- TruStage business resources
- TruStage speaker resources & topics
- Managing Risks and Compliance
Managing risks and compliance topics
Emerging risk outlook
Keeping ahead of the complex array of ever-changing risks, compliance issues, and industry regulations that are impacting credit unions requires keen awareness, effective preparation, and loss control scrutiny. When risk management is effective, typically nothing bad happens. But, if you’re blindsided by a problem, your credit union reputation takes the hit. Don’t let not knowing which emerging risks are around the corner take the blame. While each credit union has its own unique risk footprint, this Emerging Risks Outlook introduces risks and trends that should be on your radar.
Key Takeaway: Effective risk management in credit unions hinges on proactive awareness and preparation for evolving compliance, regulatory challenges, and industry-specific threats, ensuring the institution's reputation remains intact by avoiding unforeseen vulnerabilities.
Navigating litigation trends
Class action lawsuits and litigation can present significant risks to credit union. Credit unions need to exercise caution as it relates to strategy and risk. And keeping ahead of the complex array of ever-changing risks and litigation challenges is critical. This session will cover topics such as:
- Overdraft / NSF fee litigation
- Collection letters (defective post-repossession notices)
- Wage & hours and FLSA
- Foreign transaction fees
- Peer-to-Peer (P2P) fraud & Reg E
- FCRA
- Fair lending
Key Takeaway: Credit unions must stay ahead of litigation trends and manage risks in areas like overdraft fees, collection practices, wage laws, transaction fees, P2P fraud, and compliance issues to mitigate potential legal challenges effectively.
Don’t fall victim: Fraud & scams
Fraudsters are constantly evolving their tactics and identifying new, sophisticated ways to steal money and data from employees and members. Using common channels like emails, text, and phone calls; fraudsters typically disguise their identity while retrieving confidential member information. Their multi-channel approach looks for victims who find their stories convincing and will willingly click on links or share sensitive information, which can be used to authorize and transact many types of transactions.
This session covers various forms of check fraud; business email compromise; fraudulent instruction; ransomware; account fraud; consumer scams; elder abuse and more.
Key Takeaway: Enhance vigilance against sophisticated fraud attempts through emails, texts, and calls, aiming to protect sensitive data by recognizing and preventing a range of scams, including check fraud, ransomware, and elder abuse.
Growing your loan portfolio safely
Credit union growth strategies typically include loan growth — consumer, real estate, business lending, indirect, and digital channels. To optimize these lending growth initiatives, you must navigate the lending landscape by understanding the make-up and opportunities of member engagement, benefits of data analytics, and managing risk related to compliance, fraud, and internal lending controls. This session introduces these unique components of risk and compliance while helping you efficiently and safely identify future lending opportunities.
Key Takeaway: To safely grow your loan portfolio, it's essential to blend member engagement, data analytics, and robust risk management, focusing on compliance and fraud prevention, to identify and capitalize on lending opportunities effectively.
Employment practice risk trends & talent management
When credit unions hire employees, as the employer, you have some responsibilities to that employee and to all future employees. However, new laws and responsibilities have made it clear that treating all employees fairly and equitably without creating additional credit union risk is important. This session will examine the risks, rights, and obligations of employers and employees — in addition to highlighting how well-constructed foundational talent components should be in place. It is critical that your HR professionals and managers understand that company culture and reputation play a significant role in worker attrition.
Key Takeaway: Navigating employment practice risks involves understanding evolving laws and ensuring equitable treatment to minimize risks. Establishing strong talent management foundations, recognizing the impact of company culture on retention, and staying informed about employer and employee rights are essential for maintaining a positive workplace environment and safeguarding against potential legal challenges.
Ransomware & cybersecurity threats
The ransomware business is booming and could be bringing in billions for some of its top bad actors. In addition to extortion demand increases, ransomware has grown in both frequency and severity. A ransomware incident is one of the most disruptive and costly attacks your credit union can suffer. As a result, the cyber insurance marketplace is changing at a rapid pace with increased scrutiny for loss controls being in place. While there’s no foolproof way of preventing ransomware attacks from occurring; however, all too often ransomware can be avoided with the right IT security and risk management procedures.
Key Takeaway: Ransomware's rise in frequency and severity highlights the urgent need for robust IT security and risk management within credit unions. Implementing comprehensive cybersecurity measures and staying informed about evolving threats and insurance requirements are crucial to mitigate risks and avoid potentially devastating ransomware attacks.
The workplace & employee safety
It is critical that credit unions rethink the way to protect people, assets, and reputation. Organizations that perform well in trying times and adapt business practices with risks in mind can minimize negative impact, speed up reputational recovery, and stand out from others who may not be as well prepared. While all threats or reports should be evaluated separately and responses will vary, clear criteria for escalation and intervention should also be defined for incidents such as:
- Robbery
- Active shooter
- Kidnapping and extortion
- Bomb threats
- Social movement
- Employee, member, and visitor behavior
- Slips, trips & falls
No credit union is immune to these types of occurrences. Internal operations and even organizational culture may require modifications to maintain consistent protection of your people.
Key Takeaway: Credit unions must prioritize workplace and employee safety, adapting practices and culture to address risks effectively. Establishing clear response strategies for incidents like robberies, active threats, and workplace accidents is crucial for safeguarding individuals and the organization's reputation.
Ensuring the vendor delivers upon expectations (vendor due diligence)
Organizations today are not simply comprised of one internal team. Credit unions, small and large alike, collaborate with partners, vendors, and other third parties. While you can outsource the service; remember, you still own the responsibility of this critical business practice. Managing risks associated with these relationships is a critical aspect to maintaining a successful operation. While vendor risk management can seem like a daunting task; you should establish processes to evaluate and manage associated risks before entering, during, and even after the vendor relationship ends.
Key Takeaway: In managing vendor relationships, credit unions must remember that while services can be outsourced, the responsibility for those services remains internal. Establishing thorough due diligence processes for evaluating and managing vendor risks is essential at every stage of the partnership to ensure operational success and compliance.