Johnson Stresses Need For Better IT Controls
NCUA Chairman JoAnn Johnson told credit unions meeting here that enhanced due-diligence of all third-party vendors and compliance should be a top safety and soundness priority.
Speaking to the Information Technologies Credit Union Association, Johnson said NCUA is focusing closer on information technology and system controls in credit unions, because safe integration of technology and proper data security for credit union members are important safety and soundness priorities.
"Just as modernizing technology is an important investment for credit unions, likewise, we at NCUA believe that maintaining modernization in our information systems is vital for the regulator and the regulated," said Chairman Johnson.
Johnson said that security threats, including ID theft and phishing scams, must be included in every CU's technology security plan. Johnson noted that the most frequently reported violations of the Bank Secrecy Act are weaknesses in member and/or customer identification policies, comprehensive anti-money laundering policies, and independent testing.
"NCUA takes BSA and OFAC violations seriously and encourages credit unions to have the appropriate compliance plans in place," reiterated Johnson. "We also recognize as credit unions continue to modernize technology and implement compliance measures, it may require increased investments in fixed assets."