NAFCU writes to NCUA on proposed cyber incident reporting rule
NAFCU Senior Counsel for Research and Policy Andrew Morris wrote to the NCUA to offer recommendations on the agency’s proposed rule establishing a 72-hour period for credit unions to provide notice of a reportable cyber incident.
In the letter, Morris stated the proposed 72-hour timeframe to report a cyber incident to the NCUA would likely increase “administrative burden” for credit unions. To ease the burden of this rule, NAFCU gave nine recommendations:
- recognize a compliance safe harbor for a credit union that makes good faith efforts to perform a reasonable assessment of a cyber incident;
- clarify core terminology;
- streamline communication with supervisory teams;
- clarify the relationship between overlapping reporting standards;
- avoid conflict with current and future cyber incident reporting requirements;
- recognize a credit union has the final say to report any third-party cyber incident;
- calibrate reporting thresholds to avoid requiring a credit union to report incidents that happen outside the credit union’s domain;
- ensure proper coordination exists with other federal regulators; and
- clearly state that any cyber incident notifications given to the NCUA are confidential.
NAFCU believes these recommendations would improve clarity and reduce overlap if the NCUA decides to proceed with a final rule. The association also requests the agency use the information it collects from credit unions to “improve the security and resilience of the industry,” as well as hold more cybersecurity briefings for credit unions.
NAFCU will continue to engage the NCUA and update credit unions on the latest from the agency.
Add to Calendar 2023-12-07 14:00:00 2023-12-07 14:00:00 BSA Back to Basics: CTR and SAR Filings From identifying when Bank Secrecy Act (BSA) regulations require filing a currency transaction report (CTR) and suspicious activity report (SAR) to learning how to tactically complete those forms, in this back-to-basics webinar, you’ll evaluate how to apply BSA requirements to transactions to determine when filings are required and how to complete the forms associated with those filings. Key Takeaways Learn the basics of BSA/AML regulations for CTR and SAR filing requirements Understand how to implement BSA/AML regulations at your organization to detect transactions that require a CTR and/or SAR Discover how to use the CTR and SAR forms in FinCEN’s BSA E-Filing system Receive a step-by-step walkthrough of completing CTR and SAR forms. Register Now $295 Members | $395 Nonmembers(Additional $50 for USB)One registration gives your entire team access to the live webinar and on-demand recording until December 7, 2024.Go to the Online Training Center to access the webinar after purchase » Who Should Attend NCBSOs NCCOs NCRMs BSA, compliance and risk titles Education Credits NCCOs will receive 1.0 CEUs for participating in this webinar NCRMs will recieve 1.0 CEUs for participating in this webinar NCBSOs will recieve 1.0 CEUs for participating in this webinar CPA credit information is below; recommended 1.0 CPE credits. CPA Certification Credit Information (Note: Webinars must be attended when aired to receive CPE credits.) Reviewer: Josie Collins, Senior Associate Director of Education, NAFCU Learning Objectives: See key takeaways Program Level: Basic Prerequisites Needed: None Advance Preparation Needed: None Delivery Method: Group Internet-Based Recommended CPE Credits: 1.0 credits Recommended Field of Study: Reguatory Ethics – Technical About Our Webinars Our webinars are streamed live from NAFCU headquarters near Washington, DC. Your audio/video feed of the presenters includes presentation slides and downloadable handouts. You can easily submit your questions to the presenters at any time during the live broadcast, with no dialing over the phone! The audio and video stream directly through your computer. Web NAFCU email@example.com America/New_York public
Credits: NCCO, NCRM, NCBSO, CPE
Add to Calendar 2023-12-07 14:00:00 2023-12-07 14:00:00 Breaking Down Silos: Collaborating to Combat Cyber Fraud About the Webinar With the rapidly evolving threat landscape, it is clear that operating in isolation is no longer a viable strategy for effective and proactive cyber risk management. The challenges presented by cyber threats demand a concerted effort within your credit union to break down silos and collaborate effectively. Your credit union’s information security and fraud teams must work together to develop a comprehensive and cohesive approach to managing cyber risks. In this session, we will explore how to leverage expertise and tools to be proactive in your fraud detection. Join DefenseStorm’s resident Fraud Geek and senior product manager, Adam Barrett where we will delve into how your credit union can: Evaluate edge data to better identify fraudsters hiding behind VPNs Cultivate effective relationships to combat fraud Efficiently engage with your red team Open up the dialogue around pain points or blind spots to improve your ability to stop cyber fraud Register Here Web NAFCU firstname.lastname@example.org America/New_York public
Add to Calendar 2023-12-06 09:00:00 2023-12-06 09:00:00 Navigating Student Lending: A 2023 Review and 2024 Outlook Listen On: Key Takeaways: [0:57] What were the biggest challenges and opportunities with regard to student lending and CUs in 2023? [2:55] We discuss the duality of education lending: in-school financing for younger individuals and post-graduation refinancing for lasting credit union engagement. [5:47] The credit union journey emphasizing its natural progression from student loans to auto and mortgage opportunities. [6:25] During the student loan repayment pause, credit unions benefited as borrowers saved money, but the impact upon resumption is expected to be manageable. [9:36] What were the most significant policy changes that impacted student lending and credit unions in 2023? [13:52] Predictions for student lending and CUs in 2024. [14:50] Long-term value in engaging young borrowers, highlighting lifetime financial opportunities. Web NAFCU email@example.com America/New_York public
Get daily updates.
Subscribe to NAFCU today.