NAFCU writes to NCUA on proposed cyber incident reporting rule
NAFCU Senior Counsel for Research and Policy Andrew Morris wrote to the NCUA to offer recommendations on the agency’s proposed rule establishing a 72-hour period for credit unions to provide notice of a reportable cyber incident.
In the letter, Morris stated the proposed 72-hour timeframe to report a cyber incident to the NCUA would likely increase “administrative burden” for credit unions. To ease the burden of this rule, NAFCU gave nine recommendations:
- recognize a compliance safe harbor for a credit union that makes good faith efforts to perform a reasonable assessment of a cyber incident;
- clarify core terminology;
- streamline communication with supervisory teams;
- clarify the relationship between overlapping reporting standards;
- avoid conflict with current and future cyber incident reporting requirements;
- recognize a credit union has the final say to report any third-party cyber incident;
- calibrate reporting thresholds to avoid requiring a credit union to report incidents that happen outside the credit union’s domain;
- ensure proper coordination exists with other federal regulators; and
- clearly state that any cyber incident notifications given to the NCUA are confidential.
NAFCU believes these recommendations would improve clarity and reduce overlap if the NCUA decides to proceed with a final rule. The association also requests the agency use the information it collects from credit unions to “improve the security and resilience of the industry,” as well as hold more cybersecurity briefings for credit unions.
NAFCU will continue to engage the NCUA and update credit unions on the latest from the agency.
Fall 2022 Supervisory Highlights Part I: Auto Servicing, Consumer Reporting, Credit Card Account Management, and Debt Collection
Examination & Enforcement Operations
Add to Calendar 2022-11-29 09:00:00 2022-11-29 09:00:00 Personalizing the Member Experience About the Webinar A new frontier of connected digital and human interactions awaits credit unions. Members are shifting behaviors toward digital sales and service, making keeping up with industry leaders feel like an endless digital arms race. There is no guarantee that higher investment levels will lead to better outcomes. It will be up to credit unions to understand their members and to deliver proactive, intelligent advice that differentiates them from their competitors. An integrated approach to financial data-driven personalization encompasses both digital and human interactions. Through this webinar, you will discover how Cal Coast Credit Union works to simplify its members' lives, offer them the best customer service available, and ultimately help them achieve financial prosperity. Attendees will learn how to: Overcome the main challenges credit unions face, Keep up with the growing demands of members, Identify where to focus digital investment to drive member impact Create a cohesive and long-lasting member experience across all channels. Credit unions are ideally positioned to deliver unified advice to members across digital and banker channels. With a deep understanding of members' needs and a personalized experience, the credit union can compete and stay ahead of the curve in an exciting new era. REGISTER NOW Web NAFCU email@example.com America/New_York public
Accounts Examination & Enforcement
Get daily updates.
Subscribe to NAFCU today.