Credit Union Website Compliance

We have created our own website compliance checklist based on a list provided by theĀ CUNA Marketing CouncilĀ and Chris Collver of theĀ Credit Union Digest, the publication of theĀ California and Nevada Credit Union Leagues. As with all checklists, they are only as good as your in-house legal counsel - so run it by them first!

Logos and Photos

  • Do any pages have materials with copyrights, trademarks, or service marks (including photos or drawings)? Make sure you have appropriate approvals to use or link to these materials. This is more important than you think. I have a client who is a law firm that was fined $5,000 for one picture on their website that they couldn't prove that they had rights to use. All of our photos that we provide, are backed by a licensing agreement that we keep on the premises.
  • Is the NCUA advertising statementā€”or its short version, accompanied by the NCUA logoā€”on all pages advertising deposit account products? (Ā§740.5 of NCUA Rules and Regulations).
  • Is the Equal Housing logo on all pages advertising real estate-related loans? Even better, just put it on all pages in case you have an ad or a new page created - you don't have to worry about it.
  • Subliminal Discrimination? Look at tall the images of your site for the possibility of encouraging some types of applications and discouraging others on any prohibited basis (Ā§701.31 of NCUA Rules and Regulations and Ā§202.5 of Regulation B).Ā 

Disclosures and Notices

  • Is your privacy notice conspicuous and easy to find? Does it match the board-approved notice/policy? We like to place these at the footer of all the pages. Never make your member search for privacy notice or other disclosures.
  • Review any pages offering loan products to ensure compliance with Regulation Z requirements. Be on the lookout for the use of any trigger terms that require the need for additional disclosures (e.g., any reference to a loan term on a closed-end loan triggers the requirement to include the terms of repayment). Also, make sure any related disclosures are noticeable, either by including them on the same screen, or providing a clearly marked link to them (Ā§226.16 and Ā§226.24 of Regulation Z).
  • Review any pages promoting deposit accounts to ensure compliance with Truth-in-Savings requirements. Pay particular attention to triggering terms, as well as use of the word ā€œfree.ā€ (Ā§707.8 of NCUA Rules and Regulations)
  • Be sure your site advertises terms that will actually be available, especially when rates are increasing or decreasing. The easiest way to do this is by maintaining your rates yourself! Our CMS product allows that quickly and easily.
  • Does your site have a separate children's area or does your credit union have a separate children's site.? The portion of your website that collects information from children under 13 must be compliant with the Children's Online Privacy Protection Act (COPPA).Ā 
  • Are non-deposit investment products advertised? If so, make sure the disclosures required by NCUA Letter to Credit Unions No. 150 are followed. This is another item to just place at the bottom of all pages. Better safe than sorry!
  • Are other disclosures presented in a clear and conspicuous manner? Have a disclosures section of your site as a clearing house for all disclosures in text or PDF format.

General

  • Are there links to third parties? If so, do the links imply endorsement of third-party products or services? Have you reviewed the security and privacy policies of the linked third parties? We use a "speed-bump" type linking notification window. This forces your member to acknowledge that they understand that they are visiting a 3rd party vendor and leaving the credit union website and sphere of influence.
  • Do calculators and links operate accurately? Are they from a trusted source? Are they accurate? Are errors in calculations covered by a disclosure statement?
  • Has all information been through an advertising clearance process (review) before posting? This means Marketing, Legal AND the department directly responsible for the advertising piece have all signed off on it.
Accessibility
  • Is your website accessible via mobile phone? This may not be a requirement however as more people use their mobile phones as their primary communications device, having a mobile accessible site permits those with hearing or speech impediments to access your site without a computer.
  • Is your site designed for the visually impaired? There is a simple tool to allow members who are visually impaired to increase the size of your site's fonts to meet their visual needs.
  • Is your site or advertisement text embedded into graphics? Many credit union websites use ad graphics with copy embedded in them that are not readable by devices designed for the visually impaired. This exclusionary practice can be overcome by creating a small text link that say "Click here to access this page in plain text." so that the visually impaired visitors can browse the text by increasing the size or by using a third party application like "Home Page Reader"

If you are running online transactional services through your website (e.g., home banking, online applications, remote deposit capture), then you must be aware of compliance issues such as Bank Secrecy Act (e.g., Member Identification Program, Suspicious Activity Reports), OFAC, rules regarding accepting applications, delivery of account or loan disclosures, compliance with E-Sign provisions, and providing check hold notices. Not to mention that good old Patriot Act.

Chris Collver is a legislative and regulatory analyst with theĀ California and Nevada Credit Union LeaguesĀ and not affiliated with Andermahr & Company or this website or it's products.
 
© Copyright Andermahr & Company
Andermahr and Company the Credit Union Marketing Agency