REPORT TO THE BOARD OF DIRECTORS NEW JERSEY CREDIT UNION LEAGUE June, 2006

1. CHANGE IN BANKRUPTCY LAW TRIGGERS DECLINE IN FILINGS
Following last October's restrictive changes in Federal bankruptcy law, the raw number of bankruptcy filings has declined sharply. In the second quarter of 2006, there have been only 2,829 bankruptcy filings in New Jersey, and only 116,771 filings in the nation as a whole, down from 10,302 and 401,149 respectively in the second quarter of 2005. This represents a 72% drop in bankruptcy filings in New Jersey, and a 71% drop nationwide. It remains to be seen whether this drop will be permanent.

2. NCUA AMENDS REGULATION OF COURTESY OVERDRAFT PROTECTION
The NCUA is amending its regulation of courtesy overdraft protection programs. It is requiring credit unions who advertise overdraft protection to disclose related fees and other information in advertisements for these services, on periodic statements and as part of account-opening disclosures. This finalized rule is identical to the interim final rule which has been in effect since December 8, 2005. The rule's mandatory compliance deadline has been extended from July 1, 2006 to October 1, 2006.
The new disclosure requirements apply only to credit unions who advertise courtesy overdraft protection. For the purposes of the new regulation, an “advertisement” is a commercial message in any medium that promotes the availability or terms of, or a deposit in, a new or existing account. The following types of communication are not considered advertisements, and do not trigger any of the disclosure requirements:

(1) Promoting in an advertisement a service for paying overdrafts where the credit union's payment of overdrafts will be agreed upon in writing pursuant to a traditional line of credit;

(2) Responding to a member-initiated inquiry;

(3) Engaging in an in-person discussion with a member;

(4) Making disclosures that are required by federal or other applicable law;

(5) Notifying a member about a specific overdraft in their account;

(6) Discussing their right to pay overdrafts in a share account agreement;

(7) Providing a notice to a member that items overdrawing an account may trigger a fee;

(8) Providing educational materials that do not specifically describe the credit union's overdraft service;

Disclosure Requirements

Periodic Statements: Credit unions must separately disclose on their periodic statements the total amount of fees or charges imposed on the share account for paying overdrafts and returning items unpaid. These disclosures must be provided for the statement period and for the calendar year to date.

Account-Opening Disclosures: Credit unions must specify in account-opening disclosures the categories of transactions for which an overdraft fee may be imposed, though the list need not be exhaustive. It is sufficient to state that the fee is imposed for overdrafts created by checks, in-person withdrawals, ATM withdrawals, or by other electronic means, as applicable.

Advertisements: To avoid confusion with traditional lines of credit, credit unions must include certain disclosures in their advertisements about the service:

1. 1.The applicable fees or charges,
2. 2.The categories of transactions covered by such fees,
3. 3.. The time period members have to repay or cover any overdraft; and
4. 4.. The circumstances under which the credit union would not pay an overdraft.

Exception for ATM receipts, broadcast media, and billboards: Although advertisements on ATM receipts, broadcast media, or billboards will trigger the “periodic statement” and “account-opening” disclosures, credit unions are not required to include advertising disclosures on these types of advertisements because of space and/or time constraints.
Limited Exception for ATM screens and telephone response systems: For advertisements on ATM screens and on telephone response systems, credit unions need only disclose the applicable fees or charges and the time period members have to repay or cover any overdraft. For advertisements on indoor signs, the above-listed disclosures are not required, provided that the sign contains a clear and conspicuous statement that fees may apply and that members should contact an employee for further information about applicable fees and terms.

3. SOCIAL ENGINEERING STILL PRESENTS SECURITY THREAT
In addition to attacking machines, erstwhile hackers can employ social engineering techniques to gain access to a network by tricking or persuading employees to divulge passwords or other sensitive information. In a recent security audit of a credit union, hackers hired by the CU to test its security scattered twenty USB flash drives around the credit union's entrance. When employees found the devices, their curiosity got the better of them. Employees plugged fifteen of the twenty drives into company computers, filling the CU network with viruses and sending streams of sensitive data back to the hackers. This is only one example of the wily social engineering techniques employed by hackers. Thus, it is just as important to educate employees about network security as it is to secure your network electronically. The full article can be found here: www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1
Stephen J. Edwards 973-361-9900