a similar paragraph?