Posted by Mr. Bill Meyer, Public Relations & Content Manager, Credit Union Direct Lending on 8/4/2020

We are living in fast-changing times. Lenders that fail to meet the changing demands of their borrowers will be ill-equipped to compete for their business. While other industries have learned to deliver high levels of customer engagement and satisfaction online, many lenders are still originating loans much as they were 20 years ago.

However, COVID-19 may be the catalyst that drives the industry forward.

What will mortgage lending look like in the post-COVID world?

Setting the mortgage industry up for success

While the full effects of the global pandemic are yet unknown, we do know that it has driven commerce online. The tech giants have done a great job of keeping consumers transacting, even for some very complex products and services.

To do the same for home finance, lenders must meet a number of new borrower requirements. Doing so will require a mix of new technology and new processes.

In a recent webinar, we laid out the requirements necessary for lenders to meet borrower expectations, gain a marketplace edge and sustain loan growth.

A customized experience on any device

There is no one-size-fits-all approach to the new mortgage lending business. Consumers want the freedom to transact on any device and receive a personalized experience.

Easy online pricing and shopping

Mortgage borrowers are beginning their journey online. If they don’t find a lender’s offerings there, they will simply seek out another lender. This is how today’s consumers shop.

Scenario building and comparison capability

Today’s borrowers don’t just want to find products. They want to understand how their various options stack up against each other. It falls to the lender to make this clear to them

An easy and intuitive online application

We know from experience that if we don’t make the application simple and convenient lenders won’t get prospective borrowers to apply. Once we get the information required to issue a Loan Estimate, the clock starts ticking.

Interactive workflows

The process must be customizable for different borrowers and products. Lenders must efficiently collect the information needed to close, working in parallel if possible. Closing electronically is the goal.

Maintain constant communication

Throughout all of this, the lender must remain in contact with the borrower. This is where the big tech firms have set the bar. Failure to keep consumers informed degrades their experience.

Delivering on the new mortgage promise

Some of this technology is already available to mortgage lenders, but few if any lenders have combined all of this into a seamless offering for American home loan borrowers. To do that will require a great deal of thought, strategic planning, and a high degree of automation that goes well beyond simple business rules loaded into a decisioning engine.

The key to success will involve deploying technology that is advanced enough to know when a deal requires the attention of a human. Only with exception-based processing can we scale the type of loan origination experience that today’s borrowers demand. But it will take more than that.

As our developers worked to complete the Origence Mortgage Loan Origination System, they uncovered three areas where technology offered significant benefits to lenders.

  • Document Processing – document-to-data transformation using OCR, ADR and machine learning; the automation of document and service ordering, document stacking and delivery and data ingestion.
  • Compliance Automation – compliance checks automatically conducted by the software at various points in the process, as well as the ability to create and respond to dynamically-generated compliance conditions.
  • Workplan Automation – the identification of required documents as well as dynamic tasking, conditioning and reconditioning.

Fortunately, Origence is now bringing together all of the functionality required to succeed in the new, post-COVID-19 lending marketplace. To find out more about the platform, reach out to us today.

Categories: Technology Consulting & Compliance
Posted by Jon Allen, II, VP, ISSO, Catalyst Corporate FCU on 7/23/2020

The role of cybersecurity in the credit union industry is primarily one of protecting member data against unauthorized and/or malicious access. Data includes identity of an individual, a credit union, a business, or an accounting function, or any combination thereof, that could be used in an exploitative manner. Loss of any form of identity can enable unauthorized persons to access funds or intellectual property and could expose vulnerabilities causing a breach, an incident response, and ultimately a disruption of credit union services.

Ultimately, the cybersecurity team is in place to protect its members' data and to maintain the sanctity of the financial transaction system, while simultaneously providing confidentiality, integrity, and accessibility of all systems involved in the transaction process.

Compliance is a crucial part of a robust cybersecurity program and focuses on following rules and requirements set by the industry’s governing bodies. The National Credit Union Administration (NCUA), the regulatory entity for credit unions, makes available and regularly updates compliance requirements for credit unions (12 CFR Part 748: Guidelines for Safeguarding Member Information). The NCUA expects credit unions to have appropriate board-sponsored policies and procedures in place to anticipate, identify, and mitigate cybersecurity risks, with a specific focus on Gramm-Leach-Bliley Act (GLBA) defined data types.

To establish a successful cybersecurity program from the ground up, start by selecting and analyzing one of several common security frameworks (CSF), such as the NIST (National Institute of Standards) Special Publication 800-53 security controls and assessment procedures framework. Use a spreadsheet or scorecard, often publicly available with these frameworks, to identify gaps in your program and develop a cybersecurity maturity roadmap. In addition, refer to the NCUA's website for current year guidance, memos, and articles on how to get started or what to expect in upcoming reviews of your institution’s controls.

Credit unions should consider tracking cybersecurity program maturity progress against the NCUA’s Automated Cybersecurity Examination Tool (ACET) or the Federal Financial Institutions Examination Council's (FFIEC) Cybersecurity Assessment Tool (CAT). The ACET and CAT are gap analysis and risk profiling tools that help credit unions define the level of cybersecurity maturity they have reached or must reach to account for the amount of risk inherent in the institution’s technical complexity.

Initial design and capacity planning of a cybersecurity program should begin with a risk assessment. The risk assessment helps determine existing gaps and current risks. Cybersecurity architects can work directly with operational risk analysts, who can apply a monetary value to quantify risks so that leadership can make more informed decisions. Of course, a cybersecurity leader should then evaluate the cost of mitigating the risk versus the cost of a potential exploited risk.

It is best to prioritize risk mitigation based on various factors, including tools and protections already in place, likelihood and impact of occurrence, cost and stability of corrective technology, and human resources required to implement the solution. Credit unions often find prioritization challenging, because they usually run lean staffs who tend to wear multiple hats.

In such situations, best practice is to allow the risk assessment to drive project prioritization of cybersecurity tools, processes, procedures, and controls and to include such projects in the same pipeline that provides member-facing feature enhancements and revenue-generating services and products. Inclusion in board-supported project management reporting is critical to the success of security initiatives, as such projects regularly impact large portions of the credit union’s employee base and/or members.

If a credit union is currently designing its security infrastructure, consider “containerizing” the applications made available to employees. A containerized application infrastructure is a great way to implement “zero trust” within a network and enable incident responders to act swiftly against threats to IT assets without fear of interrupting availability to resilient systems. Micro-segmentation has also proven very effective at stopping attackers from traversing a network if they do manage to gain access to a single system. Maintaining a least-privilege access model, including stringent restrictions for elevated-privilege accounts, along with required multi-factor authentication (MFA) to critical systems and VPNs or remote connections, will greatly decrease odds of all but non-advanced, persistent threat type attacks.

Once a cybersecurity program is established, the credit union’s board of directors or leadership should drive and manage the momentum and provide the support to maintain the program. Effective cybersecurity program management requires a continuous partnership between IT, risk, and security. Together, they establish the company’s perceived level of risk and provide input for the controls necessary to mitigate those risks.

It’s equally important to look at your security awareness training programs, especially now that most employees are working remotely. Continue to keep security at the forefront of their minds. Cybersecurity teams can no longer hang banners and posters around the building to raise security awareness. They must deliver engaging online content that will keep employees interested and that they can apply to their jobs and to their personal lives.

Learn more about three phases of cybersecurity risk measurement and the monetary impact of a cyber-attack.

Categories: Business Partners, Compliance, Technology Consulting & Compliance
Posted by Tamra Gaines, CMM, CUDE, Experiences & Events VP, Cornerstone Credit Union League on 7/7/2020

In our current climate, we are sheltering at home, home-schooling, and conducting more Zoom or Microsoft Teams meetings than ever before. We long for social distancing to wane so we can again make face-to-face connections. This time of uncertainty can be daunting, but it’s also fostering deeper relationships, albeit mostly virtual, in our homes with family and online with friends and co-workers.

As a 25-year veteran event planner, I’ve been part of economic challenges, terrorist attacks, and two pandemics (remember the Bird Flu in 2009). Through it all, we were able to find silver linings and band together as families, co-workers, and communities.

Looking ahead, we will do business differently. As a member-driven trade association, it will never be “business as usual.” Still, I do believe we will strike a balance when it comes to providing the greatest value of professional development for our members. 

Developing people in their job functions and leadership roles will always be vital to an organization’s success. When you stop investing in your people, they will stop investing in the business. Fortunately, your League had already started balancing face-to-face events with online offerings. We’re also creating an e-learning portal, so we’re well-positioned to take on the changes ahead. 

In-person meetings are not dead. As humans, we have a desire to connect, engage, and network in real time. That being said, there is now more opportunities to use technology in a way that supports our members while practicing caution as we face so many unknowns. We’ve heard from many credit union CEOs about how they are using CU Webinars not only to support continued education but also to keep staff engaged during a time when they may not have a full workload. With more options for webinars and virtual events, consider how you can expand the number of staff who receive valuable training. Supporting education through your League is the equivalent of “supporting local,” and we strive to earn your business every day. 

Although we will pivot to provide more webinars and new virtual conferences, we will still offer in-person meetings. The difference will be what I call “COVID-19 Best Practices,” with more social distancing, hand-washing stations and hand sanitizers, and a flexible refund policy should we need to change direction at the last minute. When we do meet in person, we will get creative with food service, room layout, and networking. We want our members to feel confident registering for events, knowing that we are monitoring the pandemic climate and will adjust as needed for the safety of our staff and members. 

I have been asked if I think all meetings will be virtual moving forward since we know we can accommodate that medium. I am confident when I say that there will continue to be value in face-to-face meetings. Like with most things, it’s about striking a balance. The lessons that can be learned during a 30-60-90-minute webinar should be conducted as such. Developing 5-10-minute videos for microlearning will help to offer those with limited time the opportunity to get training. Face-to-face meetings will provide engagement to network with others and discuss common challenges and interests and work through solutions. 

Live, in-person meetings will change. However, organizations that primarily focus on regional meetings like ours will fare the best under the new norm. Whether you attend an event in person or online, the critical factor is participation. Now more than ever, we need to come together, share ideas, and learn new processes. 

The 2020 State of the Conference Industry Report conducted by OmniPress reflects the responses collected through an online survey of 125 association and corporate professionals who are primarily responsible for conference planning. According to the report, the content sourced and shared at a conference will need to work harder to achieve growth and success in 2020 and beyond. This content must serve a purpose beyond marketing next year’s event because the conference format is evolving from an annual event to a year-round learning strategy. Rest assured, your League has been and continues to be focused on providing more value for our members. 

In summary, Cornerstone will strive to earn your participation in professional development offerings, whether online or in person. We will work to strike the right balance based on the safest way to conduct meetings or events. We look forward to serving you.


Categories: Business Partners, Financial & Auditing, Marketing & Printing, Research, Sales & Service, Strategic Planning & Consulting
Page 1 of 238 (714 items)
Subscribe to the Blog

Categories & Archives
Category Filter

Author Filter




Connect: FacebookTwitter©  Credit Union Resources, Inc. All rights reserved.


Contact Us
6801 Parkwood Blvd.
Suite 300
Plano, Texas 75024
Phone: (469) 385-6400
Toll Free: (800) 442-5762
General Inquiries