WASHINGTON. - The CAN-SPAM Act is new on the books, and while at first glance the spam-busting law probably should not affect credit unions too much, the devil is in the details. "We're still waiting to see what the industry is going to do with this, what the Federal Trade Commission does with this, but I really don't think credit unions are going to be too affected," says Valerie Moss, director of compliance information at CUNA. The law allows an exemption for transactional and relational messages, and e-statements and account messages and alerts are not likely to be considered commercial messages, she says. As far as purely marketing messages, the anti-spam law also codifies the need for opt-out options, which credit unions generally already offer, but does state that such messages need to clearly stated somewhere that they are advertising or promotional. And credit unions need to be particularly careful of what their third-party partners do with their members' e-mail addresses, whether sending e-mail to them or sharing those addresses with someone else. "While this is all new stuff, I honestly don't think most credit unions need to worry too much," Moss says. "My advice right now is for them to take a look at the information in the e-Guide on our Web site and consider what it says." In the meantime, CUNA will continue watching the law's progress as it takes shape, and so are the government entities that have to interpret and administer it. The NCUA currently is working with other regulators to develop an alert to help guide credit unions, but no timetable has been set for its release, says NCUA spokesperson Molly Schar. One thing e-mailers, legitimate and spammers alike, are watching for is the potential creation of a "do not e-mail" list similar to the "do not call" list now in place to attempt to limit telemarketing calls. Meanwhile, several credit unions, who tend to be careful about what they send e-mails to members anyway, also say they don't expect the law to have a lot of immediate impact, but they do need to be cognizant of it as they expand their e-mail outreach. NASA Federal Credit Union, for example, currently sends out general notices about online banking changes and e-statement notifications, and this year expects to being offering e-alerts and expand into e-mail marketing, the kind of activity where "transactional and relationship" exemptions might not be as crystal clear. That said, "most of the major provisions are easy enough to accommodate and are really the right thing to do," says Doug Payne, vice president of marketing at $660 million NASA FCU in suburban Washington. Do The Diligence Moss agrees, but cautions that if an e-mail falls outside of the definition of a "transactional or relationship" message, it could be considered commercial e-mail and would need to comply with the various requirements of the CAN-SPAM Act. "Each CU should evaluate its e-mail messages to ensure compliance with the Act," Moss says. "That being said, we believe that most CU e-mail will fall under the exemption, but there may be some exceptions out there." Wescom Credit Union is another example of a CU sending out electronic communications falling under that exemption. The $2.5 billion California CU sends targeted promotional e-mail, account information such as NSF notices and account alerts set up by the member to notify of specific events, such as a check cleaning or a direct deposit being posted, said Brian Siegel, Wescom's vice president for marketing and e-commerce. "At this point we don't expect the CAN-SPAM legislation to have any effect," Siegel says. "It really targets the worst abusers of e-mail, those who send spam that has fraudulent Internet routing information, misleading subject lines, no way to opt-out, and who blast millions of e-mails to random addresses." Credit union land's biggest resident, Navy FCU, also does not expect to be affected. "While Navy Federal does e-mail marketing, we do it strictly on an opt-in basis. Go to our Web site and you'll see right in the middle of the home page the link for that," says Loren Moeller, spokeswoman for the $20 billion CU in suburban Washington. Members who opt in for that get marketing messages such as loan rate notices and promotions on share certificates. And there probably can be even less doubt about the transactional/relationship nature of another big part of Navy FCU's electronic correspondence with members: an e-messaging capability that resides within the encrypted account access system. Meanwhile, credit unions are responsible for what their third-party vendors send to members, too, and that bears checking out. "We've requested our e-mail marketing vendor to certify that they are in compliance with CAN-SPAM," says Siegel at Wescom. That's good advice. Moss says that harvesting e-mails by third parties for marketing purposes (e-mails sent simply to collect e-mails) could be problematic, and under some circumstances under the new law, the e-mail sent to such harvested e-mail addresses could be considered spam. "Each credit union should evaluate its e-mail system and marketing messages for compliance with the Act, paying close attention to any services outsourced to third parties," the CUNA compliance director says. "Keep in mind that the law covers both the spammer and those who procure their services," Moss says. "Do your due diligence," she says. [email protected]