Identity Theft

Identity theft occurs when someone appropriates another individual's personal information without that person's knowledge, to commit fraud or theft. An identity thief steals another person's name, Social Security number, credit card number, or some other piece of personal information for his or her own use.

A credit union will suffer reputation risk if its procedures do not adequately protect its members and their accounts. A credit union may also suffer a financial risk if it allows an unauthorized person to access or open an account. By making certain that the credit union staff is following current law, a credit union will have significantly protected member information and helped to prevent identity theft.

Under the Fair and Accurate Credit Transactions Act of 2003 (FACT Act), both Federal and State chartered Credit Unions are required to develop policies and procedures meant to identify and mitigate identity theft. The four basic required elements of an identity theft prevention program must include:

  1. Identifying relevant “Red Flags” of identity theft;
  2. Detecting Red Flags that have been incorporated into the Program;
  3. Responding appropriately to any Red Flags that are detected; and
  4. Ensuring the Program is updated periodically to reflect changes in a credit union’s risk profile.

This topic in InfoSight provides detailed requirements and steps to be taken if identity theft is recognized for one of your members. Click here for the topic

Review the information today to help your credit union remain in compliance.


NY Times: Nussle highlights CU help in restoring members' credit
WASHINGTON (10/28/14)--Credit union programs that help members avoid the quicksand of predatory payday lenders were under the spotlight in The New York Times Monday thanks to a letter to the editor by Credit Union National Association President/CEO Jim Nussle.

Nussle, noting a recent Times editorial that raised questions about how to protect the best interest of consumers who need help restoring credit, told the Times' extensive readership that credit union programs build experience in saving, not just borrowing.

"Unlike predatory payday lenders, credit unions have programs that actually help members out of a hole instead of keeping them trapped in one," Nussle wrote .

To illustrate the credit union difference, Nussle cited two programs used by credit unions: One directs loan payments into savings accounts once a loan is repaid; another links credit unions with employers, and repayments are made by payroll deduction, and again, once the loan is repaid, payments continue as deposits to the member's savings account.

"These and other lending programs for members with troubled credit have interest rates significantly below what predatory lenders charge," Nussle underscored.

He added, "It's unfortunate that quick, short-term access to money is needed today by some people, but they shouldn't be ripped off in the process. Credit unions demonstrate that access to this credit doesn't have to be predatory."

Nussle took the leadership position at CUNA on Sept. 20. He is a former member of the U.S. Congress, serving from 1991 to 2007, and was director of the Office of Management and Budget from 2007 to 2009.

Source: CUNA News Now

CUNA BSA Conference: Looking at compliance as risk-based or rules-based

LAS VEGAS (10/28/14)--Anti-money laundering rules under the Bank Secrecy Act (BSA) in the United States have generally used a more rules-based approach than much of the world, according to the World Council of Credit Union's Michael Edwards, but that may be changing thanks to new international guidance released last week. Edwards, World Council's vice president and chief counsel, spoke Monday at the Credit Union National Association's BSA Conference.

Like in other countries, BSA rules in the United States are primarily based on international standards from the Financial Action Task Force (FATF), a Paris-based organization that writes anti-money laundering and countering the financing of terrorism (AML/CFT) standards at the global level. The FATF has recently updated its guidance on the risk-based approach (RBA) to AML/CFT in order to address better the main weakness of rules-based AML/CFT approaches, namely that bad actors are more easily able to circumvent rules-based compliance systems than those based on RBA principles.

"An RBA to AML/CFT means that countries, competent authorities, institutions and organizations are expected to identify, assess and understand the money laundering/terrorism financing risks to which they are exposed and take AML/CFT measures to those risks in order to mitigate them effectively," reads the official RBA definition from the task force.

Since 1988, the FAFT has issued international AML/CFT guidance, including its "40 Recommendations," which serve as the high-level principles for AML/CFT compliance around the world. The FATF most recently revised the 40 Recommendations in 2012, and on October 24th of this year released updated guidance on the RBA to AML/CFT for banks and credit unions.

"The FATF has reinforced and reinvigorated their RBA concept compared to their earlier guidance because they thought most countries hadn't done it right, and I think that includes the United States. That's because the default compliance approach in the U.S. across all different types of regulation is a heavy rules-based system, rather than a principles-based one," Edwards said.

"The FATF is trying to move countries away from a check-the-box type AML/CFT approach where criminals can learn the rules, and slip between the cracks in those rules, to a more flexible RBA where regulated institutions use judgment to go after the actual money laundering risks present in their lines of business in ways that might not be predictable to bad guys."

An RBA defines money laundering and terrorist financing risk as a function of three factors: threat (the persons or activity that can cause harm), vulnerability (things that may be exploited by the threat) and consequence (the impact of harm that may be caused).

"If you really don't have an effective BSA compliance program you'll probably regret it sooner or later, either through unfavorable examinations or through something really bad happening that negatively affects your institution's reputation and results in the credit union being cut off from corresponding banking services," he said. "That's the biggest risk in my mind. If you get cut out of the payments system because you don't have an effective BSA program, your members aren't going to be able to use your services."

He said a risk matrix is one of the better ways for management to document its analysis of money laundering risks. A risk matrix defines various levels of risk by probability and severity categories. Credit Union of Ohio, of Hilliard, Ohio, $134 million in assets, has developed a comprehensive risk matrix, available through CUNA's compliance file sharing group that Edwards cited as a good example for credit unions to follow.

Edwards also reminded those in attendance that there is no such thing as a BSA exemption, saying that no matter how low the risk might seem, there is still due diligence that must be done.

Credit unions, he said, have an advantage due to their field of membership requirement, which requires each new member to be verified to some extent before opening an account or receiving services.

Source: CUNA News Now

CUNA BSA Conference: Virtual currencies gain momentum in payments system
LAS VEGAS (10/28/14)--Currency followed a set of specific rules for most of mankind's history, but new virtual currencies are changing some of those rules. Todd Erickson, senior vice president and chief operating officer of First Flight FCU, Cary, N.C., with $170 million in assets, spoke on virtual currencies at the Credit Union National Association's Bank Secrecy Act (BSA) Conference Monday.

Brian Knight, general counsel for the National Association of State Credit Union Supervisors, advised that all in attendance, as well as the credit union system as a whole, learn everything they can about virtual currencies.

"If you are a financial services professional in this day and age, you need to know what these things are," he said. "Your credit union might not be dealing with them, your credit union might never be dealing with them, but I think the experts who have looked at this can agree that it represents a change that cannot be undone. Something related to virtual currencies is going to change payments systems, it's going to change our industry."

Erickson, who is also a member of the Bitcoin Foundation's regulatory affairs committee, said the advent of virtual currencies such as Bitcoin allows for "a publicly verifiable transfer of the ownership of an asset without requiring a trusted third party," such as a financial institution.

There is a difference between Bitcoin capitalized, which represents the decentralized, peer-to-peer system, and lowercase bit coins, which are the currency itself. Bitcoin transfers do not require any personal information for a transfer.

The Financial Crimes Enforcement Network (FinCEN) issued two administrative rulings Monday dealing with virtual currencies

In the first, FinCEN said that companies that make virtual currency-based payments to customers are classified as money transmitters, because the company is accepting standard currency as payment, then converting it for payment to vendors.

The second makes a similar ruling, calling companies that use trading platforms to connect virtual currency buyers and sellers are also classified as money transmitters.

Bitcoins are already becoming a widely used payment method, Erickson said. According to Coinometrics, a website that measures the use of virtual currencies, bitcoin transactions add up to approximately $289 million per day, just below that of Discover ($299 million) and more than Western Union ($219 million).

However, Bitcoins are not recognized as legal tender by any country. They are recognized by the Internal Revenue Service as an asset, similar to real estate or other property. Germany ruled last year that Bitcoins are a "unit of account," meaning they can be used in private transactions.

Source: CUNA News Now

Faster payments systems: A CUNA update for CUs
WASHINGTON (10/28/14)--There are a number of recent developments in payments innovation of which credit unions and other financial institutions should be aware, efforts that are intended to move the system toward faster payments and improved payments security.

"As more information becomes available, credit unions and other financial institutions should continue to assess how 'faster payments' could potentially affect their institutions, including with operations and implementation, risk management, new products and services, data security, compliance, IT, and other areas," writes Dennis Tsang, Credit Union National Association assistant general counsel, in this week's Regulatory Advocacy Report(RAR).

Just last week, Tsang notes, The Clearing House Association announced a plan to build a real-time payments system. The association, which represents the largest commercial banks, said in a press release that it is taking on a multi-year effort to build a real-time payments system to better meet consumers' and businesses' expectations "in a digital age." The system, the association said, would incorporate strong data security safeguards to protect account information, building on The Clearing House initiative to develop and implement tokenization.

Also, the head of NACHA, the Electronic Payments Association, says same-day Automated Clearing House (ACH) payments are key to the future of the payments system.

In a recent letter published in American Banker (see resource link) NACHA President/CEO Jan Estep said the organization is working on a phased-implementation approach to move the ACH network from next-day settlement to same-day settlement during three different phases. While entities such as the Federal Reserve have stressed the need for real-time payments, Estep said that it is only part of the solution.

NACHA is expected to issue a same-day ACH proposed rule in the coming months. Last week, CUNA's Tsang attended the NACHA Alliance meeting that focused on same-day ACH and other upcoming developments.

Also, Tsang reminds in the RAR, the Federal Reserve Banks announced last month that they have completed research on their "payment system improvement" initiative.

In the coming months, the Fed banks plan to use research conclusions and stakeholder feedback to prepare and share a roadmap for payment system improvements.

Source: CUNA News Now


CUNA seeks comments on Military Lending Act expansion by Nov. 7

WASHINGTON (10/28/14)--The Credit Union National Association is asking for credit union comments by Nov. 7 on the U.S. Department of Defense's proposed changes to the Military Lending Act (MLA), which, in part, would expand the scope of products covered by MLA. Comments are due to the department on Nov. 28.

The MLA rule applies to active duty service members and their spouses or dependents and establishes a maximum "military" annual percentage rate (MAPR) of 36% that may be charged on closed-end "consumer credit" transactions.

National Credit Union Administration Chair Debbie Matz has expressed concern about how the DOD proposed rule could affect lending at credit unions that serve military service members. She has said that the NCUA, when it finalized a payday lending alternative rule in 2010, considered how the rule would fit with existing DOD regulations.

"The Defense Department's new proposed rule would broaden the definition of 'consumer credit' under Military Lending Act regulations in a way that would prevent federal credit unions from making payday alternative loans permitted by our rule," she said.

Current NCUA regulations allow federal credit unions to offer payday alternative loans with an interest rate of up to 28% and an application fee of up to $20. Under MLA regulations, consumer credit to covered borrowers is subject to a 36% cap on the military APR, which includes application fees.

The Defense Department's proposed rule would cover other types of consumer credit as well, including credit card accounts and lines of credit tied to a checking account with a finance charge. As with payday alternative loans, the combined interest rates and fees for these products could not exceed the 36% military APR cap, even if the interest rate is below the general 18% interest rate cap for federal credit unions.

CUNA and the Defense Credit Union Council have expressed their support for the existing DOD rule on consumer credit. Both associations are currently working with credit unions and the state credit union associations to develop a comment letter to the DOD on its proposal. CUNA issued a Comment Cal l in September.

CFPB Approves Regulation Z Mortgage Amendments
Last week, the CFPB also adopted additional changes to Regulation Z, Truth-in-Lending, further tweaking the agency’s mortgage rules. The amendments include the following:

  • Defining nonprofit small servicers: Certain small servicers are exempt from some of the Bureau’s new mortgage servicing rules, so long as they—together with their affiliates—service 5,000 or fewer mortgage loans and meet other requirements. However, the Bureau learned that some nonprofit organizations might service loans, for a fee, from other associated nonprofit lenders. Because of their unique structure, these organizations may not be able to consolidate their servicing activities and still meet the current requirements for the small servicer exemption. The changes provide an alternative definition of a small servicer applicable to certain 501(c)(3) nonprofit organizations so that they can consolidate their servicing activities while maintaining their exemption from some of the servicing rules.
  • Nonprofit Ability-to-Repay exemption amendment: Certain 501(c)(3) nonprofit organizations that lend to low- and moderate-income consumers were already exempt from the Ability-to- Repay rule if the organization makes no more than 200 mortgages a year, among other limitations. The final rule includes an amendment to this provision so that certain nonprofit groups, such as Habitat for Humanity, can continue to extend certain interest free, forgivable loans, also known as “soft seconds,” without regard to the 200-mortgage loan limit.
  • Refunding excess points and fees: Under the Ability-to-Repay rule, certain loans called Qualified Mortgages are subject to certain requirements that protect consumers. The points and fees charged to a consumer on a Qualified Mortgage generally cannot exceed 3 percent of the loan principal at the time the loan is made. Under the final rule, if a lender discovers after the loan has closed that it has exceeded the 3 percent cap, there are limited circumstances where lenders can pay a refund of the excess amount with interest to the consumer, to have the loan still meet the legal requirements of a Qualified Mortgage. The refund must occur within 210 days after the loan is made. The creditor must also maintain and follow policies and procedures for reviewing points and fees and providing refunds to consumers. The provision also allows secondary market participants to provide these refunds. The change is designed to encourage lenders to provide access to credit to consumers seeking loans that are at or near the points and fees limit. This provision will expire on January 10, 2021. The provisions regarding nonprofit organizations were approved largely as proposed but the final provision on refunding points and fees contains a number of modifications from the proposal issued in April. The modifications include requiring that interest on the overage amount to be paid to consumers getting these refunds, a longer overall refund period (the proposal allowed 120 days for the refund to be paid), and certain limitations on circumstances under which this refund option is available.

CUNA had urged the Bureau to expand the small creditor definition under the agency’s Ability-to-Repay rule to allow more first lien closed-end loans to be made than the current 500 small-creditor threshold allowed under the rule. The Bureau did not make any changes to this provision in the final rule, but indicated that the agency may address this and other matters in a future rulemaking. We will continue to advocate for improvements in this area. Click here for the final rule.

Regulatory Advocacy Report

The CUNA Regulatory Advocacy Report keeps you on top of the most important changes in Washington for credit unions--and what CUNA is doing to monitor, analyze, and influence government agencies and federal law. You can view the current report and past reports from the archive.

Compliance eNEWSLETTER

October 31, 2014
Vol. 8, Issue 42

Created in partnership with the

Credit Union National Association

Disaster Recovery
The National Credit Union Administration (NCUA) expects all federally insured credit unions to have a comprehensive contingency plan that is regularly tested. This presentation provides the information your credit union’s needs for a Disaster Preparedness and Recovery Plan.

Click here for the video

November, 2014
  • November 2nd, 2014: Daylight Savings Time Ends
  • November 11th, 2014: Veterans' Day - Federal Holiday
  • November 17th, 2014: Remittance Transfer - Regulation E Change
  • November 27th, 2014: Thanksgiving Day - Federal Holiday
December, 2014 January, 2015


CUNA Webinars
CUNA offers hundreds of online training events that make it easy for you to learn right at your desk. Whether you are looking for a beginner course or want a comprehensive understanding on a specific topic, CUNA webinars, audio conferences and eSchools have what you need. Click here for updates on compliance, operations, lending topics and more!

CUNA Bank Secrecy Act eSchool (2014) 11-05-2014

CUNA Information and Technology Compliance eSchool 11-07-2014

Vendor Management - The Big Picture webinar 11-07-2014

Social Engineering the Credit Union webinar 11-14-2014

IT Examination Hot Spots and Examination Focus webinar 11-21-2014

Electronic Discovery in Litigation webinar 12-05-2014

IT Compliance and Enterprise Risk Management webinar 12-12-2014