According to CUNA Mutual Group, emerging risks can be difficult to quantify in terms of speed of onset and potential impacts. If ignored, they can significantly affect a credit union’s financial stability, business strategies and reputation. But when monitored and managed diligently, having mitigation strategies can help keep a credit union out of harm’s way and assist the leadership team in assessing how risks could affect long-term plans and business objectives.
CUNA Mutual Group is encouraging credit unions to prepare for the following emerging risks:
- American with Disabilities Act and website Compliance: Law firms representing private litigants are pursuing credit unions aggressively, alleging their websites and mobile applications are not accessible to those with disabilities. To ensure compliance with the ADA, which requires organizations to make accessibility accommodations to ensure the disabled public can access the same services as clients who are not disabled, credit unions should identify content that may not be readily accessible to individuals with visual, auditory, and/or cognitive disabilities and develop policies to address these limitations. Additional details can be found in a webcast hosted by CUNA Mutual Group.
- EMV fuel pump liability delay: Card associations have delayed the EMV activation deadline for fuel pumps from October 2017 to October 2020. “Pay-at-the-pump” systems have traditionally been a ripe target for fraudulent transactions. But the delay in mandatory upgrades may further increase the frequency of skimming fraud. To mitigate this growing risk, credit unions should spend time educating members on protecting their information. Additionally, credit unions that haven’t implemented EMV on their credit and debit cards should make this a priority.
- Synthetic identity fraud: As credit unions have developed strategies to combat point-of-sale fraud, fraudsters have shifted their activities to opening new accounts and obtaining plastic cards and loans with fake identities. Synthetic identity fraud uses the creation of fictitious identities, often with a combination of real data and fabricated information. For example, a fraudster may combine an individual’s Social Security Number with another person’s name and another’s address to create a brand-new identity. Since the real person won’t see activity on an account created with their social security number without their name or address, they likely will not realize any fraudulent activity has occurred.Credit unions should develop a layered approach to addressing synthetic identity theft. This approach should consist of leveraging third-party data and fraud detection tools, as well as reviewing existing operational workflows to identify potential gaps in credit assessment, member identification and collection processes.