The New York Minute: Spring Events, Cybersecurity Updates, Scams Warnings, and More

On By nycuaIn NY Minute

This week in the New York Minute, stay informed about the upcoming Spring CEO Roundtable and cybersecurity regulation deadlines. Then, read about notable community involvement from two credit unions, and hear from the Attorney General about the latest tax scams. Stay in the know on New York credit union news with our weekly blog!

Join Us for the Spring CEO Roundtable!

New York Minute: Join Us for the Spring CEO Roundtable

Calling all credit union leaders: registration is now open for the 2025 Spring CEO Roundtable! Mark your calendars for Thursday, May 15, and join your peers at the Turning Stone Resort Casino for a day of impactful conversation and forward-thinking strategy.

This exclusive gathering is designed for CEOs and executives from credit unions with up to $100 million in assets. Together, we’ll explore the future of our movement, share insights, and collaborate on ways to strengthen and grow New York State’s credit union community.

With a full agenda of facilitated discussions, the Roundtable offers an excellent opportunity to connect, reflect, and lead with purpose. Whether you’re looking to exchange ideas or discover innovative approaches to the challenges ahead, this is the event for you.

The event registration deadline is May 2 and the deadline to reserve a hotel room is April 21. Visit the event page now to secure your spot, book accommodations, and learn more about what’s in store. Let’s shape the future—together.

Event Page

Updated DFS Part 500 Cybersecurity Regulation Deadlines

In the July 31, 2024 New York Minute, we discussed updates to the Department of Financial Services (“DFS”) Part 500 Cybersecurity Regulation (“Part 500”) including changes that were set to take effect in November 2024. This article reviews additional changes that are set to take effect May 1, 2025.

Before discussing the changes, remember that Certifications of Material Compliance or Acknowledgements of Noncompliance are due by April 15 of each year.

As a reminder, Part 500 has different requirements based on entity type. Credit Unions may be Covered Entities, Class A Companies, or Small Businesses and may be fully or partially exempt from Part 500. See the implementation timelines for each business type at the DFS Cybersecurity Resource Center: https://www.dfs.ny.gov/industry_guidance/cybersecurity

All Covered Non-Exempt Entities

Access Privileges and Management  

  • Implement enhanced requirements regarding limiting user access privileges, including privileged account access.  
  • Review access privileges and remove or disable accounts and access that are no longer necessary.  
  • Disable or securely configure all protocols that permit remote control of devices.  
  • Promptly terminate access following personnel departures.  
  • Implement a reasonable written password policy to the extent passwords are used.  

All Covered Non-Exempt Entities Except Small Businesses

Vulnerability Management

  • Conduct automated scans of information systems, and a manual review of systems not covered by such scans to discover, analyze, and report vulnerabilities at a frequency determined by a risk assessment and promptly after any material system changes.
  • Implement controls to protect against malicious code.

Class A Non-Exempt Companies

Monitoring and Training

  • Implement: an endpoint detection and response solution to monitor anomalous activity; and a centralized logging and security event alert solution.
  • CISOs may approve in writing reasonably equivalent or more secure compensating controls.

*Covered Entities—any person operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law, regardless of whether the covered entity is also regulated by other government agencies.

** Class A Company—a Covered Entity including affiliates with at least $20,000,000 in gross annual revenue in each of the last two fiscal years from all business operations in New York and:

  • over 2,000 total employees; or
  • over $1,000,000,000 in total gross annual revenue in each of the last two fiscal years

***Small Business—a Covered Entity including affiliates with:

  • fewer than 20 employees and independent contractors;
  • less than $7,500,000 in gross annual New York revenue in each of the last three fiscal years; or
  • less than $15,000,000 in year-end total assets, calculated in accordance with GAAP

The Summit FCU Raises $3,000 for the Ronald McDonald House Charities of Rochester

The New York Minute: The Summit FCU Raises $3,000 for the Ronald McDonald House Charities of Rochester

Cheers to The Summit FCU for turning fun into philanthropy at this year’s Rochester Wine & Chocolate Festival! Their team recently presented a generous $3,000 donation to Ronald McDonald House Charities of Rochester raised through an interactive spin-the-wheel game at their festival booth.

This donation supports a vital cause: providing a “home-away-from-home” for families with children undergoing critical medical treatment. The Ronald McDonald House offers more than just lodging—it delivers meals, transportation, and a comforting community during some of life’s most challenging moments.

The Summit FCU’s creative and engaging approach to fundraising shows how credit unions can make a meaningful impact beyond financial services. Well done to the entire Summit team for continuing to live the credit union mission of people helping people.

Eric Hepkins Featured on WNY Living to Discuss the Credit Union Difference

The New York Minute: Eric Hepkins on WNY Living

Eric Hepkins, Chairman of the Association’s Board of Directors and CEO of Cornerstone Community FCU, recently appeared on WNY Living to share what makes credit unions stand out from traditional banks. During the interview with Kevin Sylvester, Hepkins emphasized how credit unions are rooted in community and trust.

“Credit Unions are the Farmer’s Market of banking—we’re healthy, local, and served by people we can trust,” he explained. Hepkins also spoke about Cornerstone Community’s 68-year legacy serving Western New York and how that history reflects the broader values of the credit union movement.

His appearance is part of a continued effort to educate the public on the credit union difference: member-owned institutions committed to transparency, community development, and personalized service. Watch the clip from Eric’s appearance below!

Watch

Attorney General Warns New Yorkers Against Scams Ahead of Tax Day

The New York Minute: Attorney General Warns New Yorkers Against Scams Ahead of Tax Day

As Tax Day approaches on April 15, New York Attorney General Letitia James is urging residents to stay alert for common tax scams and to take advantage of Direct File, a free tax filing service available to millions of New Yorkers.

This easy-to-use option allows eligible individuals—those earning up to $200,000 ($250,000 for joint filers)—to file their federal and state taxes online for free, potentially saving hundreds in preparation fees. Attorney General James stresses that no one should be tricked into paying for services or giving away personal information to fraudsters during this time of year.

Scams to watch for include: callers demanding tax payments via gift cards, promises of free prep services that later come with surprise charges, and messages claiming you must repay a tax refund. James encourages taxpayers to always verify the identity of their preparers and to report suspicious activity.

New Yorkers interested in checking their eligibility should visit both the New York State Tax Department and IRS websites. For more info or to report a scam, click below or call 800-771-7755.

Learn More

Stay ahead of the curve by subscribing to receive credit union news and updates directly to your inbox.

Leave a Reply