CUInfoSecurity.com "Compliance Insight" Blog RSS Syndication

Heartland: Where is the Outrage?

How is it that Heartland doesn't remain front and center in the mainstream media?

I made the mistake of popping open a browser today and loading my preferred news website, and it was sort of like the ultimate one-two punch that hit me with concussive force.

Credit Unions Pay a Premium for Doing the Right Thing

I was thinking after my last few Heartland-centric posts that I should probably get back to covering the basics of our practice and re-focus on all things regulatory. So I started skimming through my notes from recently completed fieldwork looking for ideas. The last few engagements happened to be with Credit Union clients, and the only thing that kept jumping off the pages at me was their struggles addressing the NCUA's actions to restore the National Credit Union Share Insurance Fund (NCUSIF) equity ratio to sufficient levels.

It's Time to Get Serious About PCI as a Regulation

I had an interesting email from a colleague the other day. Turns out someone he knows had recommended that he read a post of mine from January in which I discuss the value (or lack thereof) of having controls in place that don't function. He wanted to let me know about the reach of BIS and let me know that our audience is aware, paying attention and apparently taking notes. But in trying to figure out which post was being referred to, I wound up taking an unintentional stroll down BIS Blog memory lane.

Heartland Breach Saps Resources, Time from Institutions

Since the Heartland Payment Systems (HPY) data breach became "The Story," I've been trying to keep my distance from a blogging perspective, as it's being covered quite nicely elsewhere. Besides, I'm the regulatory compliance man in the field, and while this story certainly touches on related issues, it's off to the side of what I'm typically looking at.

This week that all changed.

Boards of Directors: How to Set the Tone at the Top for Security and Compliance

We're barely out of January, and already this year has revealed itself as one to remember. Between the worsening conditions within the banking sector, the Heartland breach and a very noticeable shift in the regulatory climate, we're already hard pressed to pick this year's "Story of the Year." And somehow I suspect that this is only the beginning in more ways than just on the pages of the calendar.

Regulatory Compliance: It's Not Enough to Plan; You Must Test

When it comes to regulatory compliance and its intended purpose, I'm a believer. I genuinely believe that if a bank or credit union implements and supports all required controls essential to achieving compliance, they're the better for it, and their account holders can sleep better at night. What you might've missed in the last sentence is the size of the "if"; it's mighty big.

Increased Regulatory Scrutiny: A Good Thing or Bad?

Last week the NCUA announced the formation of the National Examination Team (NET) to "enhance the supervisory process in areas where economic conditions have adversely impacted federally insured credit unions." Or as I like to think of this move, the FDIC sneezes, and NCUA catches a cold.

Four Tips for a Successful (and Secure) 2009

I'm experiencing the New Year's phenomenon. That's what I call the very early part of each year when I struggle writing the correct date on things like checks, forms and the many other documents that require it.

New Year's Resolution: Assess Your Risk

Getting people on the phone this time of year can be quite a challenge. Between getting ready for the holidays, celebrating the holidays and trying to wrap up everything outstanding before year end there's simply a shortage of available time. And so as we work on building out the project schedule for the first quarter of 2009, I stress knowing that we have clients that have work that needs to get done, but who aren't ready to commit.

FDIC: Now Hiring 1400 New Examiners

The FDIC announced details regarding their recently approved 2009 operating budget. Not exactly your "stop the presses, hold all my calls" sort of thing, but it was worth my time to read through it.