Posted by Mr. Michael Salyer, IT Analyst, Credit Union Resources, Inc on 8/21/2017

In today’s business world, mobility is essential. In 2012, according to research from ZDNet, the average mobile worker carried 3.5 devices, which can include a mix of business and personal devices. This number is surely higher today. With the convenience of being able to work remotely from anywhere in the world comes the risk of data loss (destruction) and data breaches. Although the destruction of company data due to a destroyed device can be detrimental to a business, this blog will cover the risk of data breaches which could have a far more devastating and lasting impact.

Remote device security should begin with limiting who has access. Not every employee is going to require it, nor should they be granted access. All remote users, no matter who they are, should go through some kind of basic safety instructions on how to implement and maintain security on their devices. In addition, all devices with remote access must be configured with both a timeout and password, before being allowed to access the business’s data. End users should not be able to disable these functions. Finally, a remote wipe solution should be implemented on all remote devices, whether they be credit union issued or personal devices. Let’s take a closer look at the pros and cons of remote wipe solutions, and what happens if you’re depending too heavily upon them.

Some of the ways remote wipes can be accomplished are as follows:

  1. Some carriers have the ability to remotely wipe phones on their network. They can either do this themselves or instruct the business on how to do it.
  2. Install remote wipe software on the device. The down side to this process is that if a device is taken offline, data could be breached before the wipe could be performed.
  3. Some remote solutions rely on remote apps being in a separate encrypted container, segregated from the rest of the device’s functions. This solution could also include full encryption of the device.

One of the pros of a remote wipe solution should be obvious. Being able to remotely wipe all or a portion of the data from the phone will keep it out of unauthorized hands. Another positive is if this capability is done in house, corrective actions can be taken quickly, without having to rely on a third party. This is also why it’s important that any business that allows remote access should have lost phone procedures for employees to follow. In addition, having the ability to remotely wipe a device will enable the business to quickly remove access to company data when an employee is terminated.

Some cons would include, even with having a Bring Your Own Device (BYOD) policy, employees feeling uncomfortable with their employer having the ability to wipe their personal device. The employee should realize that this will be part of the risk, if they plan on using their own device. Another con, mentioned above, is that is the device is off the network, it cannot be wiped. This is why businesses should not overly rely on a remote wipe solution as their sole means of mobile device management (MDM).

Remote device security, like any other facet of cyber security, is the responsibility of the business’s IT department as well as the end user. All the security in the world is going to be ineffective if an employee doesn’t follow the security procedures they were trained on. Before your business decides to allow any kind of remote access to your confidential data, it is vital that you have a risk assessment performed and decide which product and solution is right for you. 

Categories: Technology Consulting & Compliance
Posted by Norma Garza, VP Remote Transaction Resources, Credit Union Resources, Inc on 8/18/2017

While there is a plethora of scams from which one can fall victim to, surprisingly enough the criminality of fraudulent checks continues to this day very day in this high-tech digitally enthralled 21st century environment.  It seems like there has been a recent spike in the reporting of credit union’s own corporate, official certified checks.  I noticed this because we have sent out several check fraud alerts to credit unions on the Shared Branching network, something we do as a courtesy. 

Reading what blogger, Lisa Lake, Consumer Education Specialist, Federal Trade Commission (FTC) had to say in reference to check fraud affirmed my suspicions – checks are still a very viable instrument for those wanting to commit fraud or scam a victim.  According to the information on Ms. Lake’s blog¹ and a reference from the BBB Institute for Marketplace Trust, Scam Tracker Annual Risk Report, “Data at a Glance” check fraud ranked #2 in the list of scams and fraud.  It is worth noting the highest age group susceptible being between 18 and 24, while the highest financial loss going to those 65 and older.   That being said, it was certainly satisfying to stop a fraud situation in its tracks.  And even more rewarding to know this was possible due to the efforts and collaborative and cooperative actions of five financial institutions working together to achieve this.  

Reflecting on this recent cooperative experience brought emotions of satisfaction and accomplishment.  It was one of those in your face fraudster moments.  And the thought of the collaboration and cooperation between organizations needs to happen more often than not.  We, as the frontline protectors and keepers of our member’s money, should be vigilant in our efforts to assist in preventing (to the best of our ability and resources) these acts of criminality.  Following your credit union’s internal, as well as applicable, policies and procedures, respectively should be a given.  In addition, being cognizant and applying best practices should help in mitigating potential fraud.

I wasn’t surprised to see a wealth of sites on Google addressing prevention and detection measures, albeit they were geared more so towards consumers. However when you think about it the “how to prevent and detect tips and information” are in essence a guide to those looking to commit this type of criminal activity.    

I came across a site titled, Check Investigative Service²” which happened to have best practices and information on recent scams involving current check scams.  Another site I came across titled, “Consumer Federation of American³” had informative videos, i.e., Fake Check Lottery Scam, Fake Check Work At Home.  Maybe a couple of videos could possibly be used for informational and educational purposes. Another informative site being that titled, “Fraud!Org4°”, a project of the National Consumer League, which had the following to offer:

  • There are many variations of the fake check scam. It could start with someone offering to buy something you advertised, pay you to do work at home, give you an “advance” on a sweepstakes you’ve supposedly won, or pay the first installment on the millions that you’ll receive for agreeing to have money in a foreign country transferred to your bank account for safekeeping. Whatever the pitch, the person may sound quite believable.
  • Fake check scammers hunt for victims. They scan newspaper and online advertisements for people listing items for sale, and check postings on online job sites from people seeking employment. They place their own ads with phone numbers or email addresses for people to contact them. They buy “sucker lists” on the black market which has sensitive information of people who have been previously scammed. And they call or send emails or faxes to people randomly, knowing that some will take the bait.
  • They often claim to be in another country. The scammers say it’s too difficult and complicated to send you the money directly from their country, so they’ll arrange for someone in the U.S. to send you a check.
  • Scammers tell you to wire money to them after you’ve deposited the check. If you’re selling something, they say they’ll pay you by having someone in the U.S. who owes them money send you a check. It will be for more than the sale price; you deposit the check, keep what you’re owed, and wire the rest to them. If it’s part of a work-at-home scheme, they may claim that you’ll be processing checks from their “clients.” You deposit the checks and then wire them the money minus your “pay.” Or they may send you a check for more than your pay “by mistake” and ask you to wire them the excess. In the sweepstakes and foreign money offer variations of the scam, they tell you to wire them money for taxes, customs, bonding, processing, legal fees, or other expenses that must be paid before you can get the rest of the money.
  • The checks are fake but they look real. In fact, they look so real that even bank tellers may be fooled. Some are phony cashiers checks, others look like they’re from legitimate business accounts. The companies whose names appear may be real, but someone has dummied up the checks without their knowledge.
  • You don’t have to wait long to use the money, but that doesn’t mean the check is good. Under federal law, banks have to make the funds you deposit available quickly–usually within one to five days, depending on the type of check. But just because you can withdraw the money doesn’t mean the check is good, even if it’s a cashier’s check. It can take weeks for the forgery to be discovered and the check to bounce.
  • You are responsible for the checks you deposit. That’s because you’re in the best position to determine the risk–you’re the one dealing directly with the person who is arranging for the check to be sent to you. When a check bounces, the bank deducts the amount that was originally credited to your account. If there isn’t enough to cover it, the bank may be able to take money from other accounts you have at that institution, or sue you to recover the funds. In some cases, law enforcement authorities could bring charges against the victims because it may look like they were involved in the scam and knew the check was counterfeit.
  • There is no legitimate reason for someone who is giving you money to ask you to wire money back. If a stranger wants to pay you for something, insist on a cashiers check for the exact amount, preferably from a local bank or a bank that has a branch in your area.

Ultimately, the above-mentioned experience and the unfortunate spike in recent fraudulent check activity caused me pause enough to stop from the routine of simply pushing out the alerts to share the positive and joint efforts of five financial institutions and say, thank you.  You know who you are.  And, I would be remiss if I didn’t say thank you to the likes of the Robbie Henegar’s of First Community CU and Ashley Romero, CO-OP Financial Services Fraud Dept., and all who are diligently and tirelessly vigilant in stomping out fraud!





Categories: Business Partners, Compliance, Education & Training, Remote Transaction
Posted by Alison Barksdale, AVP of Mktg, CU Members Mortgage on 8/15/2017

Did you know that a document checklist provided to a home loan borrower is proven to raise borrower satisfaction from 51% to 90%?  At the last CU Members Mortgage National Mortgage Lending Conference guest speaker Garth Graham, Senior Partner with the STRATMOR Group, shared their poling research recognizing the importance of the document checklist in the home loan process.

While the absence of a document checklist is rare at only 3.6%, it should be considered as a standard operating procedure and an overall strategy of improving borrower communications and managing borrower expectations, explained Graham.  Further, borrowers do not want to be asked for more documents that were not included in the original checklist. When a borrower is asked for more information outside of the checklist the overall satisfaction of the member sinks from 94% to 84%.  This shows that it is not only necessary to provide a checklist, but it needs to be accurate too.  This should also be included to manage quality control to balance the underwriters asking for too many conditions as well as too few conditions.

If you have a checklist in place, review it frequently to ensure that changes in the industry haven’t affected new document needs.  If you haven’t developed a comprehensive, accurate checklist, here are the five elements to build an effective lender checklist.

  1. Clearly communicate with the borrower the required documents and information and who it needs to come from. Too many checklists are a catch all and confuse accountability. Make sure the borrower always knows exactly what they are responsible to provide and the deadline as to when it is needed.

  2. Discuss with the borrower in easily understood language what is needed and have the staff continuously reinforce the information.Hire a marketing firm if necessary to ensure it’s conversational in your marketing collateral.

  3. Determine a timeline of when the information should be received to reach to optimal closing date and emphasize to the member that missing those delivery dates will impact the timeline.Remember TRID means lead time is necessary.

  4. Offer options to deliver documents such as fax, digital upload and email.Digital is a must in this day and age to make things easy.

  5. Be prepared to explain why something is needed, show empathy, and check for understanding throughout the process.Treat every conversation as a trade of information they give you documents you need and you provide them an update on where things are.

Garth Graham is a senior partner with The STRATMOR Group and he regularly columns in National Mortgage News and American Banker.  The STRATMOR Group is a data-driven mortgage advisory that works for lenders to help make smart strategic decisions, solve complex challenges, streamline operations, improve profitability, and accelerate growth.  For more information and to contact Garth Graham email

Categories: Business Partners, Marketing & Printing, Research
Page 1 of 193 (579 items)
Subscribe to the Blog

Categories & Archives
Category Filter

Author Filter




Connect: FacebookTwitter©  Credit Union Resources, Inc. All rights reserved.


Contact Us
6801 Parkwood Blvd.
Suite 300
Plano, Texas 75024
Phone: (469) 385-6400
Toll Free: (800) 442-5762
Online Form