Compliance Blog

Q & A: Is a member notification required if a credit card or debit card has been compromised? By:  Katherine Romano Schnack, Senior Compliance and Corporate Counsel   We are often asked about the notification requirements when there is unauthorized access to personally identifiable information, including credit or debit card numbers. The credit union can learn about unauthorized ...

What are the Approval Requirements for Credit Card Applicants Between the Ages of 18-21? By: Kari Osier, Compliance Specialist We had a recent question asking if we could clarify the regulations regarding the approval of a credit card for an individual between the ages of 18-21. Under the Card Act, issuers are permitted the use of two alternatives ...

Update:  ADA Website Accessibility Claims Asserted Against Illinois Credit Unions By:  Katherine Romano Schnack, Senior Compliance and Corporate Counsel * This is an update to an earlier blog post on June 21, 2017 about the issue of website accessibility claim under the ADA.  A number of Illinois credit unions recently have received letters alleging that the credit union’s ...

It’s Risky Business By: Kevin Shaw, Regional Director Let’s start with something we can all agree on, “Compliance is one of the top things that keep us up at night as credit union professionals. With that being said, I will make a bolder statement “Every credit union in the country is out of compliance in some way”.  ...

Is The CFPB Helping Credit Unions? By: Shannon Basile, Compliance Analyst On October 5, 2017 the Consumer Financial Protection Bureau (CFPB) released its final rule regarding payday loans, vehicle title loans, and certain high-cost installment loans. The CFPB has determined that current payday loan practices are unfair and abusive to consumers.  Therefore the rule is designed to ...

Good communication goes a long way toward resolution By: Patrick Smith, SVP Regulatory Affairs Occasionally, I am contacted by the credit union CEO, staff or board member regarding issues and conflicts that arise during the regulatory examination process.   The conversation usually goes along the lines that the “examiner is asking for documents they have never requested before” ...

VISA Account Updater-Analysis of Opt Out Requirements under the Gramm-Leach-Bliley Act By:  Katherine Romano Schnack, Senior Compliance and Corporate Counsel Visa has declared that its Visa Account Updater (VAU) service is mandatory for all card issuers.  The service provides a channel to provide changes to card and cardholder information to the parties in a Visa card transaction–the ...

Elder abuse is defined by Illinois law as any knowing, intentional, or negligent act by a caregiver or any other person that causes harm or a serious risk of harm to a vulnerable adult. It includes physical, sexual, and emotional abuse, financial exploitation, neglect, self-neglect or abandonment.  It might be physical violence, isolation, or identity ...

The Federal Bureau of Investigation sent a warning to U.S. businesses last year of a new type of business email compromise scam, a.k.a. CEO fraud, that takes aim at personally identifiable information, rather than simply tricking accounting staff into scheduling fraudulent wire transfers.  IC3, the FBI’s Internet Crime Complaint Center, reports that last year it ...

Equifax, one of the major credit reporting agencies, released information on September 7, 2017 that a cybersecurity incident may have potentially impacted approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The ...