In Partnership with Credit Union National Association
Go to main content
SOC - FacebookSOC - TwitterSOC - LinkedINSOC - YouTube
Michigan Credit Union League

Compliance Conference |
Agenda and Handouts

February 11 & 12, 2016 |  Radisson Plaza Hotel, Kalamazoo

Download Select Handouts Below

February 11, 2016

8:00 – 9:00 a.m.
Registration and Continental Breakfast    

9:00 – 10:00 a.m.
Cybersecurity: There is No Gambling with Member Data!
Tom Schauer (Handout)
Most credit unions have not experienced a breach. But would they be able to say with certainty that a breach would be rapidly detected and thwarted? How to know for sure?  This talk explores the use of breach simulation as an effective means to predict the impact of a breach and provides practical advice regarding the top ten activities that credit unions must focus upon to reduce cybersecurity risks. Join in this discussion that will explain the threatscape facing credit unions today, how to understand breach simulation and its benefits and what the top cybersecurity activities credit unions need to focus on.
10:00 – 10:15 a.m.
10:15 – 11:15 a.m.
Cybersecurity Exam: Examiners Perspective
John Kolhoff and Larry Schoeberl
Discuss the new examination programs DIFS and NCUA will be utilizing to assess an institutions ability to measure and manage cybersecurity risk. Reference information will include where to find the FFIEC sybersecurity self-assessment model and how it works.  

11:15 – 11:30 a.m.

11:30 a.m. – 12:30 p.m.
Building Effective Internal Cyber Policies and Procedures
Patrick Sickles
The good news is that many many credit unions already have effective cyber policies and procedures. Join in this informative session that will provide a valuable review to help tweak or overhaul current data protection policies, and package them to impress examiners and improve the protection of members.

12:30 – 1:30 p.m.

MCUA Update
Ken Ross

1:30 – 2:30 p.m.        
FFIEC Cybersecurity Self Assessment:
Critical Tool or Another Pointless Risk Assessment? 

Tom Schauer
In June of 2015, the FFIEC delivered their Cybersecurity Assessment Tool (CAT). The tool is designed to consistently evaluate Cybersecurity controls at all financial institutions. The NCUA participated in the development of the tool and, while initially designated as voluntary, the NCUA will be expecting use of the tool by mid-2016. This presentation will discuss the tool, how it can be used to complement other security activities and what to expect from examinations.

2:30 – 2:45 p.m.

2:45 – 4:00 p.m.    
Third Party Technology Contracts: Understand the Risk   
Brian Vitale
Federal Financial Institutions Examination Council (FFIEC) details what IT programs must include, what is required to be mitigated and what it expects in order to ensure ongoing vendor due diligence. No doubt, outsourcing financial institution critical functions to third-party vendors delivers heightened operational risk and commensurate examiner scrutiny. FFIEC’s ‘Outsourcing Technology Services’ booklet provides guidance financial institutions should follow “to establish, manage and monitor IT outsourcing relationships.” This presentation provides an overview of governing regulations, examiner expectations and best-practice vendor management sustained governance.

4:00 – 5:00 p.m.
Networking Reception    

February 12, 2016

8:00 – 9:00 a.m.
Registration and Pancake Breakfast

8:15 – 9:00 a.m.
Optional: Pancakes and Getting More From CU Policy Pro  
Mary Ann Koelzer
Learn how to get even more from CU PolicyPro, an online resource with more than 200 credit union specific model operations policies. Because each credit union is unique, CU PolicyPro not only includes the model policy content, but a full policy management system that allows customizing any model policy to fit a credit union’s individual operations. Existing polices can also be added to and maintained within the system. CU PolicyPro’s publishing tool lets users compile multiple policies into one printable document that can be posted in read-only format for staff, board or examiners to view. The technical training session is designed to help users learn to use the policy management tools in the system and to take full advantage of CU PolicyPro’s extensive features. The session will focus on the technical upgrades to CU PolicyPro (scheduled for release January 2016) and walk through the new features and functionality. It will also go through the CU PolicyPro Top 10 Frequently Asked Questions, look at how to manage content updates, and how to use the Working Manual report to review custom policies to target those that need additional attention and updates. This session assumes a good working knowledge of the CU PolicyPro content editing system.  Those not yet familiar with CU PolicyPro but who would like to take advantage of this training opportunity, may complete the New User Video Training Series found online at prior to attending this session.  

9:00 – 10:30 a.m.
With So Much Change, Be Sure to Stay Up to Date!  
Glory LeDu, Sarah Stevenson and Barb Boyd
It is not that credit union’s do not want to comply, it is just becoming more and more challenging to keep up to date in this regulatory environment--and things are slipping through the cracks! This session talks about the recent regulatory changes that credit unions need to be aware of, including the Military Lending Act, Home Mortgage Disclosure Act, Flood Insurance and Mortgage Lending changes in general.

10:30 – 11:00 a.m.
Break & Hotel Check Out    

11:00 a.m. – Noon
Compliance Helpline Top 10 Issues 
Glory LeDu, Sarah Stevenson and Barb Boyd
The Compliance Helpline receives questions on various topics and issues from credit unions across the state and loves to hear from our member credit unions! This session shares the top ten “burning” questions that are asked, ranging from account issues, to lending, and everything in between. Time will also be allowed for attendee Q&A.  

Noon – 1:00 p.m.

12:15 – 1:00 p.m.
Optional Lunch and Learn
Barb Boyd
Learn how ComplySight, a self-assessment tool can help credit unions stay on top of regulatory changes and manage the compliance jungle. This interactive session comes with the BONUS of a 30-day FREE trial of ComplySight! Those wishing to attend will need to bring their laptop, and – by February 5 – click on this link so the free trial site will be ready in time for this session:

1:00 – 2:15 p.m.        
Obtaining Credit Reports Properly:
Understanding Permissible Purposes under the Fair Credit Reporting Act

Steve Van Beek
The Fair Credit Reporting Act (FCRA) includes restrictions on when credit unions can obtain and use credit reports. This session outlines the “permissible purposes” that credit unions can use to obtain and use credit reports as part of their operations. Regardless of whether  opening a new membership, reviewing a loan application, reviewing an existing account or attempting to cross-sell other credit union products and services, employees need a permissible purpose to obtain and use a member’s credit report. This session reviews prior regulatory guidance and requirements to help credit unions understand whether changes to existing procedures are necessary.

2:15 – 2:30 p.m.

2:30 – 3:30 p.m.
Innovation in Consumer Payments:
Staying Relevant and Compliant All at the Same Time

Amy Smith
The market is flooded with new ways to enable consumers to make payments. Smart phones, watches, biometrics and tokens. And the marketing team wants to offer it all! Join in for a discussion on what is out there and how to ensure a credit unions compliance foundation is strong enough to support the latest-and-greatest payment solutions. Attendees will gain a better understanding of what is key to keeping credit unions out of hot water in the midst of jaw dropping innovation.

3:30 – 4:00 p.m.
Compliance Panel and Closing Remarks
Steve Van Beek, Glory LeDu, Sarah Stevenson & Barb Boyd
Bring those final questions that will be addressed by this panel of compliance experts and stay for the excitement and prizes as another successful Compliance Conference wraps up.


Go to main navigation
Especially For: