Can You Trust Your Lawyer?

October 19, 2018 at 8:35 am Leave a comment

Greetings Folks. I’m on my way to Syracuse where I hope to see some of you shortly and put some of my hard-earned money at risk at Turning Stone but first I wanted to tell you about an interesting takeaway from a New York Bar Association conference on cybersecurity that I attended yesterday.

Many credit unions are scrambling so fast to keep up with the latest technology being demanded by those darn millennials and their increasingly savvy parents and grandparents that using vendors often makes good business sense. However, every time you use a technology vendor you are opening up the credit union to potential cyber risks such as the stealing of personally identifiable information.

I know you already understand this but I for one never thought about the fact that your lawyer is also a vendor, a vendor that often has access to some of the most intimate information about the credit union’s information. For example, if you’re considering a merger then you’re exposing reams of data about the credit union and probably transporting it over the internet. Let’s say you’ve done a Fair Lending audit and want the results to remain confidential. Chances are your attorney has access to that information. And can you imagine what would happen if all those emails you’ve been exchanging about that potential sexual harassment or discrimination claim falls into the wrong hands. You get my point.

This means that your lawyer should be part of your vendor due diligence as relates to assessing cyber security risks. You should hold the attorney to the same standard of transporting personally identifiable information and other types of sensitive information as you would any other vendor. If the attorney can’t accommodate you then it may be time to get a new attorney.

The legal profession is well aware of its obligations. Earlier this week the American Bar Association amended the model rules governing lawyer ethics. Under this new standard, a lawyer who knows or reasonably should know that a data breach has occurred at her firm has an obligation to inform the client of the breach. This is part of the lawyer’s larger obligation to keep a client reasonably informed about the status of any legal matter the lawyer is working on for you (you can remind him of that obligation if he’s taking a little too long returning your phone call). So don’t be surprised if you start finding out more about data breaches from your attorneys.

One more note, an attorney already has an obligation to maintain “the requisite knowledge and skill to represent you which includes knowing about the benefit and risks associated with technology.” Fortunately for me, this can be satisfied by making sure that you have access to technology people who actually know what they’re talking about.

NCUA Finalizes RBC Revisions

In a major victory for common sense and the industry, NCUA scaled back the application of its risk based capital rules. Now only credit unions with $500 million or more in assets will have to comply with this mandate. In addition, the new requirement takes effect January 1, 2020. I continue to believe that the whole concept of risk based capital needs to be revaluated for all financial institutions. I believe that the history of risk based capital demonstrates that it doesn’t prevent financial risk, but simply encourages capital arbitrage. That being said, great job Chairman McWatters. The NCUA also proposed some bylaw amendments which I have not had time to review.

On that note, have a good weekend.

Entry filed under: Compliance, Legal Watch, Regulatory. Tags: .

How Hemp and Marijuana Banking Differ FICO Adds Consideration of Account Activity To The Credit Scoring Mix

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 667 other followers