Cybersecurity: NCUA ACET Creep

Credit unions—don’t let NCUA’s automated cybersecurity examination creep up on you! January of this year, the Credit Union Times (CUT) reported that the NCUA board met and set a goal for the agency to finish cybersecurity reviews with the agency’s relatively new exam tool (ACET) by the end of the year at all federally insured credit unions with assets greater than $1 billion.  The board adopted its annual performance report in the same meeting.  The report sets agency goals and benchmarks for the coming year. 

It  also set a goal of conducting cybersecurity evaluations by the end of the year at 38% of all credit unions with assets between $250 million and $1 billion.

Further, the report stated that by the end of 2023, the agency said it wants to have completed cybersecurity reviews using the Automated Cybersecurity Examination Toolbox at all federally insured credit unions with assets greater than $250 million, with credit unions under $250 million on the agency’s radar soon after.

So, what can credit unions do to prepare? Click here to check out NCUA’s 2019 Supervisory Priorities letter to credit unions to read up on the section titled, ‘Information Systems and Assurance’ that sets out examiners intended use of ACET.  Also, take a look at NCUA’s Cybersecurity Resources site.

 Need help evaluating your credit union’s readiness for NCUA’s examination using its Automated Cybersecurity Examination Toolbox (ACE)?  Well help is here! NJCUL has partnered with Redstone Consulting Group.  Click here to take advantage of Redstone’s ACET Collaboration Portal, designed to help credit unions prepare for NCUA cybersecurity examinations.  The Portal automates many of the aspects of exam preparation by using workflow, document management, progress tracking, and collaboration tools to increase the CU team’s productivity.

And, don’t forget, register today for NJCUL’s upcoming Cybersecurity Workshop, September 10.