Posted by Mr. Chad Stanislav, VP Financial & Technology, Credit Union Resources, Inc on 11/30/2015

Hard to believe, we are now in the race towards Christmas!!!!   Sometimes it’s hard to remember what there is to be thankful for after we have been trampled during our black Friday shopping.   There is a tendency to not see the merriest of people on the number one shopping day of the year.  Tomorrow will be December and what we are thankful for will be yesterday’s news but we enter a season that reminds us that we are all truly blessed and thankful year round.

I am thankful for the credit union industry which I have made my work home for 25 years.  I have met some wonderful people who are focused on serving.

I am thankful for the employees I work with because they truly give to credit unions week in and week out where most could not do.

I am thankful for my credit union that provides me a choice to do business with them for their member services or lending options.

I am thankful for credit union members because they make up the very reason we do what we do in credit unions daily.  They allow us to exist.   I know some are thinking, “I’m okay if they don’t exist”, but without the good and the challenging members, we would not be able to remain open and offer so much.

I am thankful for the potential members who have not yet been exposed, learned about, or have not recognized the opportunity they have with a credit union.

I am thankful for family which has allowed me to pursue 25 years and beyond.

As you close another Thanksgiving chapter and begin your Christmas season, be thankful at work, home, community, and where life takes you.

 What are you thankful for?

Have a Merry Christmas, Happy Hanukkah, and Holiday Greetings.  Be safe and be thankful.

Posted by Mr. Idrees Rafiq, Jr., AVP IT Consulting, Credit Union Resources, Inc on 11/18/2015

Credit Unions are more dependent than ever on information technology to conduct business, and the trend is not declining. The complexity and reliance on third party resources is also increasing, resulting in the amplified cyber threats. As a consequence, it is imperative that the board of directors and managers remain “in the know” of cyber security at their credit unions.

The FFIEC stated, “Today’s financial institutions are critically dependent on IT to conduct business operation. This dependence, coupled with increasing sector interconnectedness and rapidly evolving cyber threats, reinforces the need for engagement by the board of directors and senior management.”

The following is an excerpt from the FFIEC IT Examination Handbook Management November 2015 giving guidance:

The board of directors sets the tone and direction for an institution’s use of IT. The board should approve the IT strategic plan, information security program, and other IT-related policies. To carry out their responsibilities, board members should understand IT activities and risks.

The board or a board committee should perform the following:

• Review and approve an IT strategic plan that aligns with the overall business strategy and includes an information security strategy to protect the institution from ongoing and emerging threats, including those related to cybersecurity5

• Promote effective IT governance.

• Oversee processes for approving the institution’s third-party providers, including the third parties’ financial condition, business resilience, and IT security posture.

• Oversee and receive updates on major IT projects, IT budgets, IT priorities, and overall IT performance. The board of directors may need to approve critical projects and activities, such as expanding the institution’s product line to include mobile financial services.

• Oversee the adequacy and allocation of IT resources for funding and personnel.

• Approve policies to escalate and report significant security incidents to the board of directors, steering committee, government agencies, and law enforcement, as appropriate.

• Hold management accountable for identifying, measuring, and mitigating IT risks.

• Provide for independent, comprehensive, and effective audit coverage of IT controls.

The board may delegate the design, implementation, and monitoring of specific IT activities to management or a committee (e.g., IT steering committee). An IT steering committee4 generally comprises senior management and staff from the IT department and other business units. Committee members do not have to be department heads, but members should understand IT policies, standards, and procedures (collectively, policies). Each member should have the authority to make and be held accountable for decisions within their respective business units. If the institution has a formal risk management function, risk management staff should participate in an advisory capacity.

The steering committee typically is responsible for reporting to the board on the status of IT activities. The reports enable the board to make decisions without having to be involved in routine activities. While the board may delegate the design, implementation, and monitoring of certain IT activities to the steering committee, the board remains responsible for overseeing IT activities and should provide a credible challenge6 to management. The steering committee is typically responsible for strategic IT planning, oversight of IT performance, and aligning IT with business needs. The steering committee should have a charter that defines its responsibilities.

The steering committee should receive appropriate information from IT, lines of business, and external sources. Additionally, it should coordinate and monitor the institution’s IT resources. The steering committee should review and determine the adequacy of the institution’s training, including cybersecurity training, for staff. The steering committee should also document meeting minutes and decisions and inform the board of directors of the committee’s activities.

My tip to the board of directors and the management is to work with their IT Department and/or vendors to determine a baseline security standard. This can be accomplished by reviewing the available reports and identifying anomalies that will invoke your incident response procedures.

Categories: Education & Training, Technology Consulting & Compliance
Posted by Vickey Morris, SCMS, CCUE, CUDE, VP Marketing, Cornerstone Credit Union League on 11/17/2015

Today’s post is by guest author David Bach.  David will be the Opening Keynote Speaker at the 2016 Foundation FOCUS Summit in March.


NEVER WIRE money to strangers!

It's so obvious to say this, but I just got involved and fortunately "caught" the most elaborate scam before we were taken.

I was reached out to supposedly by Hillsong Church to do a speech in Cape Town, South Africa for an event called Alive Again Seminar for 2500 people October 9,10,11. (What's amazing, is how they even matched the amount of people at my last event with the speaking request).

The scammers negotiated back and forth with our team on the speakers fees, sent us contracts, reserved rooms at a hotel (Westin Hyatt: whom confirmed a room request had been made).

The only thing they needed BEFORE they could wire our speaker fee was my work permit for South Africa. They referred us to their person that handled the permits to expedite it as the event was in October.

So far most of this is not of this is out of the norm.

UNTIL...drum roll please...

"We will need a WESTERN UNION WIRE TRANSFER for $895 (they even broke out the permit fee and the VAT tax portion)". Could you please pay that first....


We then did the obvious and reached out to directly to Hillsong to confirm whether or not this request was real. We did that the old fashion way, picked up the phone and called them.

They immediately informed us that it was a "scam" and this has been going on for sometime. They could not have been nicer and were so apologetic even though they had nothing to do with it.


To any other of my friends, if you hear from a PASTOR ANDRE OLIVER, its a scam (or do what we did and reach out to the Church directly).

AMAZING, the length people will go to scam you out of your money.

Moral NEVER, NEVER wire money to anyone you don't know.


Maybe this will save someone else from being scammed.

And now I REALLY WANT TO COME TO SOUTH AFRICA, do real speeches and visit the amazing country. My wife and I were so excited to visit Cape Town for our first time. Now we need to go make that happen...for real. Any South Africa friends out there?



Categories: Education & Training, Sales & Service
Page 1 of 120 (359 items)
Subscribe to the Blog

Categories & Archives
Category Filter

Author Filter




Connect: FacebookTwitter©  Credit Union Resources, Inc. All rights reserved.


Contact Us
4455 LBJ Freeway
Suite 1100
Dallas, Texas 75244-5998
Phone: (469) 385-6400
Toll Free: (800) 442-5762
Online Form