The CU*Answers Due Diligence page is designed to assist our clients and prospective clients in fulfilling any obligation to conduct due diligence provided by our cooperative. This “one stop shop” is to help simplify your needs when conducting vendor due diligence. You can also request SSAE Reports and SSAE Bridge Letters from our Auditing Team.
SSAE Reports
The SSAE SOC 1 and SOC 2 Reports are our public housekeeping audits covering the primary controls we use to secure our systems. The current audit reporting period is for CU*Answers Fiscal Year 2023 (October 1, 2022 through September 30, 2023). CU*Answers alternates between SOC 1 and SOC 2 Reports every other year.
- CU*BASE Application Processing and Managed Hosting Services System
- CU*BASE Development System
- Network Management Services System
SSAE Bridge Letter Request Form
If your auditors or examiners request a Bridge Letter for the period between our SSAE audits, you can use the attached form to receive a Bridge Letter from our Audit Team. Bridge Letters usually take from 1-2 days to complete.
ACH Audit
CU*Answers conducts an annual ACH Audit. In 2024, the ACH Audit was performed by The Clearing House.
- 2024 ACH Audit
- 2023 ACH Audit
- 2022 ACH Audit
- 2021 ACH Audit
- 2020 ACH Audit
- 2019 ACH Audit
- 2018 ACH Audit
- 2017 ACH Audit
- 2016 ACH Audit
FedLine Security and Resiliency Assurance Program
CU*Answers conducts an annual assessment of the FedLine Solutions Security and Resiliency Assurance Program in accordance with the FRB Services requirements as described at: https://www.frbservices.org/resources/resource-centers/security-resiliency-assurance-program. Below is a link to the latest attestation letter referencing this assessment.
CU*Answers Financial Statements
In light of the new third party due diligence requirements, we realize that more clients than just our owners need access to our financial statements. Listed below are our most recent published financial statements.
- 2024 Financial Audit
- 2023 Financial Audit
- 2022 Financial Audit
- 2021 Financial Audit
- Quarterly Financial Report
- 2020 Report to Owners
Insurance Declaration Sheet
CU*Answers’ insurance coverage renews every year on December 1.
Software Escrow Certification
CU*Answers certifies the CU*BASE software has been deposited with the escrow agent upon the December release.
Disaster Recovery/Business Resumption
CU*Answers has a very active Disaster Recovery and Business Resumption team. Documents from this team are produced on a regular basis. Both the most up-to-date reports and archives are available on this page.
See what Business Continuity has to offer!
Business Continuity products are now available to order in the store.
Executive Leadership and Board of Directors
The most up-to-date information on the Executive Leadership Team and the Board of Directors can be found here:
Business Plan and Strategic Technology Plan
CU*Answers to encourages our credit unions and CUSO to be inclusive of all owners when it comes to business plans and other business activities that owners might want to take an active part in. It is the difference in a cooperative; the community owns it and should be treated with the respect owners deserve.
To that end, our Business Plan Summary and Strategic Technology Plan are both available online.
Company Background
The most up-to-date background information on our cooperative can be found on our About page.
Policies
CU*Answers publishes policies on cyber security/information security, acceptable use, and other policies of interest to our clients and their examiners.
SecuriKey
CU*Answers receives a large number of cybersecurity due diligence requests from our clients. Although we have a vast library of resources, accessing all of this information – especially if there is an examiner in the room – can be challenging for credit union staff. With the need to revise or publish a significant amount of cybersecurity due diligence information, CU*Answers is publishing SecuriKey, Your Key to Cybersecurity.
Each SecuriKey document will have the following features:
- Quick Reference Guide (intended to be something a client can provide to examiners)
- Summary of Features of the Service
- Detailed Risk Assessment Tools
- Ways for the credit union to engage with our teams (e.g. MOP has information for AuditLink for credit unions concerned with the Patriot Act)
SecuriKey Documents
- Its Me 247 Online and Mobile Banking
- MOP – Membership Opening Process
- MACO – Multi-Authentication Convenience Options
- idocVAULT – Core Image Processing
More Information
For more information, or if you have questions, please contact our CFO, Bob Frizzle at bfrizzle@cuanswers.com.
Learn more about Bob Frizzle.