regulatory and compliance issues and considerations
regulatory and compliance issues and considerations
regulatory and compliance issues and considerations
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Union Assessment<br />
33. Identity Theft<br />
Policy <strong>and</strong><br />
Procedures // Red<br />
Flags Policies -<br />
Procedures<br />
34. Red Flags Risk<br />
Assessment<br />
12 CFR 717.82 <strong>and</strong><br />
717.91; <strong>and</strong> NCUA<br />
Letter to Credit Union<br />
No. 08-FCU-24 //<br />
Policies <strong>and</strong><br />
Procedures are<br />
required<br />
See Prior Entry –<br />
Properly drafted with<br />
supporting forms –<br />
these procedures may<br />
provide additional<br />
liability protection for<br />
the Credit Union <strong>and</strong><br />
its Volunteers / Senior<br />
Management<br />
Annual – Must be Approved by the Board or a designated Board<br />
Committee<br />
36. Incident<br />
Response Policy<br />
<strong>and</strong> Procedures<br />
39. Information<br />
Security <strong>and</strong><br />
Information<br />
Technology Policies<br />
<strong>and</strong> Procedures;<br />
Internet Use Policy<br />
<strong>and</strong> Procedures<br />
40. Information<br />
Technology Security<br />
Risk Assessment<br />
43. Risk<br />
Assessment of<br />
Investments<br />
12 CFR 717.82 <strong>and</strong><br />
717.91; <strong>and</strong> NCUA<br />
Letter to Credit Union<br />
No. 08-FCU-24 //<br />
Policies <strong>and</strong><br />
Procedures are<br />
required in part by the<br />
same laws governing<br />
Identity Theft <strong>and</strong> Red<br />
Flags<br />
12 CFR 748 <strong>and</strong><br />
Appendices NCUA<br />
Letter to Credit Union<br />
Nos. 06-FCU-10 06-<br />
FCU-06; 03-FCU-07<br />
General IT – FFIEC<br />
Guidance; 03-FCU-<br />
14; 03-FCU-06;<br />
Personnel <strong>and</strong><br />
Responsibilities for IT<br />
<strong>and</strong> Patch<br />
Management; 01-<br />
FCU-11- Electronic<br />
Data Security; 99-<br />
FCU-19 – Monitor for<br />
Security Intrusions;<br />
06-FCU-07 E-Banking<br />
Security; 00-FCU-02<br />
Background Checks;<br />
03-FCU-08 Weblinking<br />
Risks (See<br />
also 02-FCU-04); 03-<br />
FCU-08 Wireless<br />
Technology; 05-FCU-<br />
See Prior Entry --<br />
Copyright©1994-2010 by Credit Union Resources & Educational Services, LLC. All rights reserved.<br />
Revised February 2010<br />
NA<br />
Properly drafted with<br />
supporting forms –<br />
these procedures may<br />
provide additional<br />
liability protection for<br />
the Credit Union <strong>and</strong><br />
its Volunteers / Senior<br />
Management<br />
See NCUA Letter No.<br />
02-FCU-08 Re:<br />
“account aggregation<br />
services.”<br />
20 Phishing<br />
NCUA Letter to Credit Union No. 06-FCU-13 – Risk Assessment<br />
Required; NCUA Letter to Credit Union No. 01-FCU-12 (<strong>and</strong> to inform<br />
the Board of the Risk Assessment) NCUA Rules <strong>and</strong> Regulations: 12<br />
CFR 748.<strong>and</strong> Appendices; 12 CFR 749.<strong>and</strong> Appendix B<br />
NCUA Rules <strong>and</strong> Regulations: 12 CFR 703.13(c)(1) <strong>and</strong> (e)(2); NCUA<br />
Field Examiner’s Guide – Chapter 12<br />
35