Memo from Randy Karnes

DATE: October 25, 2011
TO: Mutual CU*Answers / NMS Clients
FROM: Randy Karnes, CEO

One of the most innovative initiatives here at CU*Answers is our “Starting a Business in the CU*Answers Network” program. It’s intuitive, and on the surface almost everyone gets it: If the participants in the CU*Answers network can leverage the current relationships and technical coordinating resources of the network to create new solutions, revenue sharing, extended capabilities for gain, then we should do so.

But just because it’s intuitive doesn’t mean it’s easy. These businesses have to be documented, and the due diligence has to be consistent with what you would do with any vendor. In some cases, that due diligence can be even more sensitive, because you’re doing business with a peer rather than some impartial third party. Now that is not intuitive.

When organizations try to innovate, they know they will be scrutinized greatly for going in a new direction and building new solutions. In practice, I often see organizations struggle with peer relationships and how to properly account for them, maintain them, and explain them to third parties. To help with this, CU*Answers is going to start issuing some Best Practice recommendations for security access, technical configurations, and general business practices related to CU*Answers tools.

These recommendations are not an insurance policy for your due diligence; they are simply our opinion on how we would set up security (or how we request that you set up security, in cases where CU*Answers is doing the work). You still need to think it through, make decisions for yourself, and be ready to document those decisions as part of your management of this new vendor relationship.

I encourage you to take advantage of peer-to-peer businesses and innovate your business practices to include your partners in your future. I encourage you to start businesses, and to work with CU*Answers at every opportunity to leverage what you can offer to your peers or even to CU*Answers. And I encourage you to do so with the spirit of keeping costs down, improving efficiencies, and being more effective than ever in meeting your members’ goals. I hope this helps, and I look forward to watching everyone’s businesses grow.

Introduction

The following guidelines pertain to CU*BASE Employee Security settings that CU*Answers recommends your credit union put into place for use by Neighborhood Mortgage Solutions (NMS) representatives when servicing loans on your credit union’s CU*BASE database.

Purpose

The purpose of these guidelines is to ensure your credit union’s data is appropriately protected and monitored, while allowing adequate access for NMS to complete the tasks for which they are responsible under their contract with your credit union.

Guidelines

CU*BASE Employee IDs

Your security officer will need to first create the Employee IDs specified on the NMS “Supplement To Neighborhood Mortgage Solutions Loan Servicing Agreement.”

Employee Security Settings

To perform the daily tasks on CU*BASE, these IDs will need access to the following CU*BASE features and menu options:

• MNMAST #8 Change Employee Password
• MNMAST #9 Change Terminal Password
• Member Inquiry access only (not Phone Operator) for account research

Note: Since all employees have regular Member Inquiry access, it is not necessary to activate Phone Op inquiry for NMS employee IDs as part of employee security.

To perform the daily tasks associated with the Participation processing for your Government Loans, these IDs will need access to the following options:

• MNPART options #1 through #22 (Participation Processing menu)
• Employee Security > Special Security settings: Maintenance Tier 2

Note: Maintenance Tier 2 security is needed to maintain the “Next Interest Accrual Date” field in the Participation Loan maintenance screen when adding new loans and when adjusting the accrued interest in a Participation work file.

To perform the daily tasks associated with the Escrow processing for your Government Loans, these IDs will need access to the following items:

• MNEXLN options #1 through #11 (Escrow Processing options)

During the Escrow Analysis period, NMS will need access to the following additional menu options. Access to these items can be removed after this period ends:

• MNUPDT #4 Update Auto Transfer Information (to update new loan payment amount, if needed, after the payment changes due to the escrow analysis payment change process)
• MNUPDT #2 Update Member Account Information (to maintain the freeze code on escrow share accounts)

Note: The need for NMS to adjust freeze indicators is due to a system limitation that we are going to be addressing soon via a new development project initiated by the Xtend SRS Bookkeeping team. But in the meantime it will still be necessary to grant NMS the access they need to perform this task for proper escrow processing.

To perform the daily tasks associated with monitoring your mortgage loans insurance and tax expirations, these IDs will need access to the following items:

• MNLOAN #5 Miscellaneous Loan Maintenance (for the collateral record)
• MNRPTE #7 Pledged Collateral Information (for expired insurance/tax reporting)

Monitoring Tasks

To ensure your credit union is adequately monitoring NMS activity on your accounts, the following monthly or periodic auditing routines are recommended:

• Account Maintenance Report (MNAUDT #19 Print File Maintenance Report) Run this report as of EOM for all NMS employee IDs.
• Member Transaction Report (MNRPTC #8 General Transaction Register) Run this report as of EOM for all NMS employee IDs.
• General Ledger History (MNGELE #18 Print GL History (daily)) Run this report for the previous month for J/E ID equal to “PL” (this is the ID used by the CU*BASE Participation Lending software).