Examiner guidance issued in May from the Federal Financial Institutions Examination Council (FFIEC) essentially tasks credit unions with having a documented plan for mobile payments security and business risk. The guidance could potentially play a key role in upcoming credit union examination, according to CUNA’s CompBlog.
An 18-page appendix to the FFIEC’s information technology handbook offers significant detail without being too prescriptive.
The appendix does not specify the required methods of assessment, nor does it weigh in on the acceptable level of risk for an individual financial institution.
John Best of CUNA partner Best Innovation Group recommends credit unions ensure they are taking the following steps:
In addition to CompBlog, CUNA’s Compliance Community contains discussion boards and a number of other resources for credit union compliance professionals around the country.