What Credit Unions Learned in 2025
Credit unions have just come through a year marked by complexity and rapid change. Regulatory uncertainty, rising technology costs, and growing operational demands pushed leaders to balance day-to-day needs with long-term modernization—often with limited resources.
Across conversations with our technology, cybersecurity, project management, and fintech solutions teams, a clear theme emerged: 2025 tested credit unions’ resilience.
Here’s what shaped the year for credit unions—and the lessons that will carry into 2026.
2025 Reflections: What We Learned
Regulatory volatility shaped every strategic discussion.
Our team all saw the regulatory environment as one of the year’s biggest disruptors. Lawsuits, leadership changes, and shifting priorities across state and federal agencies created uncertainty around everything from overdraft practices to open banking momentum.
“It was the instability—lawsuits, leadership shakeups, policy stops and starts—that made it nearly impossible for credit unions to plan with confidence.” — Eric Gubka.
While there were some bright spots, such as relief around overdraft fee flexibility, the overall theme was unpredictability. This level of inconsistency required credit unions to plan more cautiously and rethink how they monitor, interpret, and respond to regulatory guidance.
Budget misalignment widened the gap between strategy and execution.
2025 exposed a growing challenge: credit unions are budgeting for technology investment, but not for the internal lift required to execute it.
Implementations repeatedly stalled due to underestimated conversion labor, overextended staff, and a lack of project ownership. Many institutions still rely on the same individuals to support daily operations while managing complex, high-stakes initiatives.
“We’ve always underestimated the labor it takes to implement new systems. Credit unions don’t have supplemental staff, and people are expected to handle day jobs and major projects simultaneously.” — Tracie Loudermilk.
The result: backlogs, burnout, and timelines that stretched far beyond initial expectations. This disconnect continues to highlight the need for better resource planning and more realistic assessments of internal capacity as we head into 2026.
Technology modernization surged—but so did costs.
The Broadcom/VMware acquisition created ripple effects across the industry, with some credit unions experiencing infrastructure cost increases—some rising by 600% or more.
This hit smaller and mid-sized institutions especially hard, as many lacked the financial flexibility or procurement leverage to absorb sudden cost spikes. Vendor consolidation further complicated the landscape, forcing credit unions to reevaluate contracts, dependencies, and their long-term digital transformation plans.
All of this made modernization more challenging to plan, budget, and troubleshoot, especially for credit unions managing multiple interdependent tools.
“Vendor fatigue is real. Technology costs rose far beyond CPI, and credit unions are struggling to manage dozens of different partners.” — Carla Bettens.
In addition, credit unions are facing rising technical complexity across their vendor stacks. Many are now juggling interconnected APIs between fintech partners, core systems, and cloud providers—creating troubleshooting challenges when issues arise.
Everything feels more interdependent, adding to the resource burden and increasing the need for stronger vendor governance and technical support.
Cybersecurity threats intensified as digital engagement expanded.
Fraud pressure increased across all fronts—phishing, AI-generated scams, account takeovers, and social engineering.
MDT clients expressed heightened concern around protecting members from increasingly sophisticated social engineering attacks, particularly as engagement expands across more digital channels. The MDT Product and Partner Insights Board also emphasized the growing gaps in third-party and cloud security, noting that many institutions assume cloud providers fully manage security. In reality, shared-responsibility models can leave gaps around configuration, monitoring, and access controls.
This combination of new attack vectors and increased reliance on external vendors underscores the need for better education, stronger controls, and more proactive tools heading into 2026.
The AI hype cycle exposed readiness gaps.
Credit unions showed intense curiosity about AI, but very few demonstrated full operational readiness. Many expressed interest in leveraging automation and AI-driven insights, but lacked the foundational governance required to implement these tools responsibly.
Several leaders also voiced concern about AI quietly embedded in vendor products—sometimes without clear visibility into how data is handled or how models operate.
“Many think they’re ready for AI, but they’re not. Guardrails, monitoring, oversight—most credit unions haven’t even started.” — Bill Illis.
In 2025, AI remained more of a question than a solution for most institutions, highlighting the need for clearer structure and stronger safeguards before adoption accelerates.
The Bottom Line
2025 tested credit unions’ resilience amid fast-moving operational, regulatory, and digital pressures. The year exposed execution gaps, elevated risk, and rising complexity across nearly every domain—while also making clear where opportunities lie.
As credit unions look toward 2026, one theme stands out: success will depend not only on the technology they adopt, but on the internal maturity they build to support it.