The NCUA published a final rule amending 12 CFR Part 749 on vital records preservation. Learn what the rule says and how it applies to your credit union.
The CSBS released a practical cyber hygiene guide built for community financial institutions. Here's what it covers, how to use it, and what your Board and examiners will be asking about it.
Discover how vibe coding and AI citizen developers create compliance and security risks for community banks and credit unions, and what controls to put in place.
Federal banking regulators are increasingly approaching AI with cautious optimism. Here's what community banks and credit unions need to know in 2026.
When IT assets hit their sunset phase, most people would rather be anywhere else. But if you work for a financial institution, managing IT asset end-of-life (EOL) isn’t just a good idea; it’s a requirement.
How can you handle EOL without the stress? Let’s take a look.
As artificial intelligence (AI) becomes more integrated with business operations, it’s increasingly important to develop clear policies to manage AI-related risks, maintain compliance, and uphold ethical standards. Here’s what you should consider when creating an AI policy for your organization.
Federal banking agencies have emphasized that AI can be both beneficial and harmful, highlighting the need for careful use. Let’s look at some of the specific things that regulators have said about AI.
Model risk management is an evolving topic for community banks and credit unions. While models have been around for a long time, their prevalence in artificial intelligence (AI), machine learning (ML), and other third-party software applications makes understanding and managing them more important than ever. Let’s dive into some frequently asked questions about model risk management.
A service level agreement (SLA) is a specific type of contract between a vendor and a business. It defines performance measures and compensation options for the times when a vendor can’t hold up their end of the bargain. Let’s dive into some specifics about what this looks like and what you (as a vendor manager who cares about information security) need to do about it.
On June 3, 2024, the Securities and Exchange Commission (SEC) published a final rule titled Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information. The rule amends 17 CFR Part 248 and enhances the SEC’s cybersecurity and incident response requirements.
On May 3, 2024, three of the federal banking agencies published a new Third-Party Risk Management Guide for Community Banks. Learn more about the guidance and how it applies to your organization.
