Risk & Insurance Insider

Impact of Legalized Marijuana

To discuss how to identify risk, mitigate losses, and receive insightful resources and tested practices, contact the Risk & Protection Response Center at 800.637.2676.

The legalization of marijuana and its impact on the American workplace is a growing problem. Credit unions are now faced with questions such as: Do we provide account services and/or lend to marijuana-related business; Should or can we test employees or applicants; and, Are our policies in line with this changing landscape?

Ensure your credit union is ready to rise above your risk.

Access these resources for a greater understanding of the risks associated with marijuana legalization:


Previous Articles

Click on each topic to display the article.

Operations & Security

Emerging Risk: Threats in the Cyber Security Landscape

Cybersecurity is one of the most dynamic risks to manage. Fraudsters continuously find new social engineering tactics to exploit the weakest link at your credit union – your employees. By understanding threats in the cyber landscape, you can help minimize the impact of these growing risks.

Ensure your credit union is ready to rise above your risk.

Access these three resources to gain a greater understanding of the latest cybersecurity threats and social engineering tactics:

  • Cybersecurity is more than an IT problem; Protecting Your Credit Union’s Data(Opens in a new window) introduces next-gen threats to data security and shares key considerations to strengthen your risk posture.
  • Hackers look to exploit an individual’s inclination to trust, review The Rise of Social Engineering Fraud(Opens in a new window) eBook to learn about the latest social engineering tactics. (User ID / Password required)
  • Phishing emails are hard to detect at a quick glance. The Employee’s Guide to Phishing Emails(Opens in a new window) can help identify common red flags. (User ID / Password required)

Emerging Risk: Workplace / Employee Safety

Safety initiatives are essential when it comes to maintaining a work environment that is both safe and productive. However, programs, policies, and procedures don’t mean much if you aren’t focused on taking necessary precautions to minimize the risks involving hazards, injuries, and accidents.

Be ready and rise above your risk.

Access these 3 resources to help your credit union consider the right safety measures:

By embracing regulatory complexity, your credit union can stay focused on performance and get ahead of changes to better navigate the regulatory and compliance landscape.

Be ready and rise above your risk.

To keep a pulse on emerging compliance risks, check out these resources:

Credit unions, small and large, collaborate with partners, vendors, and third parties to deliver products and services to their members. These relationships play a critical role in your credit union’s success; however, providing vendor oversight is vital throughout the entire life cycle to minimize risk.

Be ready and rise above your risk.

Use these resources to help you assess and manage vendor risks.

Natural disasters and catastrophes disrupt credit unions throughout the nation each year; in fact, many were impacted in 2017 due to bad weather, hurricanes, wildfires, and even man-made or infrastructure threats. And while it is impossible to prevent a disaster, you can take measures to ensure both your credit union and employees are prepared.

Be ready and rise above your risk.

How quickly and completely your credit union recovers from direct and indirect losses depends heavily on how well you are prepared. These risks typically occur with little or no warning.

Leveraging different backgrounds, skills, perspectives and knowledge of your workforce, while following sound employment practices, can set your credit union up to be more effective and successful. Changing your workplace culture won’t happen overnight, but there are steps you can take immediately.

Ensure your credit union is ready to rise above your risk.

Employees are your greatest asset! Protect and educate your them by understanding the most pressing risks of an evolving workforce.

Active shooter incidents are unpredictable and evolve quickly. And, unfortunately, we continue to see them impact our communities. It is critical for your credit union staff to be aware of their surroundings and know how to instinctually respond.

Ensure your credit union is ready to rise above your risk.

Active shooter incidents are often over within 10-15 minutes before law enforcement arrives on the scene. Are your employees prepared to protect themselves?

Virtually every aspect of your credit union business poses risk. Understanding how each new service, operational change, regulatory update, and technological advance impacts your credit union is critical to your success.

Ensure your credit union is ready to rise above your risk.

To stay ahead of the complex array of ever-changing risks and compliance issues, review these resources to assist you as your credit union grows and evolves:

Employee or director dishonesty accounts for more than half (56%) of credit union losses in terms of dollars paid within the Bond policy.1 And, lack of internal controls and oversight are significant issues contributing to the losses.

Ensure your credit union is ready to rise above your risk.

Having the right controls in place in addition to knowing how to detect internal fraud is critical to your loss mitigation success. Review these resources to help your credit union prepare:


1Employee or Director Dishonesty & Faithful Performance losses, Claims Data, CUMIS Insurance Society, Inc. 2012-2016

Cybersecurity threats continue to evolve in unimagined ways. In fact, breaches and related fraud continue to thrive. And, with consumers being tech savvy and more connected, the risks are becoming even more difficult to manage.

Ensure your credit union is ready to rise above your risk.

While no one is immune; you can establish a strong set of cyber controls to operate safely and remain ready.

  • Watch this Cybersecurity Trends & Tips webinar clip (8:21) to get a closer look at how to manage third party access, email fraud and ransomware.
  • Security companies are warning of a malicious attack on Internet of Things (IoT) devices. Check out this IoT Risk Overview (User ID / Password required) to learn how connected devices can add exposure to your credit union ecosystem.
  • Cloud adoption rates are also on the rise. Review this Cloud Computing Risk Overview (User ID / Password required) to help with your strategic considerations related to the cloud.

Your day-to-day operations are the center of activity. Those same operations also introduce risk, especially if policies, procedures, and controls are lacking, out-of-date, or employees just become too complacent. Unfortunately, recent credit union losses have shown that a common denominator has been the lack of internal controls.

Ensure your credit union is ready to rise above your risk.

Credit unions need a strong and effective system of internal controls to operate safely and effectively.

Whether you believe your employees are all trustworthy or that you have strong internal controls in place, you may be unknowingly setting your credit union up for a devastating loss down the road. Losses include embezzlement, theft of vault or teller cash, account and expense manipulation, or fictitious/unauthorized loans.

Generally, employees who have a need, an opportunity, and who can rationalize their actions are the ones who commit internal fraud. Why learn the hard way? Take the self-assessment below to discover where you may be vulnerable.

Self-Assessment Questions:

  • Are you checking and verifying previous employers, references, and performing criminal background and Bondability checks for new hires and volunteers?
  • Do you have zero tolerance in a Fraud Policy Statement?
  • How are you proactively monitoring employee warning signals?
  • Have you implemented dual control over vault cash, currency shipments, ATM / teller cash replenishments, and cash dispensers?
  • Are vault cash, cash drawers, and ATMs subject to frequent surprise audits?
  • Are transactions initiated by tellers or vault tellers before and after a surprise cash audit?
  • Are sound controls used to monitor expense and general ledger accounts?
  • Is a whistleblower policy in place to encourage staff to report incidents?

You can also do a deeper dive self-assessment evaluating your internal processes >>


Insurance products offered to financial institutions and their affiliates are underwritten by CUMIS Insurance Society, Inc. or CUMIS Specialty Insurance Company, members of the CUNA Mutual Group.
CUPRM-1540425.1-0716-0818

October marks National Cyber Security Awareness month reminding you to take the time to review your digital policies and procedures.

7 out of 10 businesses hacked learned from an external party.*

Your members count on you to protect their sensitive information from falling into the wrong hands. A data breach can result in more than lost data. It can damage your credit union’s reputation, shake your members’ trust and could cost you tens of thousands of dollars to repair.

CUNA Mutual Group’s cyber solutions will help you better manage risk and keep your business open in the event of an attack. Additional valuable tools and resources are available within the Protection Resource Center.


*Mandiant M-Trends 2015 Report, February 2015
CSS-1617716.1-1016-1118

With certain legal protections afforded to employees, charges and lawsuits related to retaliation and other employment practices charges have increased. In fact, there is a one and eight probability of having an employment charges filed against an U.S. company.* (The 2015 Hisox Guide to Employee Lawsuits)

Personal relationship conflicts and workplace romances make for sensational headlines; however, they also lead to gossip, damaged credibility, and claims of harassment and/or retaliation.

Ensure your credit union is ready to rise above the risk.

  • Watch this free Risk Video (4:36 minutes) on the impact and learn what you can do.
  • Share this Risk Overview (User ID / Password required) with your management team to proactively manage workplace relationships.
  • Check out Unlawful Workplace Retaliation Overview (User ID / Password required) to see losses related to this frequently filed employee complaint.

Extra Expense is the necessary extra costs you incur to minimize the suspension of your business and allow you to continue operating your credit union as close to normal as practicable, after a covered loss.

Here are some things to consider:

  • The loss as a worst case scenario.
  • The politics and ordinances that could impact your recovery timeline.
  • The construction timeline for building a better and newer building, especially considering weather delays, building code issues, and demand for resources.
  • Due to the high volume of equipment requests from other businesses and a limited supply in a disaster zone, increased costs can be associated with the necessary equipment.

 Use our Coverage Calculator to identify potentially risky coverage gaps.


Insurance products offered to financial institutions and their affiliates are underwritten by CUMIS Insurance Society, Inc. or CUMIS Specialty Insurance Company, members of the CUNA Mutual Group.
PBL-1547664.1-0716-0818

Lending

What should credit unions be doing to manage due diligence and indirect lending in our dealer relationships?

- VP of Lending, $765M Credit Union

Ongoing due diligence for automobile dealerships in an indirect program is critical to your program’s success. In fact, in situations where relationships were loosely managed and monitored, credit unions have seen some of the largest losses caused by unscrupulous dealerships and their employees or practices. Be sure to:

  • Understand how the dealership fits into your member demographic, loan growth, and risk appetite strategies
  • Have a clear understanding of the operational structure and conduct reviews regularly including on-site visits and sales staff interviews
  • Establish appropriate growth goals, concentration limits, and minimum standards for creditworthiness, such as credit score and debt-to-income requirements and loan-to-value limitations
  • Maintain quality control on the vendor’s program administration, underwriting, and contract expectations
  • Manage your incentive structure effectively to ensure dealers and staff are focused on loan quality, not just loan volume

Lastly, if you find that one of your lending relationships shows red flags or adverse performance trends…take early action to revise the dealer relationship.

This question was asked during our October 5, 2017 Office Hours. For more questions from your peers, watch the full recording. Topics included loan fraud, indirect lending, and compliance issues related to the Home Mortgage Disclosure Act, Military Lending Act, and the Telephone Consumer Protection Act.

Managing lending risks can be tricky – especially when dealing with the many types of lending: consumer, real estate, indirect, business, etc. Your credit union needs a robust risk management program in place to help you provide proper lending oversight.

Be ready and rise above your risk.

Use these resources to help you manage your lending risks:

Keeping pace with lending risks can be challenging. It takes constant monitoring and ensuring employees follow sound practices to make sure risks don’t turn into lending program losses.

Check out these recently introduced resources:

Payments and Deposits

Fraudsters are attacking credit unions through a variety of channels and scams. Some of the more prevalent methods include: fraudulent online account opening, account takeovers through online banking, wire transfer scams, ACH booster payments, and card fraud.

Be ready and rise above your risk.

Use these resources to help you assess and manage payments and deposits risk:

Fraudsters master old tricks and continuously evolve new ways to gain access to sensitive member, financial, and corporate information. They thrive by targeting those that are most vulnerable: the elderly, holiday shoppers, military members, disaster victims, donation-givers, job candidates, employees, and consumers in general.

Ensure your credit union is ready to rise above your risk.

Scammers succeed by catching you off guard. And, unfortunately recognizing scams can be difficult for both you and your members. Review these resources to help your credit union and members combat scams:

The difficulty in navigating the complex chargeback process has led consumers to, knowingly or unknowingly, add $11.8 billion in expense to the payment industry in the form of "friendly fraud" according to Visa estimates*. Friendly fraud can be hard to spot and even more difficult to navigate given the various regulatory and compliance considerations surrounding it.

Ensure your credit union is ready to rise above your risk.

Error resolution compliance doesn't have to be an uphill battle. In fact, there are processes and tips that can help you work within the regulations, balance risk, and still maintain positive member experiences. The key is to not to allow friendly fraud get the best of your credit union.

  • Watch this Risk Video (6:31 minutes) on the impact and learn what you can do.
  • Share this Risk Overview (User ID / Password required) with your management team to understand the most common risks and how you can proactively manage friendly fraud.
  • Check out one credit union’s perspective as they share key tips on how to handle these member claims,
    CU Perspective: Friendly Fraud (User ID / Password required).  

*This fraud may be "friendly," but costs are high, CBS MoneyWatch

Plastic card fraud is predicted to reach a staggering $31.67 billion worldwide by 2020.*

While your Plastic Card Insurance Policy helps to protect your credit union’s card program(s) from catastrophic fraud losses, you can help control your exposure by:

  • Converting to EMV chip-based cards and authentication system, if you have not already done so.
  • Establishing success metrics for fraud and understanding the levers that can help you maintain the right balance between security and member experience.
  • Leveraging the valuable tools, resources and expertise CUNA Mutual Group’s Risk and Compliance Consultants make available to you through the Protection Resource Center.
  • Keeping a watchful eye and finding the pattern as close to real-time as possible.
  • Accessing the prerecorded February webinar: Card Fraud Trends Continue to Grow. 

*Card Fraud Losses Reach $21.84 Billion, The Nilson Report, October 2016.
CUPRM, PC-1705792.1-0217-0319

ID theft-related tax refund fraud involves fraudulently filing tax returns under another person’s name and Social Security number. Each year, credit unions and credit union members report these schemes impacting them even though the IRS has made significant progress in combating this type of fraud.

Despite this encouraging trend, credit unions should remain vigilant as taxpayer identities continue to be stolen in a number of ways including through data breaches and phishing scams. Since you are on the receiving end of the transaction – refunds via ACH credit or check – you can help combat this fraud by watching for these red flags:

  • Multiple tax refunds deposited to a member’s account
  • Incoming tax refunds via ACH credit where the name does not match the account number
  • Suspicious presentment of refund checks (e.g., double-endorsed checks), or a large number of refund checks deposited to a business member’s (e.g., a check cashing business) account

CUPRM-1704078.1-0217-0319

  • Risk and Insurance Insider
  •   P&C Minute
Are you doing enough to manage hidden risks?

This resource is for informational purposes only. It does not constitute legal advice. Please consult your legal advisors regarding this or any other legal issues relating to your credit union. Any examples provided have been simplified to give you an overview of the importance of selecting appropriate coverage limits, insuring-to-value, and implementing loss prevention techniques. CUNA Mutual Group is the marketing name for CUNA Mutual Holding Company, a mutual insurance holding company, its subsidiaries and affiliates. Insurance products offered to financial institutions and their affiliates are underwritten by CUMIS Insurance Society, Inc. or CUMIS Specialty Insurance Company, members of the CUNA Mutual Group.