The purpose of this letter is to make you aware of important guidance recently released by the Federal Financial Institutions Examination Council (FFIEC)1 to financial institutions concerning information security precautions during the century rollover period. Credit unions should be aware that they may be more likely to experience fraudulent attempts to exploit information systems during the century date change period. Credit unions should ensure they have sufficient policies and procedures in place to:
- monitor systems for fraudulent and malicious activity;
- distinguish between such attempts and routine software problems; and
- implement corrective controls in a timely manner.
Enclosed is the FFIEC Press Release and “Information Security Precautions During the Century Rollover Period” guidance paper.
If you have any questions or concerns, please contact your NCUA Regional Office or State Supervisory Authority.
Norman E. D’Amours
1 National Credit Union Administration, Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, Office of Thrift Supervision