Compliance Checklists, ERM Strategies, And Cybercrime

Five can't-miss data points featured this week on

This week on we look at vendor and risk managment strategies, from developing in-house compliance checklists to creating a culture of cybersecurity.

Here are five data points you need to know:


In the wake of the recession, credit unions fell under greater regulatory scrutiny, and ever-evolving compliance requirements grew more complex. Simply keeping up with the speed of regulation change posed challenges.

The NCUA offers questionnaires for internal compliance reviews, but at least one credit union felt the regulator wasn’t updating them fast enough. That was in 2011. Today, Service Credit Unionhas created 22 in-house compliance reviews it evaluateson a rolling, 18-month basis to track how well Service is meeting compliance standards.

To see what these questionnaires look like and how they work, check out How 22 Checklists Help Service Credit Union Stay Compliant

Two Years

Two years ago, Interra Credit Union took major steps to evolve its homegrown approach to and reporting of enterprise risk management. It created a new assistant vice president position to head its ERM efforts, enlisted an outside consultant to conduct a risk assessment, and overhauled its reporting strategy. Those moves have contributed to an organization with staff that speaks the same language, buy in from the top down, and reporting that measures risks in all areas against the same standards.

In >A Forward-Looking Approach To ERM, Angela Pletcher, Interra’s vice president of enterprise risk management, discusses the credit union’s ERM strategy.

$100 Million

Cybercrime is big business. Every year, criminals invest hundreds of millions of dollars in the development of tools to steal billions of dollars. The SWIFT caper alone reportedly involved an investment of seven years and more than $100 million. Whenthe bad guys invest that kind of time and money, they expect big returns. But even smaller-scale thieves have access to tools that allow them to take advantage of smaller, less secure targets.

Learn why cybersecurity is a problem that defies easy definition, solution, provenance, and conclusion in Something Wicked This Way Comes


A recent study by the University of North Carolina at Chapel Hill found that 41% of passwords can be broken offline from previous passwords for the same accounts in a matter of seconds, and five online password guesses suffices to break 17% of accounts.

So while cybersecurity is a leadership issue, it does require action from the entire enterprise. Learn more in How To Create A Culture Of Cybersecurity

28 States

Today, 28 states and Washington, DC, have legalized medicinal marijuana. In addition, eight of those states and DC allow some amount of recreational sales. And the rate of legalization is picking up. Ten states have legalized medicinal marijuana since2012, and five in 2016 alone.

As more states legalize some form of use California, Massachusetts, Maine, and Nevada all passed measures to legalize recreational marijuana in November retailers are being presented with a huge opportunity to grow their customer baseby expanding and renovating their physical retail locations, not dissimilar to the way the credit union branch is being transformed to serve the next generation of member.

See how these retail locations are transforming and what credit unions can learn in When Is It High Time To Legitimize Your Product?

Happy Reading!

April 3, 2017

Keep Reading

View all posts in:
More on:
Scroll to Top
Verified by MonsterInsights