Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

Washington Archive


Senator calls for 'clarification' on where data breach risk falls

 Permanent link
WASHINGTON (3/27/14)--Sen. Claire McCaskill (D-Mo.) said at a hearing on the Target data breach Wednesday that there just might be a lot of public confusion about where "losses fall and where costs are absorbed" in such breaches.
McCaskill, a member of the Senate Commerce, Science & Transportation Committee that conducted the hearing, noted that companies collecting consumers' personal information are not held financially responsible for the costs that occur when the data is not secure.
"I don't think people understand ... a lot of the costs associated with this breach--in fact the majority--fall on credit unions and local banks instead of Target," McCaskill highlighted.
She noted, "Interchange fees were $19 billion before the Durbin amendment and now they are less than $10 billion." The Durbin Amendment refers to the last-minute addition to the Dodd-Frank Act that capped the fees debit card issuers area allowed to charge merchants for the merchants' customer's use of debit cards.
She continued, "So retailers got almost $10 billion extra as a result of those prices going down. I'm not saying that's good or bad, but I'm trying to say it's important the risk be borne by those who must engage in the activity to protect.
"I think most people thought you guys were covering the cost of this," she said to the retailer. "I think a clarification of where the risk falls is important for us, because it will be better to align those risks with the right incentives in the free market," she stated.
In conjunction with its hearing, the committee released a report alleging that Target missed several opportunities to stop last year's data breach that compromised about 40 million debit and credit card numbers and the personal information of 70 million customers (News Now March 27).
The Credit Union National Association has asked Congress to address data security relative to merchants, who are not held to the same standards of security as credit union and other financial institutions.
In particular, CUNA suggests all payment system participants are held to comparable levels of federal data security requirements; those responsible for the data breach should be responsible for the costs of helping consumers; and those responsible should ensure consumers know where their information was breached.

Waters enters bill into housing finance reform debate

 Permanent link
WASHINGTON (3/28/14)--Entering the policy discussions involving changes to the country's existing housing finance system, Rep. Maxine Waters (D-Calif.) this week introduced legislation that would create a cooperative group of mortgage lenders to back home loans.
The discussion draft, known as the "Housing Opportunities Move the Economy (HOME) Forward Act of 2014," would establish a new lender-owned Mortgage Securities Cooperative (MSC). That entity would be the only issuer of government-guaranteed securities. It would be governed on a one-member, one-vote basis, and capitalized by lenders based on mortgage volume, the House Financial Services Committee said in a summary of the proposal.
The co-op would replace government-sponsored enterprises Fannie Mae and Freddie Mac, which would be wound down over a five-year timeline.
The bill would also:
  • Maintain the affordable 30-year fixed-rate mortgage;
  • Establish a new regulator known as the National Mortgage Finance Administration, which would oversee the MSC;
  • Ensure equal access for small lenders;
  • Provide transparency and standardization across the mortgage market through uniform pooling and servicing agreements and new databases to facilitate access to mortgage data; and,
  • Ensure access to affordable rental housing.
Housing finance reform bills have also been introduced by the Senate Banking Committee and Waters' House Financial Services Committee colleague Rep. Jeb Hensarling (R-Texas). CUNA this week met with White House officials to discuss credit union concerns ahead of a vote on the Senate bill, and CUNA Chief Economist Bill Hampel last year discussed credit union priorities for a future housing finance market at a conference convened by Waters.
CUNA has repeatedly underscored that credit unions appreciate the need to reform the current housing finance system, but any reforms must not hinder the ability of credit unions to meet their members' housing finance needs in a member-friendly cooperative way.
Other CUNA suggestions for a future mortgage market include:
  • There must be a neutral third party in the secondary market, with its sole role as a conduit to the secondary market;
  • The secondary market must be open to lenders of all sizes on an equitable basis;
  • The new housing finance system should emphasize consumer education and counseling as a means to ensure that borrowers receive appropriate mortgage loans;
  • The new system must include consumer access to products that provide for predictable, affordable mortgage payments to qualified borrowers; and
  • The new housing finance system should apply a reasonable conforming loan limit that adequately takes into consideration local real estate costs in higher cost areas.

'Patent trolls' in the crosshairs at state, federal levels

 Permanent link
WASHINGTON (3/28/14)--"Patent trolls," those who manipulate the patent system for their own gain, continue to be in the legislative crosshairs on both the state and federal levels, as the Credit Union National Association and state credit union leagues work to protect credit unions from their menacing practices.
On Thursday, Sen. Patrick Leahy (D-Vt.), chairman of Senate Judiciary Committee, confirmed at a Senate Executive Business Meeting that patent reform remains on his very near-term agenda. CUNA expects the committee to vote on the Patent Transparency and Improvements Act of 2013 (S. 1720) before Congress breaks for a Spring District Work session on April 11.
Without actually inventing anything or adding to innovation, patent trolls buy up patents in order to extract fees--or legal settlements--from other companies that may use that technology. Small companies like credit unions find themselves between a rock and a hard place: paying what amounts to extorted fees may be cheaper than fighting the trolls.
Leahy noted in his Thursday statement that members of his committee have been working on the issue for "the better part of the year," including a December hearing in which John Dwyer, president/CEO of New England FCU, Williston, Vt., testified on CUNA's behalf.
Dwyer described how his credit union became the target of a patent troll demand letter and is in the middle of expensive discovery in a patent infringement case related to 23 ATMs it provides for members.

Most recently on the state level, the Wisconsin State Assembly approved a patent troll bill this week. Like bills in six other states, Wisconsin's SB 498 now awaits the governor's signature to become law.
There have been similar bills in an additional 14 states, only two of which have died in committee.
CUNA and many state credit union leagues continue to heavily advocate for patent reforms on Capitol Hill and in state legislative offices.

World Council comments on risk-based AML/CFT compliance

 Permanent link
BRUSSELS (3/28/14)--The World Council of Credit Unions (World Council) this week
World Council of Credit Unions Vice President and Chief Counsel Michael Edwards at the headquarters of the European Banking Federation in Brussels. (World Council of Credit Unions photo)
recommended ways the Financial Action Task Force (FATF) could limit regulatory burdens on credit unions as part of revisions to its guidance for financial institutions on the risk-based compliance approach (RBA) to anti-money laundering and countering the financing of terrorism (AML/CFT). 

The FATF's changes to the RBA, once finalized, are likely to be incorporated into the U.S. Bank Secrecy Act (BSA) rules within the next year, the World Council predicts.

As FATF works to update its current RBA for banking institutions guidance paper, issued in 2007, the World Council recommends that increasing the detail of that guidance would help increase the clarity regarding when and how it is appropriate to apply risk-based policies for AML/CFT.

World Council made its recommendations during the FATF private sector participation group meeting in Brussels Tuesday and Wednesday. Other topics discussed included AML/CFT issues related to money services businesses (MSBs) and virtual currencies such as bitcoin. World Council Vice President and Chief Counsel Michael Edwards represented credit unions at the FATF meeting.

The FATF's work to update the RBA guidance is intended to make that compliance tool consistent with its also-updated International Standards on Combatting Money Laundering and the Financing of Terrorism & Proliferation document--commonly called the "40 Recommendations."

World Council related that it has become increasingly difficult for credit unions in jurisdictions such as Great Britain and the U.S. to maintain access to correspondent banking services since the FATF's 2012 revisions to the "40 Recommendations" increased the responsibility placed on banks and credit unions for ensuring proper customer due diligence on their customer's customers.  

For example, a bank or corporate credit union providing correspondent services to a credit union now can be held liable for shortcomings in the credit union's customer due diligence/member identification program.

Similarly, a credit union doing business with an MSB can be held liable for problems with the MSB's AML/CFT compliance.

Many larger banks have decided to "de-risk" their operations in the face of these new requirements by curtailing their business relationships with credit unions, smaller banks, trusts, MSBs, and other businesses that handle funds on behalf of consumers or businesses.

NEW: Johnson, Crapo announce housing finance reform markup

 Permanent link
WASHINGTON (3/28/14, UPDATED 11:54 a.m. ET)--On April 29 at 10 a.m. (ET) the Senate Banking Committee will markup its housing finance reform legislation, according to an announcement by the committee chairman, Sen. Tim Johnson (D-S.D.), and its ranking Republican member, Sen. Mike Crapo (R-Idaho).
It was just earlier this month that the senators unveiled their housing finance reform proposal--hailing its bipartisan backing. 
The new bill used the Corker-Warner bill (S.1217) as its framework and it is intended to:
  • Protect taxpayers from bearing the cost of housing downturns;
  • Promote stable, liquid, and efficient mortgage markets for single-family and multifamily housing;
  • Ensure that affordable, 30-year, fixed-rate, prepayable mortgages continue to be available, and that affordability remains an important consideration;
  • Provide equal access for lenders of all sizes to the secondary market;
  • Facilitate broad availability of mortgage credit for eligible borrowers in all areas and for single family and multifamily housing types.
The Johnson-Crapo draft bill is a lengthy, 425 pages of reforms.
When the bill was released, the Credit Union National Association confirmed that it contained an important modification from an earlier draft bill. A cap for membership in a mutual securitization company was drastically increased, as recommended by CUNA in testimony last November and in meetings with legislative staff on Capitol Hill.

Read News Now Monday for more.

Compliance: It bears repeating--ATMs vulnerable as of April 8

 Permanent link
WASHINGTON (3/28/14)--ATMs could become vulnerable on April 8 when Microsoft stops providing regular security patches, technical assistance and support for its Windows XP operating system, the Credit Union National Association again reminds.
"Credit unions have probably tired of the reminder notices and news headlines at this point, but it
ATM owners will need to upgrade their machines to Windows 7 to ensure continued technical support for their terminals, and to remain compliant with Payment Card Industry Data Security Standards, CUNA reminds.
 bears repeating just the same: ATM owners will need to upgrade their machines to Windows 7 to ensure continued technical support for their terminals, and to remain compliant with Payment Card Industry Data Security Standards," CUNA Senior Director of Compliance Analysis Valerie Moss said in a recent Comp Blog post.
Failure to upgrade could expose ATMs and other devices to increased security risks. And, it won't take hackers very long to exploit these vulnerabilities. However, Moss stressed, Microsoft's decision to stop Windows XP support does not mean that personal computers, ATMs and other devices will cease to operate on April 8 without an upgrade.
The Federal Financial Institution Examination Council (FFIEC) has outlined risk-management processes to address the risk from continued use of XP. Those processes are:
  • Performing risk assessments;
  • Selecting appropriate mitigations;
  • Conducting appropriate planning; and
  • Monitoring risk mitigation implementation.
Moss advised that credit unions be ready to respond to member inquiries about the ATM upgrade issue.
"CUNA has been in contact with strategic partners that have been educating credit union ATM owners on upcoming changes for the past year. So, your vendors should be able to address any questions you have regarding the XP sunset and/or the security of your ATMs," she said.
Use the resource link for more on this ATM security issue.