Charles Nerko, team leader for data security litigation in Barclay Damon's Data Security & Technology Practice Area, had his “Harper’s Warning on Vendors Should Spur Credit Unions to Act” letter to the editor published by American Banker. In the letter, Charles emphasized the urgency of National Credit Union Administration Chairman Todd M. Harper’s warning about cybersecurity risks posed by third-party vendors. While the NCUA lacks direct regulatory authority over financial institution core processors such as Fiserv, Jack Henry, FIS, as well as other third-party vendors, Charles noted that credit unions can proactively mitigate these risks by leveraging their purchasing power to demand higher cybersecurity standards and rejecting unfavorable contract terms. By prioritizing partnerships with accountable vendors, credit unions can foster industry-wide improvements in cybersecurity practices.
Charles further suggested that legal action is a powerful tool for credit unions to recover losses, exit problematic contracts, and enforce accountability. Lawsuits against core processors and other third-party vendors not only protect member trust but also signal that weak cybersecurity will not be tolerated, driving long-term positive changes. Chairman Harper’s warning, according to Charles, is a call for immediate action. He said, “Credit unions cannot afford to wait for regulatory changes to address these risks. By leveraging their market influence and using litigation strategically, credit unions can protect their members and strengthen the broader credit union system.”
Click here to read the full letter in American Banker.