As credit unions foray further into the world of e-commerce, they take with them the same responsibilities for consumer protection that exist in the brick-and-mortar world of financial transactions. That’s something a lot of credit unions are not keeping up with, according to a compliance expert who works with both credit unions and the examiners in charge of making sure those rules are met. “We have looked at hundreds of credit union sites, in addition to the ones we have been hired to work with, and we see regulations not being met all the time,” says John Zasada, national director of credit union compliance consulting for RSM McGladrey in St. Paul, Minn. RSM McGladrey has inked a deal to provide Web compliance services to CUNA Network Services, which was recently formed to offer electronic-commerce services such as risk assessment, systems monitoring and compliance. In announcing that deal, the two organizations stated that more than 95% of all credit union Web sites do not comply with a variety of regulatory requirements. Zasada has the perhaps unique perspective of working with both the 500 or so credit unions his firm provides auditing and other services to (including about 60 for which it does Web-site compliance work) and with the NCUA, for whom it trains examiners. While the passage of the Gramm-Leach-Bliley Act brought with it a phalanx of new privacy requirements, most of the problems Zasada says his firm sees have to do with long-standing regulations, primarily with disclosures. For instance, Truth in Lending disclosures need to be displayed on the Web site just as they are in the fine print in newspaper advertisements. “Those are often missing,” Zasada says. The same goes for Truth in Savings requirements. “We see that all the time. If you advertise, for example, a 6% APY on your home page and it doesn’t say there’s a $1,000 minimum balance, that’s not only not meeting the requirements of the Truth in Savings regulations, but it’s a disservice to the member who goes down to the credit union then expecting to open that account with $100,” he says. Many electronic-disclosure rules actually are under interim status. The Federal Reserve recently withdrew its Oct. 1 effective date for making those rules permanent, allowing more time for more comment before they’re written in stone. No deadline for that has been set. Meanwhile, Zasada says, he expects the process of compliance review to continue evolving right along with the e-commerce options that credit unions offer. “Our workload seems to go in six-month stages,” he says. “Our template is constantly expanding.” One of the big changes from a year ago is the rapidly increasing number of credit unions offering online banking. “Not too long ago, non-transactional Web sites were the norm. Now most of the time there’s home banking, which means you have to disclose things like fees, besides initial disclosures whenever a new product or service is offered,” he says. While there are civil penalties possible with violations cited by examiners, Zasada says he’s not seen them imposed. It’s more a matter of the examiners and credit unions working together to get the problems fixed, he says, but adds: “The NCUA is out there to assist credit unions, but if they file a report that says there were 15 violations on a Web site . the credit union’s board of directors isn’t going to be thrilled. “They may well go to senior management to find out what’s going on, because these are consumer-protection measures, and credit union members expect to at least be protected by the financial institution they themselves own.” -