BY MATT CULLINA
AML and KYC initiatives are designed to cut down on fraudulent activity but the requirements behind them represent a downside for credit unions. In fact, they may make CUs bigger targets for cyber threat. Learn how your credit union can protect itself against these unintended consequences, without unnecessary headaches and expense.
The regulatory environment is constantly evolving, responding to new concerns or needs and taking advantage of new technology opportunities. One of the most recent changes involves stringent new data verification and analysis mandates around ‘anti-money laundering’ and ‘know your customer’ (AML and KYC, respectively) initiatives. These regulations are intended to help financial institutions better identify illicit activity and cut down on crime, but credit unions need to know how to protect themselves from the potential downsides tied to the increased data collection and processing requirements included in AML and KYC.
New concerns, increased risks
Information security awareness is already a top priority for CUs. One potential negative effect of AML and KYC (and it’s a big one) is that cyber threats to the consumer and financial data held by CUs will only go up as the volume and value of that data increases. Initiatives like AML and KYC sometimes bring unintended consequences. By gathering more data – everything from consumer information to transactional histories – in an effort to comply with the mandates and by putting all of that data in one place, the CU will have created something it may not have expected: a new target for cyber threats. What was supposed to provide better security could actually lead to a much more damaging risk of breach.