Due to the COVID-19 pandemic, many credit unions and CUSOs have been required to adjust.  Most employees are working from home or performing their duties in a non-traditional manner.  Third party relationships may have been altered or suspended entirely.  Given the rapidly changing nature of the workplace and third party relationships, it can seem disorienting.  Included are some tips for your credit union and CUSO to consider to keep your organization productive and prepared during these times.

• Review your business continuity and disaster recovery policies and procedures in real time and revise accordingly. You have business continuity and disaster recovery policies and procedures to ensure that your credit union and CUSO continues to operate during interruptions to standard business practices.  You now have an opportunity to review and adjust organizational/board/employee responsibilities and processes where necessary based on the most recent, relevant information provided by your monitoring program.  Results and necessary updates should be reported to appropriate management figures and implemented into your policies and procedures.
• Stay in touch with critical third party service providers and evaluate their policies and procedures to ensure the ongoing operation of your business. Open communication with critical third party service providers is key to keeping your credit union’s and CUSO’s business operating as effectively as possible.  Continuously monitor and evaluate the services provided and have contingency plans in place to mitigate any risk to your organization in the event the service provider needs to alter or suspend services.  Also, review your contracts with critical service providers to better understand your organization’s and the service provider’s responsibilities (and service level guarantees) in these circumstances.
• Continue to communicate with your employees. Continue circulating your organization’s plans to your employees and keep them informed with the current status of your business continuity procedures.  Also, remind your employees of the increased risk of phishing and malware attacks and to follow appropriate procedures in the event an attack is detected.

Communicating with employees and critical third party service providers, as well as making appropriate adjustments to existing policies and procedures will keep your organization prepared and productive during these disruptive times.  If you have any questions or need any assistance, please contact Mike Heller at mheller@cusolaw.com or (610) 891-9000.