- (a) A credit union may use, or participate with others to use, electronic means or facilities to perform any function or provide any product or service as part of an authorized activity. Electronic means or facilities include, but are not limited to, automated teller machines, automated loan machines, personal computers, the Internet, the World Wide Web, telephones, and other similar electronic devices.
- (b) To optimize the use of its resources, a credit union may market and sell, or participate with others to market and sell, electronic capacities and by-products to others, provided the credit union acquired or developed these capacities and by-products in good faith as part of providing financial services to its members.
(c) If a credit union uses electronic means and facilities authorized by this rule, the credit union's board of directors must require staff to:
- (1) Identify, assess, and mitigate potential risks and establish prudent internal controls; and
(2) Implement security measures designed to ensure secure operations. Such measures should take into consideration:
- (A) the prevention of unauthorized access to credit union records and credit union members' records;
- (B) the prevention of financial fraud through the use of electronic means or facilities; and
- (C) compliance with applicable security device requirements of §91.401(b) of this title (pertaining to User Safety at Unmanned Teller Machines).
- (d) All credit unions engaging in such electronic activities must comply with all applicable requirements, including addressing safety and soundness concerns and ensuring compliance with applicable state and federal laws and regulations.
Source Note:The provisions of this §91.4001 adopted to be effective May 13, 1999, 24 TexReg 3475.