NCUA Releases Annual Cybersecurity & Credit Union System Resilience Report


(From the NCUA) – The National Credit Union Administration released its Report to the Committee on Financial Services of the House of Representatives and to the Committee on Banking, Housing, and Urban Affairs of the Senate on Cybersecurity and Credit Union System Resilience. The report provides an explanation of the measures taken to strengthen cybersecurity within the federally insured credit union system and the NCUA.

“The actions outlined in this comprehensive report demonstrate the NCUA’s commitment to promoting a secure and resilient environment for credit unions and their members,” said NCUA Chairman Todd M. Harper. “Recent agency efforts to address cybersecurity risks, including implementation of the scalable Information Security Examination procedures at credit unions, training and support programs, and the cyber incident notification rule, are described in the report. Additionally, the report to Congress details the significant risks and challenges facing the credit union system and the financial system because of the NCUA’s lack of authority over third-party vendors. I continue to call on Congress to close this growing regulatory blind spot.”

The Cybersecurity & Credit Union Resilience Report is required by the Consolidated Appropriations Act, 2021 and provides:

  • Information on the policies and procedures to address cybersecurity risks,
  • Activities to ensure effective implementation, and
  • Current or emerging threats.

For 2023, the NCUA will continue to promote cybersecurity best practices in credit unions, and reviews of credit union information systems and assurance programs remain a supervisory priority for the agency. Building upon its industry outreach efforts, the NCUA will continue to provide guidance and resources to assist credit unions with strengthening their cyber defenses throughout the year. The agency is also funding cybersecurity grants as part of its 2023 grant initiative, which closes on June 30.