Is Your Credit Union Prepared for These Emerging Risks?
While some credit unions have a solid strategy for recognizing existing risk and anticipating emerging ones, others are less proactive in their pursuit of risk mitigation.
Emerging risks can be difficult to quantify in terms of speed of onset and potential impacts. If ignored, they can significantly affect a credit union’s financial stability, business strategies, and reputation. But when monitored and managed diligently, mitigation strategies can help keep your credit union out of harm’s way and assist your leadership team in assessing how risks could affect your long-term plan and business objectives.
Consider three emerging risks that are becoming increasingly prominent for credit unions across the country:
- American with Disabilities Act (ADA) & Website Compliance: Law firms representing private litigants are pursuing credit unions aggressively, alleging their websites and mobile applications are not accessible to those with disabilities. To ensure compliance with the ADA—which requires organizations to make accessibility accommodations to ensure the disabled public can access the same services as clients who are not disabled—credit unions should identify content that may not be readily accessible to individuals with visual, auditory, and/or cognitive disabilities and develop policies to address these limitations.
- EMV Fuel Pump Liability Delay: Card associations have delayed the EMV activation deadline for fuel pumps from October 2017 to October 2020. “Pay-at-the-pump” systems have traditionally been a ripe target for fraudulent transactions. But the delay in mandatory upgrades may further increase the frequency of skimming fraud. To mitigate this growing risk, credit unions should spend time educating members on protecting their information. Additionally, credit unions that haven’t implemented EMV on their credit and debit cards should make this a priority.
- Synthetic Identity Fraud: As credit unions have developed strategies to combat point-of-sale fraud, fraudsters have shifted their activities to opening new accounts and obtaining plastic cards and loans with fake identities. Synthetic identity fraud uses the creation of fictitious identities, often with a combination of real data and fabricated information. For example, a fraudster may combine an individual’s Social Security Number (SSN), with another person’s name, and yet another’s address to create a brand-new identity. Since the real person won’t see activity on an account created with their SSN but without their name or address, they likely will not realize any fraudulent activity has occurred.
Credit unions should develop a layered approach to addressing synthetic identity theft. This approach should consist of leveraging third party data and fraud detection tools, as well as reviewing existing operational workflows to identify potential gaps in credit assessment, member identification, and collection processes.
As you assess these emerging risks, it’s critical to remain vigilant. Establish risk oversight processes your leadership team can use to periodically assess vulnerabilities, and encourage your employees to take meaningful steps to mitigate potential risk.
Keeping ahead of the complex array of emerging risks, compliance issues, and industry regulations takes a team. But knowing what’s around the next corner can make a difference.
Carlos Molina, the article’s author, is a Risk & Compliance Senior Consultant for NWCUA’s Strategic Link partner, CUNA Mutual Group, a leading provider of insurance and financial services to credit unions and their members.
Questions about our Strategic Link partnership with CUNA Mutual Group, and how they can help you grow your credit union in 2018? Contact Jason Smith, NWCUA’s Vice President, Strategic Resources, at [email protected].