Cygilant Blog
ACET During the Coronavirus Now and Then

ACET During the Coronavirus: Then and Now

Posted by Steve Harrington on Jun 17, 2020

The coronavirus pandemic has forced both credit unions and the National Credit Union Administration (NCUA) to adjust how they do business. The NCUA published a statement (updated on May 15, 2020) noting that it recognizes that COVID-19 will affect credit unions and their members to varying degrees, yet remains committed to ensuring compliance and reporting mandates for credit unions.

 

Credit unions are used to being in a constant cycle of compliance reporting, but doing so in today’s remote working environment is new to most. As we mentioned in a recent blog post, the NCUA has taken steps to be flexible with examinations and audits, stating that  “…if credit unions are able to provide documents, information and staff, examinations will continue as usual, just in an offsite manner…” and that “examiners will not require a credit union to provide information to conduct offsite examination work.” The NCUA also issued language that allows it to make exceptions as needed based on the impact of the pandemic on a specific credit union.

 

So, while there’s more flexibility in terms of scheduling and information gathering, exams and audits are still being scheduled and held. Fortunately, many of the existing resources used to maintain credit unions’ compliance and reporting are available online and still fully applicable today. This includes the NCUA’s Automated Cybersecurity Examination Tool (ACET).

 

The ACET

 

In 2018, the NCUA began using the ACET to assess credit unions’ cybersecurity maturity. The ACET enables credit unions to input information and get back readable results they can easily leverage, versus spitting out a PDF that’s difficult to interpret. As of early 2020, credit unions are able to complete self-assessments through access to the latest version of the ACET on NCUA’s website. This means that the process of completing the ACET today is the same as it was pre-pandemic, since everything is online.

 

The ACET and the CAT

 

So, how should you start the process of completing the ACET? As a first step, we recommend completing the Federal Financial Institutions Examination Council's (FFIEC) Cybersecurity Assessment Tool (CAT), which is another free online tool. The ACET is based on the CAT, so if you’ve completed the CAT, you’re already halfway done with the ACET. The FFIEC provides an incredibly helpful PDF on the CAT that has a two-part section on completing the assessment.

 

So, while COVID-19 has impacted credit unions in countless ways, many of the online tools and resources for credit unions have remained unchanged – and we still urge you to continue using them. According to a recent article in Credit Union Times authored by our very own Kevin Landt, vice president of product management at Cygilant:

 

Credit unions face a unique set of challenges. They must ensure data protection and meet strict compliance requirements as laid out by the FFIEC. However, as a not-for-profit, your IT teams, dedicated cybersecurity resources and budgets may be stretched thin. Tools like the FFIEC IT Exam Handbook and CIS framework offer excellent, free resources for helping build your credit union’s cybersecurity posture – regardless of maturity level or preparation for an audit.

 

 Cygilant for Credit Unions

 

In addition to the free online resources that we’ve talked about above, Cygilant provides credit unions and financial service organizations access to a dedicated team of cybersecurity experts with the technology, experience and processes to tackle cyber security threats proactively. It’s our mission to liberate you from the stress, excess cost and complexity of having enterprise class security. 

 

For more information about the ACET, CAT, separate statements from both the NCUA and FFEIC regarding the pandemic, and other resources, check out the links provided below.

 

Additional Resources:

 

 

Practical Steps for Improving Credit Union Cybersecurity

Most Recent Posts

Subscribe to Email Updates