Tuesday, February 25, 2014

Matz Warns CUs about Cyber and Interest Rate Risks

In a speech before the Credit Union National Association, Debbie Matz, the National Credit Union Administration (NCUA) Chairman, stressed that credit unions needed to be prepared for volatile and rising interest rates and also cyber-attacks.

With regard to interest rate risk, Chairman Matz warned that chasing near-term profits by concentrating your portfolio in long-term investments, while long-term rates are rising and short-term rates remain low, may be appealing; but it is ultimately a trap. When short-term rates begin to rise, this strategy will leave your credit union vulnerable.

But the majority of her speech focused on cyber-security issues.

Chairman Matz cited an example where hackers "broke into a medium-size credit union and used the credit union’s passwords to access one of the larger credit bureaus. From there, the hackers stole credit reports on hundreds of people who weren’t even credit union members."

She asked the audience to imagine a scenario where the hackers were not motivated by money, but by terrorism. Imagine the damage the cyber-terrorist could do, if they infilitrated the payment system.

Chairman Matz told the audience that NCUA "examiners will be looking to see how credit unions are implementing appropriate risk mitigation controls to better protect, detect, and recover from cyber-attacks. This includes vendor due diligence, strong password policies, proper patch management, employee training, and network monitoring."

She encouraged the audience to review recently developed voluntary national cyber-security framework by the National Institute of Standards and Technology.

Read the speech.

No comments:

Post a Comment

 

The content is provided for educational purposes only, with the understanding that neither the authors, contributors, nor the publishers of this site are engaged in rendering legal, accounting or other expert or professional services. If legal or other expert assistance is required, the services of a competent professional should be sought.

Comments appearing in response to articles appearing on this site do not necessarily reflect the views of the ABA. ABA makes no representations regarding the truth or accuracy of commentary or opinions that may be posted in response to the articles that appear on this website.

The inclusion herein of any link to a website, either in the text of an article or in a comment, does not denote any approval, sponsorship, or endorsement by the ABA, and ABA is not responsible for the content or opinions expressed on those linked websites or related commentary. This content is not licensed to third parties sites and is not affiliated with any third party site. Any reference to the author or this content on any third party site on the Internet is not authorized by the ABA.

It is the policy of the American Bankers Association to comply fully with all antitrust laws. Certain discussions should be considered off-limits, including those that contain competitively sensitive data such as price and cost information, or statements that could be construed as reflecting an attempt or desire to control or influence a particular market or markets. Future pricing or other prospective competitive information should never be shared.