The USA Patriot Act requires financial institutions to implement identification procedures. We are required to obtain certain identification, verify the accuracy of that identification and keep copies that identify all persons who open an account.

In accordance with Section 326 of the USA Patriot Act, Nova Credit Union is required by law to:

• Verify the identity of any person opening an account (which includes Trust, Investments, Safe Deposit, Loans and Deposit Accounts).
• Obtain your name, address, date of birth, and identification number.
• Maintain records of the information used to verify the person's identity including name, address and other identifying means.

Nova Credit Union follows this law by obtaining picture identification and verifying other information obtained. In some cases, identification will be requested for those with relationships with Nova Credit Union prior to October 1, 2003 because original documentation was not obtained with the opening of the account. In all cases, protection of your identity and confidentiality is our pledge to you.

Nova Credit Union is committed to protecting your accounts and your personal information.

Occasionally, we receive safety and security tips that go beyond having an account at Nova CU. On this page, you will find various topics that are about protecting you — our member.

Nova CU does not text members with account information or about account closures. Please do not click on the link or call the phone number included in these suspicious texts should you receive one. Feel free to call your local branch if you are concerned about any text messages you may receive pretending to be from Nova CU.

Federal Financial Institutions Examination Council (FFIEC) Online Security Guide

If you use online banking, mobile banking, or other internet banking services as a consumer or as a business, you will be interested to know that six federal financial industry regulators have recently teamed up to make all of your personal and business accounts more secure. New supervisory guidance from the Federal Financial Institutions Examination Council (FFIEC) will help credit unions (and banks) strengthen their vigilance to assure that your accounts are properly secured and to make virtually all types of online transactions safer and more secure.

Consumer Guidance: Account Authentication & Online Banking

Multi-factor authentication and layered security are helping assure safe internet transactions for financial institutions and their members/customers.

Business Guidance: Risk Assessment & Layered Security

New financial standards help credit unions, banks and business account holders make online banking safer and more secure from account hijacking and unauthorized funds transfers.

Internal Assessments at Nova Credit Union

The new supervisory guidance offers ways we can look for anomalies that could indicate fraud. Nova Credit Union has conducted a comprehensive risk-assessment of its current methods with regards to the following:

• changes in the internal and external threat environment
• changes in the customer base adopting electronic banking
• changes in the customer functionality offered through electronic banking, and
• actual incidents of security breaches, identity theft, or fraud experienced by others in the financial services industry.

Whenever an increased risk to your transaction security may warrant it, Nova Credit Union will be able to conduct additional verification procedures or layers of control such as:

• utilizing call back (voice) verification, email approval, or cell phone based identification
• employing member verification procedures
• analyzing banking transactions to identify suspicious patterns
• establishing dollar limits that require manual intervention to exceed a preset limit

Your Protections Under "Reg E"

Financial institutions are required to follow specific rules issued by the Federal Reserve Board, known as Regulation E, for electronic transactions. Reg E covers all kinds of situations revolving around transfers made electronically. Under the consumer protections provided under Reg E, you can recover internet banking losses according to how soon you detect and report them.

What the Federal Rules of Reg E require:

If you report the losses within two (2) days of receiving your statement, you can be liable for the first $50. After two (2) days, the amount you can be liable for increases to $500. After sixty (60) days, you could be liable for the full amount. Details of your rights are included on each account statement.

Member Vigilance!

Knowing how fraudsters may try to trick you and understanding the risks is critical to safe online banking. You can take further steps to protect yourself and make your computer safer by installing and regularly updating:

• anti-virus software
• anti-malware programs
• firewalls on your computer
• operating system patches and updates

Additional steps include:

• create strong complex passwords that contain both capital and small letters, numbers and any allowed special characters
• if you think you may have visited a website with malware or if you think your computer may be infected with a virus, do not access your online banking or other sensitive logins until you have scanned your computer and know it is is clean and virus free

Understand the Risks

FFIEC studies show significant increase in cyber threats. Not only do fraudsters continue to deploy more sophisticated methods to compromise security measures, they now manufacture computer hacking kits to sell illegally to less experienced fraudsters.

Corporate Account Takeover (CAT)

Corporate Account Takeovers have increased every year, representing losses of hundreds of millions of dollars. When a Corporate Account Takeover (CAT) occurs, legitimate login credentials are stolen by computer hackers, and fraudulent transfers (ACH or Wire Transfers) are completed before the business account owner knows what happened.

Layered Security for Increased Safety

Layered security is characterized by the use of different controls at different points in a transaction process, so that a weakness in one control area is compensated by a strength in another control area. Layered security can substantially strengthen the overall security of online transactions by protecting sensitive customer information, preventing identity theft, and reducing account takeovers with their resulting financial losses.

Added layers of security allow your bank to authenticate customers and detect and respond to suspicious activity related to initial login and then reconfirm this authentication when further transactions involve transfers of funds or higher risk actions.

Examples of Layered Security for Businesses

For business accounts, layered security can include enhanced controls for system administrators who are granted privileges to set up or change system configurations, and control access privileges and application functions or limitations for their own staff and users. Added layers can include:

• fraud detection and monitoring systems that include consideration of your transaction history and behavior
• dual customer authorization through different access devices
• out-of-band verifications for certain transactions
• "Positive Pay" debit blocks or other techniques that limit
• transactions transaction value thresholds that restrict the number or amount of transactions for a set time frame
• Internet Protocol (IP) reputation-based tools
• policies and procedures for addressing customer devices that have been potentially compromised, or for detecting customers who may be facilitating fraud
• account maintenance controls over activities performed online or through customer service channels.

Recommendations for Business Accounts

• conduct periodic assessments of internal controls
• use layered security for system administrators
• initiate enhanced controls over high-dollar transactions
• provide increased levels of security as transaction risk increase

If You Have Suspicions Activity

If you notice suspicious activity within your account or experience a security related event (such as a compromised PIN or Password, known or suspected infection of computer or network by viruses or malware, etc) please contact us immediately, and you will be directed to credit union employee who can assist you with these matters.

With all the horror stories about ID Theft, hackers, and compromised data, do you ever wonder just what can you do to protect your personal and financial information? Nova CU has partnered with Digital Defense to bring you constant up-to-date free information on the pro-active steps you can take for your own protection. Learn more about protecting your private information.

Con artists scamming people out of their money certainly isn't new, but crooks are constantly coming up with new ways to separate people from their cash.

We've noticed some new scams, and a few tried-and-true methods, cropping up in cities across the nation. To help you protect yourself and your money from these scams, take a look at the following list of credit union and bank scams.

If you have any concerns regarding your account or if you encounter a suspicious situation, please contact us immediately.