Newsroom
FFIEC guidance, layered security detailed for CUs
Romes explained key points in the FFIEC's recent guidance on online authentication. – NAFCU photo |
Dec. 15, 2011 – Periodic risk assessments addressing the online threat environment are a major focus of the Federal Financial Institutions Examination Council's latest guidance for authentication of those accessing accounts online, NAFCU webcast participants learned Wednesday.
The webcast, which featured computer security expert Randy Romes of LarsonAllen LLP, provided credit unions with an in-depth look at FFIEC guidance issued June 27. The guidance takes effect Jan. 1.
Romes discussed some of the risks tied to online accounts.Phishing and malware attacks, for example, are one way criminalsobtain members' usernames and passwords, which can then be usedto conduct wire transfers from members' accounts. To help combat this and other current online scams, the guidance says credit unions should conduct risk assessments each time there is a change in vendor or procedure related to their online systems. "It's an ongoing process," Romes said. He added the guidance also stresses the importance of using multiple factors and layering security methods for authenticating access to online systems.
Simple challenge questions are no longer acceptable as the only authentication method because it is too easy to get member information from websites such as Facebook or LinkedIn.com, he said.
Romes also highlighted the importance of educating credit union members about current online threats and encouraging business account holders to periodically check their end of the payments system for vulnerabilities.
Wednesday's webcast will be available on demand for six months. Romes will discuss the FFIEC guidance in greater detail at NAFCU's 2012 Technology and Security Conference set for Feb. 14-16 in Las Vegas. Early registration discounts for the conference end Jan. 6. Credit unions can also look forward to the January/February 2012 issue of The Federal Credit Union magazine for an article on the topic.
Share This
Related Resources
Add to Calendar 2024-03-26 09:00:00 2024-03-26 09:00:00 Ensuring Safety and Soundness with AI Listen On: Key Takeaways: [03:48] The regulators are very focused on fairness in lending especially when it comes to using AI and outside models. The industry is moving very fast. [08:25] Articulating a business use case and how partnering with a Fintech can support it is the first step in having a successful conversation with your board. [10:30] Talk to your account executive at your Fintech and have them help you overcome objections. [15:01] Plan for oversight. It is not set and forget it. Your regulators are going to want to know how you are overseeing that from a 3rd party risk management standpoint. [15:47] Have a handle on your reserves and capacity for lending and start small and grow slowly. Web NAFCU digital@nafcu.org America/New_York public
Ensuring Safety and Soundness with AI
preferred partner
Upstart
Podcast
Help Ease Your Members' Loan Payment Concerns
Planning, Auto Loans, Research
preferred partner
TruStage
Blog Post
The Value of Risk Management in Cybersecurity
preferred partner
DefenseStorm
Video
Add to Calendar 2024-03-13 14:00:00 2024-03-13 14:00:00 Digital Assets in Credit Unions: What Are the AML Risks? The digital asset boom is upon us. Like it or not, you have to deal with it effectively with your members, credit unions are on the frontlines of crypto adoption. Even the NCUA has been providing more and more guidance on different aspects of digital assets. You need to be prepared. How? By understanding the core basics of digital assets (specifically cryptocurrencies) the risks that it poses to credit unions and how you can be better prepared to handle issues when they arise. In this webinar, Understanding the Digital Assets Boom, you’ll focus on the basics of digital assets, a background of cryptocurrencies and types, the regulations that are established and the proposals that are being considered and how to position yourself to understand all of these components and include them in your day-to-day roles. Key Takeaways Comprehend the basics of digital assets including cryptocurrencies Understand currently established regulations and what the future has in store, specifically in 2024 Identify and remediate issues that arise in your credit union Register Now $295 Members | $395 Nonmembers(Additional $50 for USB)One registration gives your entire team access to the live webinar and on-demand recording until March 13, 2025Go to the Online Training Center to access the webinar after purchase » Who Should Attend NCCOs NCRMs Compliance and risk titles Education Credits NCCOs will receive 1.0 CEUs for participating in this webinar NCRMs will recieve 1.0 CEUs for participating in this webinar Web NAFCU digital@nafcu.org America/New_York public
Digital Assets in Credit Unions: What Are the AML Risks?
Credits: NCCO, NCRM
Webinar
Get daily updates.
Subscribe to NAFCU today.