Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

CU System Archive

CU System

CUNA Working to Determine Impact of Target Breach on CUs

 Permanent link
WASHINGTON (12/20/13)--The Credit Union National Association's regulatory staff is working with CO-OP Financial Services, CUNA Mutual Group and others, including PSCU, Financial Services Information Sharing (FS-ISAC), Visa and MasterCard, to determine the potential impact on credit unions and their members related to the massive data breach confirmed Thursday at retail giant Target.

The organizations are also providing information to mitigate the risks for credit unions and their members.

"We're keeping a close eye on the breach of debit and credit card information from Target stores, which exploded in headlines across the nation Thursday," said CUNA President/CEO Bill Cheney. "We've already been in touch with Visa and other major card payments processors to ascertain the impact on credit unions, if any," he said.

"This latest breach--while at this point reportedly smaller than the March 2007 TJX Cos. Inc. breach--once more raises the issue of the retailers' responsibility in securing information for card transactions at their stores," Cheney said.  "Credit unions and other financials typically foot the bill for the breaches, in forms of issuing new cards and other security responses--as well as the reputational costs to member and customer trust in financial transactions using cards."

Target confirmed that roughly 40 million holiday shoppers' credit and debit cards may have been compromised in the breach. Meanwhile there are things that credit unions can do to mitigate the losses for their members.

The breach involves credit or debit purchases from Target's U.S. stores during the prime holiday shopping season--from Nov. 27 through Dec. 15, said Target's notice to consumers on its website.  The information compromised included customers' name, credit or debit card number, and the card's three-digit CVV security code.
The card data at risk involves the compromise of the entire magnetic stripe data, both Track 1 and Track 2," said Phil Tschudy, media relations manager of CUNA Mutual Group. "We strongly recommend credit unions consider blocking and reissuing the impacted open card numbers. Credit unions electing not to block and reissue could experience magnetic stripe fraud in the future," he added.
He noted that CUNA Mutual will send a risk alert out today with more details of the breach as well as a number of tips on mitigating the risks and that it "will continue to monitor this situation with Visa and MasterCard and will notify our policyholders when new information becomes available."
CO-OP Financial Services said it was sending out an alert also. So far no PIN fraud--where cyberthieves take the information compromised and use it to withdraw cash from ATMs--has occurred, said Connie Trudgeon, vice president of CO-OP Financial Services, during a conference call with  Dennis Tsang, assistant general counsel for regulatory research at CUNA.

CO-OP Financial Services partner CardAlert monitors a wider base of points of compromise and has detected no PIN fraud associated with the breach, Trudgeon said.  These aren't at risk of online fraud because the magnetic strip information, used for counterfeit cards, is not available. "We will continue to monitor it and to get the bigger picture" of the impact, she told CUNA.
Before Target confirmed the breach, CO-OP sent an alert to credit unions and financial institutions Wednesday. Thursday it prepared a follow-up alert advising credit unions to tell members to pay close attention to their credit and debit card accounts. Credit unions also should use their discretion on reissuing cards, closely monitoring the impact of potential losses with the effect on service to members.  Credit unions are different in how they go about approaching breaches, she said.
Visa Compromised Account Management System and MasterCard Account Data Compromise services are working on creating files of compromised account numbers for processors and issuers. MasterCard started releasing compromised numbers to institutions as soon as it received word of the breach, said CO-OP.
Essentially credit unions have two primary options in handling potentially compromised cards:
  • Monitor transaction activity without blocking or reissuing a card, encourage members to monitor their transaction activity online and sign up for alerts; or
  • Block and reissue a new account or card. Blocking and reissuing a new account minimizes inconvenience to the member just before Christmas but potentially subjects the credit union to more fraud losses. Blocking and reissuing a new card potentially minimizes fraud loss to the credit union, but means significant inconvenience to members who would be without a card at a critical time of year for purchases. This in turn could create reputational risk and possibly cause the member to choose another card as their primary card.
"Across the board, credit unions should know whether they are in a neural network and have a monitoring system in place to support them. Some big credit unions will do this in-house," Trudgeon said.  Credit unions must determine their daily fraud limits and what their exposure is, manage that and act on best practices.
Bill Freer, CO-OP risk manager, noted that it will take time to go through the extensive list of compromised card numbers to determine exactly how many are impacted by fraud.  So far, the numbers involve purchases made in brick and mortar stores, not online transactions.
Credit unions receiving inquiries from members about the breach can share Target's press release and its Letter to Guest from the Target website. Use the links to access these.  They also can:
  • Determine if the member shopped during the Nov. 27-Dec. 15 timeframe;
  • Suggest members monitor their account online for suspicious or unusual activity. If they spot such activity, tell them to contact the credit union immediately to report the occurrences;
  • Inform members about the limitations on their liability for unauthorized activity;
  • Follow the credit union's established procedures for handling reports of unauthorized activity for either debit cards or credit cards;
  • Let the member know they may choose to change the PIN on their debit card; and
  • Follow normal procedures if the member requests a replacement card.
The Electronic Payments Coalition, of which CUNA is a member, said it has had a number of inquiries about the breach and will provide more information as it becomes available. 

"Electronic payments provide consumers and merchants with many benefits including security, convenience, speed and guaranteed payment. During a breach, our first concern is for the consumers whose information was exposed and for them to be reassured that they will not be held liable for fraudulent transactions," the coalition said in a statement. "We also appreciate the impact that breaches will have on community banks and credit unions whose top priority is the protection of their customer, which can include costs such as the reissuing of cards and covering any losses their consumers incur," the coalition added.

Target has 1,797 stores in the U.S. and 124 in Canada. No Canadian stores are involved in the breach, so far. The compromised numbers are across the entire U.S., with no specific region emphasized.

Target said it is working closely with law enforcement and financial institutions, and has identified and resolved the breach issue.

"Target's first priority is preserving the trust of our guests, and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause," said Gregg Steinhafel, chairman, president/CEO of Target.  "We take this matter very seriously and are working with law enforcement to bring those responsible to justice."

Watch for updates from News Now with risk alert information.

Collaboration Successes, Struggles Noted in Filene Case Studies

 Permanent link
MADISON, Wis. (12/20/13)--Credit unions pride themselves on their ability to work together, and the benefits of collaboration are well-documented, but collaboration is far from easy, according to a new report from the Filene Research Institute.
The report includes 11 case studies and provides checklists from both long-time and first-time collaborators that credit unions can use to develop their own initiatives.
Among the keys to success for credit union collaboration outlined in the report:
  • Think broadly. Collaboration isn't easy, and it won't always save money. In the end it's not just nice to have--it's critical to the survival of the credit union system. "You might say, 'Look, if I buy this system alone it costs x, but if we buy it as a group it's one quarter of X,'" said Kirk Drake, president/CEO of Ongoing Operations, a credit union service organization dedicated to disaster recovery and a CUNA Strategic Services provider. "But the reality is that you were never going to pay x. A collaboration might end up costing you money, but you have to weigh the benefits of improved performance or member service."
  • Choose the right partners. The choice of partners can make--or break--the success of a collaboration. Trust is a critical element of effective collaboration, but it will only happen with a track record. Previous relationships with potential collaborators are important, case study participants said.
  • Overcome objections. A CEO-driven mandate from each participating organization is required, according to the case study participants. That said, egos should be checked at the door. "Get over yourself," one participant said. Also, keep in mind that participants may benefit to different degrees. You have to weigh the value of what you gain in the collaboration vs. what you would have gotten without it: nothing," said Mary Beth Spuck, chief administrative officer of TwinStar CU, Lacey, Wash."
  • Get beyond the plateau. Effective collaborations will ebb and flow--but don't assume that a status quo approach is sufficient if a project seems to lose steam. "As a group, we just had a certain level of stick-to-itiveness," Drake said about Ongoing Operations. "We knew that if we maintained the status quo we weren't going to be relevant in the long term--we had to try something new."
To read the report, use the link.

CU System Briefs (12/20/2013)

 Permanent link
  • HOUSTON (12/20/13)--The last two of 25 convicted robbers were sentenced to federal prison for their involvement in a string of 34 violent robberies in Houston. Two separate groups used similar styles of crime: they specifically targeted banks and credit unions located in grocery stores. The armed robbers would forcibly take over the in-store branches, brandishing weapons and assaulting bystanders and employees, according to court records (Federal Information and News Dispatch Dec. 18). The robberies typically occurred between 9 a.m. and noon on weekdays. Eleven defendants were linked to 16 such robberies between 2007 and 2011, and a second group of 14 men were tied to another 18 incidents, including one that resulted in a six-hour standoff with law enforcement ...
  • WASHINGTON (12/20/13)--The Federal Deposit Insurance Corp. has released the winter 2013 issue of Supervisory Insights. The issue features articles of interest to examiners, bankers and supervisors. The topics range from the importance of effective interest-rate risk management, the results of the FDIC's Credit and Consumer Products/Services Survey, and the new Basel III definition of capital. And from the Office of the Comptroller of the Currency, the just-released Semiannual Risk Perspective for fall 2013 details risks facing the banking industry. The report presents data in four areas: the operating environment; condition and performance of the banking system; funding, liquidity, and interest rate risk; and regulatory actions. The OCC says its report focuses on issues that pose threats to the safety and soundness of those financial institutions it regulates and is meant to be a resource to the industry and examiners, as well as public. The report reflects data as of June 30, 2013 ...
  • WASHINGTON (12/20/13)--The Federal Reserve has adjusted the asset-size thresholds it uses to define small banks, small savings associations, intermediate small banks, and intermediate small savings associations under Community Reinvestment Act regulations. Under the new Fed standards, small banks or small savings associations will mean institutions that have held less than $1.202 billion in assets over the past two years. Intermediate small banks or intermediate small savings associations will mean institutions that have held at least $300 million in assets over the past two years but less than $1.202 billion in assets in either of the last two years. These standards will become effective Jan. 1, according to the Fed. The Fed bases these adjustments on changes to the average of the Consumer Price Index for urban wage earners. That index increased by 1.39% between November 2012 and November 2013 ...

TransUnion: Auto Loan Delinquency, Debt to Jump in 2014

 Permanent link
CHICAGO (12/20/13)--Auto loan debt and delinquency both are expected to increase in 2014, according to TransUnion's annual auto loan forecast.
At the national level, the auto loan delinquency rate is projected to rise to 1.19% by the end of 2014. TransUnion estimated 2013 would end with a delinquency rate of 1.1%. The ratio is based on the number of borrowers 60 or more days past due.
In the past six years, the auto loan delinquency rate has been as low as 0.86% in 2012 and as high as 1.59% in 2008. The average delinquency rate for the fourth quarter between 2007 and 2012 was 1.32%
TransUnion said the amount of auto loan debt also is expected to jump to $17,966 at the end of 2014--more than $1,000 from the 2013 year-end projection of $16,942--and cap 15 straight quarterly increases.
"Unless there is a real shock to the economy, we don't envision auto loan debt levels to drop for quite some time," said Peter Turek, automotive vice president, TransUnion. "This is good news for dealers, lenders and consumers, as higher demand for autos will lead to more auto loans, creating incentives for consumers as auto dealers and auto lenders compete for their business."
New- and used-auto loan balances at credit unions grew rapidly in October, increasing 1.2% and 0.9%, respectively, according to the latest monthly credit union estimates from the Credit Union National Association. New-auto loan balances posted the fastest year-over-year loan growth, rising 12%, followed closely by a 10.8% increase in used-auto loans.
Credit unions' 60-day-plus delinquency rate has remained at 1% for the past eight months and should fall to 0.8% in 2014, according to Steve Rick, CUNA senior economist (News Now Dec. 3).
Turek said, "One of the primary drivers for low delinquency rates is the strength of the used-car market; borrowers who cannot afford their car loan payments usually have the option of selling the car and becoming whole on the loan."

He added, "The wide availability of this exit strategy has caused the overall volume of auto loan debt to rise faster than the delinquent volume of auto loans, which leads to a lower delinquency rate--it's a denominator effect."
Maine, Connecticut, Indiana and South Carolina are expected to experience the largest rise in delinquency rates, with Maine topping out at 7%. The biggest declines are projected for Oregon, Utah and Alaska.

Federation Accepting Applications for Secondary Cap Loans

 Permanent link
NEW YORK (12/20/13)--The National Federation of Community Development Credit Unions is accepting applications for secondary capital loans and other deposits through its Community Development Investment Program (CDIP).
The deadline is Jan. 6 for federation members to apply for this round of investments.
CDIP provides capital resources to federation member community development credit unions (CDCUs) that are seeking funds to increase liquidity, boost net worth, mitigate risk and launch innovative products. Secondary capital loans are limited to low-income designated credit unions.
CDIP also is accepting applications for predatory relief and intervention deposits (PRIDEs) and microenterprise deposits.
PRIDEs partially collateralize loans that CDCUs make to combat high-cost, predatory lending in their local communities. Deposits of up to $100,000 are available for payday loan alternatives, auto title lending, assistive technology and tax anticipation lending.
Microenterprise deposits partially collateralize microbusiness loans to expand CDCU lending in local communities.
For applications and more information, use the link.

Golden 1 CU's Community Grants Total $368,400

 Permanent link
SACRAMENTO, Calif. (12/20/13)--Golden 1 CU, Sacramento, Calif., awarded $368,400 in grants last week to 21 nonprofit organizations in the Sacramento/Central Valley region to support literacy and foster youth programs. 
Click to view larger image In the inaugural year of its community grant program, Golden 1 CU, Sacramento, Calif., awarded $368,400 in funding to 21 nonprofit organizations to support literacy and foster youth programs in California. Surrounded by students at Aspire Capitol Academy, Scott Ingram, back row, middle, vice president of Golden 1 CU, presents a $24,800 check to Katie McCleary, back row, third from left, executive director and principal of 916 Ink. (Photo provided by Golden 1 CU.)
"We have always been committed to helping people achieve their dreams," said Donna Bland, president/CEO of $8.2 billion-asset Golden 1 CU. "We advocate for our members by providing the services they need to get ahead, and our grants support the underserved by providing the financial assistance nonprofits need to create a positive impact in our communities."
The Golden 1 CU Community Grant Program, implemented this fall with funding disbursements sent this month, supports programs that provide assistance to young adults emancipated from the state's foster care system and literacy programs that help students develop reading skills.
To celebrate 80 years of service this year, Golden 1 CU also introduced the Golden 1 CU Scholarship program, to provide scholarships totaling $312,000 in renewable financial assistance to 33 students attending California colleges and universities.
Golden 1 also donated $52,500 to local food banks this holiday season and provided thousands more in donations to the United Way and Children's Miracle Network.
Combined, this year Golden 1 CU provided nearly $750,000 in financial support to individuals and organizations in the communities it serves.