Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

Washington
Regulators issue cyber-security guidance
WASHINGTON (6/29/11)--Noting that many of the methods employed by identity thieves and other online criminals have changed, and that the scope of many of their crimes has grown, the Federal Financial Institutions Examination Council (FFIEC) has urged credit unions and other institutions to update some practices. Institutions should “perform periodic risk assessments considering new and evolving threats to online accounts and adjust their customer authentication, layered security, and other controls as appropriate in response to identified risks,” the FFIEC said. The recommendations are part of a risk management framework update that was released on Tuesday. The new guidance supplements the FFIEC’s Authentication in an Internet Banking Environment guidance that was issued in October of 2005. However, much of the guidance proposed in 2005 is now less effective than it was when it was first released, according to the FFIEC. The FFIEC has said that institutions should rely on more than one authentication method for online bankers and should consider providing different levels of user authentication for different types of online banking transactions. Financial institutions should implement layered levels of online security that are consistent with the risk presented by various consumer transactions, the FFIEC said. Layered security can include advanced fraud detection and monitoring systems and the use of debit blocks and other techniques to limit the amount that can be withdrawn from an account at a given time. Enhanced controls over the number of transactions allowed per day, the timing of any payments, the recipients of those payments, and other account activities can also be added. Institutions can also use software that blocks connections to web servers that have previously been involved in fraudulent transactions, the FFIEC said. Customers should also be made aware of fraud risks and the potential impact of fraud on their accounts, the FFIEC added. The FFIEC said that its various member agencies, including the National Credit Union Administration (NCUA), will “continue to work closely with financial institutions to promote security in electronic banking.” Financial examiners from these institutions will assess financial institutions’ adoption of these security methods starting in January of 2012, the FFIEC added. For the full release, use the resource link.
Other Resources

RSS print
News Now LiveWire
#creditunion affinity card programs make the grade for schools See #NewsNow http://t.co/TThZIvMRTO
2 hours ago
Home-price appreciation softens further in July #NewsNow #Market http://t.co/0MXVy9sby0
3 hours ago
.@ChartwayFCU charitable arm, the We Promise Foundation, has reached the $1M fundraising milestone in a single year for the first time
4 hours ago
.@mncreditunions' Mark Cummins shares CU difference with @KIMTNews3 http://t.co/gkarhZxDRF
6 hours ago
.@LeagueofSECUs' brand campaign reaches 80M consumers #NewsNow #System http://t.co/yKmdYyXN2v
6 hours ago