Print View

Payment Card Industry Data Security Standard
The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of comprehensive requirements for credit card account data security developed by the founding brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to facilitate adoption of consistent data security measures.

The PCI DSS is a standard that sets minimum requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This standard is intended to help organizations, including credit unions, proactively protect credit card account data.

The PCI DSS consists of the following group of principles and accompanying requirements:

  • Build and Maintain a Secure Network
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

Visit the Payment Card Industry Data Security Standard topic on the Security channel of InfoSight to review the requirements that correspond to each of the principles. In addition, this topic contains a links to the PCI Quick Reference Guide and the PCI Security Standards Council’s website.

Review the information today to help your credit union remain in compliance


CFPB Issues Mortgage Servicing Transfer Bulletin 

The CFPB issued Bulletin 2014-01 – replacing Bulletin 2013-01 – which provides policy guidance to residential mortgage servicers and subservicers, in connection with risks that may arise with transfers of residential mortgage servicing rights.

Section A of the bulletin provides examples of general transfer-related policies and procedures that CFPB examiners may consider in evaluating whether services have satisfied the regulatory requirements.

Section B answers frequently asked questions about how the revisions to the Real Estate Settlement Procedures Act (RESPA or Regulation X) apply in the area of servicing transfers.  This includes error resolution procedures, force-placed insurance, early intervention with delinquent borrowers, continuity of contact, and loss mitigation. This section also explains how entities can minimize compliance risk. 

Section C describes other federal consumer financial laws applicable to servicing transfers and consequences for not fulfilling obligations under those laws.

Section D informs servicers engaged in significant servicing transfer that the CFPB may require them to submit and prepare information plans describing how they will be managing risks to consumers.

Credit unions engaged in the transferring of servicing for mortgages should review the CFPB’s Bulletin.

Source: MCUL

CFPB Adjusts Reg Z Thresholds (Corrected Chart) 

On an annual basis, the Consumer Financial Protection Bureau is required to adjust certain threshold amounts within Regulation Z, based on inflation, which implements the Truth in Lending Act, based on inflation. Below are the revised thresholds which were published in the Federal Register on Aug. 15 and become effective on Jan. 1, 2015.

Card Act
The safe harbor amount for penalty fees has been raised by $1. After Jan. 1, a card issuer cannot impose a fee that exceeds $27 or $38 for violating the terms of the account if the card issuer previously imposed a fee for a violation of the same type that occurred during the same billing cycle or one of the next six billing cycles. A few examples of the fees subject to these limitations include late payment fees, returned payment fees and fees for an over-the-limit transaction.

Home Ownership Equity Protection Act
The dollar amount threshold used in connection with calculating whether a transaction meets the percentage point thresholds in the points and fees coverage test for a high-cost mortgage will be increased by two percent to $20,391. Therefore, after Jan. 1, if the loan amount is above $20,391 and the points and fees exceed eight percent of the total loan amount or $1,020, which was also increased by two percent (whichever is less), the loan would be considered high-cost under the rule.

Ability to Repay/Qualified Mortgage Thresholds
When determining whether a transaction is a qualified mortgage, the total points and fees cannot exceed certain limits. Below are the revised thresholds as of Jan. 1.

Loan Amount 

Points and Fees Limit

$101,953 or higher

3 percent

$61,172 - $101,952.99 


$20,391 - $61,171.99

5 percent

$12,744 - $20,390.99


$12,743.99 or less

8 percent

Source: MCUL

CFPB Issues Revised Final Rule for Electronic Funds Transfers

Last week, the Consumer Financial Protection Bureau published additional amendments to subpart B of Regulation E, which implements the Electronic Fund Transfer Act (EFTA), related specifically to International Remittance Transfers. The amendments in this final rule extend an exception that allows international remittance transfer providers to estimate certain disclosures where exact information could not be determined for reasons beyond their control. This statutory provision, outlined in 1005.32(a), has been extended to July 21, 2020.

The CFPB is also clarifying that U.S. military installations abroad are considered to be located in a State for purposes of the Remittance Rule. Therefore, transfers to individuals and accounts located on U.S. military installations located abroad, as well as transfers from individuals and their accounts located on U.S. military installations abroad to designated recipients in the United States would be excluded from the Remittance Rule’s application.

The CFPB also clarified that a remittance transfer is covered under the rule if it is from an account for personal, family or household purposes. The primary purpose of the account is the determining factor. Commentary is also being adopted to explain that an account held by a financial institution under a bona fide trust agreement is also not requested for person, family or household purposes, and a consumer requesting a transfer from this account is not considered a “sender” under the regulation. Commentary was also adopted that explains that if the consumer indicates that he or she is requesting a transfer for other purposes, such as business or commercial,  the provider may deem the consumer NOT to be a sender under the rules, even if it is done from an account that is used primarily for personal, family or household purposes.

Additionally, in the final rule, faxes are considered writings for the purposes of satisfying provisions that require remittance transfer providers to provide disclosures in writing and that, in certain circumstances, a provider may provide oral disclosures after receiving a remittance inquiry from a consumer in writing.

The changes in this final rule will become effective 60 days after publication in the Federal Register.

Source: CUNA News Now

FIs prepare for Apple Pay combo of NFC, Passbook app

CUPERTINO, Calif. (9/10/14)--On Tuesday, Apple announced Apple Pay, a system that will combine near-field communication with its Passbook app, taking plastic cards out of the point-of-sale environment.
Apple Pay allows consumers to add their card on file for their iTunes account or upload their credit cards to their Apple Passbook by taking a photo of the card, said Apple vice president Eddy Cue ( Payments Source Sept. 9). Apple confirms through the issuing bank that the card belongs to the consumer.

Apple Pay supports credit and debit cards from the three major payment networks--American Express, MasterCard and Visa--that are issued by banks such as Bank of America, Capital One Bank, Chase, Citi and Wells Fargo, which represent 83% of credit card purchase volume in the United States, Apple said.

The Credit Union National Association continues to work with the payment networks and others on the latest payments developments, including providing more information for credit unions interested in Apple Pay.

To become part of Apple Pay, credit unions and other financial institutions will need to enable tokenization with their payment networks.

"When you're using Apple Pay in a store, restaurant or other merchant, cashiers will no longer see your name, credit card number or security code, helping to reduce the potential for fraud," Cue said during the product announcement. Point-of-sale transactions are authorized with a one-time unique number and Apple's Touch ID fingerprint technology.

Apple Pay will work with the new iPhone 6, iPhone 6 Plus and the newly announced Apple Watch.

"The question for Apple is if they can take the complexity out of paying with a smartphone, to make it as easy as using a credit card is today," said Kevin Talbot, managing partner with Relay Ventures ( The Wall Street Journal Sept. 9).

Source: CUNA News Now

CFPB issues strong warning against deceptive credit card promos
WASHINGTON (9/4/14)--Credit card companies have been warned against deceptively marketing interest rate promotions, the Consumer Financial Protection Bureau (CFPB) announced Wednesday.

According to the bureau, it is concerned that companies are luring in customers by promising low--even zero--interest, then hitting them with surprise interest charges.

A CFPB bulletin highlights concerns with marketing of credit card interest rate offers such as balance transfers, deferred-interest offers and convenience checks. Under these promotions, consumers may be charged a fee to transfer a balance or make a purchase with their credit card in order to receive a promotional interest rate on that amount for a set period of time.

While consumers pay no interest or a low interest rate for balances subject to the promotion, additional purchases made with the credit card may incur interest charges right away.

The bureau believes some marketing materials do not clearly disclose that consumers must pay off the promotional balance by their due date to avoid unexpected interest charges on routine purchases for which they were not charged interest previously.

For some consumers, these surprise charges can make the cost of transferring a balance more expensive than revolving the same balance on their existing card.

According to the bureau, these marketing tactics specifically impact consumers who enjoy an interest-free "grace period" on credit card purchases. Consumers who pay off their total credit card balance each month receive a grace period during which they do not have to pay interest on purchases.

The CFPB has also published consumer tips about credit card interest-rate promotions and how grace periods work.

CFPB bulletin: Marketing card promotional APR offers (PDF)
CFPB blog: You could still end up paying interest on 0% credit card offer

Source: CUNA News Now


Mobile Payments Regulatory Landscape: Boston Fed Paper, NCUA Upcoming Guidance

The Federal Reserve Bank of Boston’s Mobile Payments Industry Workgroup recently released their “Update on the U.S. Regulatory Landscape for Mobile Payments” paper. The paper summarizes their recent meeting with representatives from federal and state regulatory agencies on May 7. The meeting was to discuss the status of:

  1. The U.S. mobile payments landscape;
  2. The regulators’ role in mobile;
  3. The regulatory agency coordination around mobile payments; and
  4. Data security, the role of non-bank providers and start-ups, and data privacy.

For credit unions, the paper noted that NCUA continues to monitor mobile financial services and payments, and intends to provide more guidance to its examiners and credit unions. NCUA is creating guidelines for credit union examiners to help them flag particular issues for follow-up by a specialist and the guidance is scheduled for release in the fourth quarter of 2014, according to the paper.

Federal Reserve Announces Completion of Its “Payment System Improvement” Research

The Federal Reserve announced last Thursday that it has competed research on its “payment system improvement” initiative. In the coming months, the Federal Reserve Banks (Fed Banks) plan to use research conclusions and stakeholder feedback to prepare and share a roadmap for payment system improvements. As noted in the research, the Fed Banks presented five use cases or applications that could benefit from a “faster payments” system, which could comprise about 12% of U.S. payments (i.e., through faster authorization and clearing, availability, and/or settlement). CUNA and our Payments Subcommittee continue to meet and discuss these issues with the Fed Banks, trade associations, and other stakeholders. For more detailed information on the project, please review the Fed Banks’ website and the CUNA Regulatory Advocacy Report from August 25.

Regulatory Advocacy Report

The CUNA Regulatory Advocacy Report keeps you on top of the most important changes in Washington for credit unions--and what CUNA is doing to monitor, analyze, and influence government agencies and federal law. You can view the current report and past reports from the archive.


Compliance eNEWSLETTER

September 12, 2014
Vol. 8, Issue 35

Created in partnership with the

Credit Union National Association

Surviving Compliance: The Jungle
Have you been looking for a fun way to review specific compliance questions that your credit union may have? THIS IS IT! Join Shawn and Glory on a perilous trip through the compliance jungle while they tackle credit unions’ toughest compliance problems. CAUTION: Laughter may ensue.

Click here for the video

September, 2014 October, 2014 November, 2014
  • November 2nd, 2014: Daylight Savings Time Ends
  • November 11th, 2014: Veterans' Day - Federal Holiday
  • November 27th, 2014: Thanksgiving Day - Federal Holiday
December, 2014


September 14 – 19
CUNA Regulatory Compliance School, Chicago, IL

October 19 – 22
CUNA Attorney's Conference, Dana Point, CA

October 26 - 29
CUNA Bank Secrecy Act Conference
, Las Vegas, NV

CUNA Webinars
CUNA offers hundreds of online training events that make it easy for you to learn right at your desk. Whether you are looking for a beginner course or want a comprehensive understanding on a specific topic, CUNA webinars, audio conferences and eSchools have what you need. Click here for updates on compliance, operations, lending topics and more!

The Counseling Relationship webinar (09-16-2014)

Introduction to Balance Sheet Earnings webinar (2014) (09-18-2014)

The Counseling Process webinar (09-23-2014)

Introduction to Investments webinar (2014) (09-25-2014)

Money Mission Demo - Online Financial Literacy Game webinar (09-29-2014)

CUNA Lending Compliance eSchool (09-29-2014)

DOL and ERISA Audits webinar 10-01-2014

Collecting on MBLs webinar10-01-2014

CUNA ACH eSchool 10-07-2014

ACH Fundamentals webinar 10-07-2014

How to Document and Report After Fraud webinar 10-08-2014

Opening Business Accounts webinar 10-08-2014

ACH Error Resolution - Unauthorized, Revoked, Stop Payments - Which is it webinar 10-09-2014

EEOC Diversity and Affirmative Action Plans - OFCCP webinar 10-15-2014

Remote Deposit Capture webinar 10-15-2014

ACH Basics webinar 10-16-2014

CUNA Attorneys Conference 10-19-2014

Lending Compliance Hot Topics webinar 10-20-2014

Government Payments Overview webinar 10-21-2014

Harassment, Discrimination and Workplace Violence webinar 10-22-2014

Online Banking for Business Accounts webinar 10-22-2014

DNEs and Reclamations - A Financial Institutions Liability webinar 10-23-2014

CUNA Bank Secrecy Act Conference (2014) 10-26-2014

HR Audits - The Whats and the Whys webinar 10-29-2014

CUNA Bank Secrecy Act eSchool (2014) 11-05-2014