NCUA Hosting Bank Secrecy Act Webinar
Credit union managers and compliance staff will be able to learn more about Bank Secrecy Act compliance on a free webinar, “BSA-MSB Training: What You Need to Know,” hosted by NCUA on Wednesday, March 19, 2014, at 2 p.m. Eastern. Click here for information
Tax-Fraud Season: Credit Unions must Stay Alert for Schemes (Colleen Kelly)
According to the IRS, tax refund fraud has increased exponentially in the past few years. It is reported that from 2011 through November 2013, the agency has stopped 14.6 million suspicious returns involving more than $50 billion in fraudulent refunds.
According to an article in the Express (Washington Post free paper), federal authorities acknowledge that the tax fraud schemes are often fueled by corruption among those preparing tax returns, cashing checks or handling people’s personal information. An IRS Special Agent explains in the article that one person finds and steals the identifying information, another prepares the return, and yet another cashes the refund check – each taking a cut of the proceeds.
As always, but particularly during tax season, credit unions must protect their member’s personal information, and stay on top of suspicious activity. We have gotten inquiries about non-members’ tax refund checks going into member’s accounts. Not only must credit unions note and potentially report such suspicious activity for BSA purposes, you must be on the look-out for members using personal accounts for business purposes, such as a tax return filing business.
NCUA Launches Cybersecurity Resources Page
Last week, NCUA launched a new webpage that provides links to cybersecurity and data security resources for credit union staff, including: regulations, guidance, and best practices. The launch coincided with NCUA Board Chairman Matz’s remarks at the CUNA GAC, where she noted cybersecurity is one of the top priorities for the agency and the credit union system. The agency is also working on better understanding the evolving cyber threat environment with other financial regulators, law enforcement, and intelligence communities, as part of a new working group. CUNA senior staff continue to meet with NCUA and others to advocate for credit unions on cybersecurity and data security issues. We urge NCUA and others to provide additional resources and assistance to help credit unions with addressing and coordinating on cybersecurity, while minimizing additional regulatory burdens on credit unions
ACH Change Effective March 15 - EFFECTIVE DATE AND RULE LANGUAGE
These changes to the NACHA Operating Rules regarding the ODFI’s warranty with respect to Outbound IAT Entries are effective on March 15, 2014. Rules sections impacted by these changes appear below and reflect updated language:
Article Two – Rights and Responsibilities of ODFIs, Their Originators, and Third-Party Senders
Subsection 188.8.131.52 Additional ODFI Warranties for Outbound IAT Entries
In addition to the other warranties contained within these Rules, an ODFI initiating an Outbound IAT Entry warrants to each RDFI, ACH Operator, and Gateway:
(a) Compliance with U.S. Legal Requirements. The Originator and ODFI are in compliance with U.S. Legal Requirements with respect to the IAT Entry, including their obligations under programs administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN).
(b) Compliance with Foreign Laws or Payment System Rules Regarding Authorization. If the laws or payment system rules of the receiving country require authorization with respect to an IAT Entry, the ODFI warrants that the authorization of the IAT Entry complies with the laws and payment system rules of the receiving country.
Subsection 184.108.40.206 Assumption of Risk (new subsection)
As between the ODFI and the Gateway of an Outbound IAT Entry, the ODFI bears the risk that the laws of the receiving country prohibit or otherwise preclude the processing, settlement, or transfer of the proceeds of the Entry, including through blocking or other sequestration or seizure of funds, unless otherwise agreed between the Gateway and the ODFI. As between the Originator and the ODFI, the Originator bears all such risk, unless otherwise agreed between the Originator and the ODFI or required by Legal Requirements.