Loading Your Experience

Security and Privacy

Your online security is our top priority. Learn what we do to protect you and your online banking information, and how you can protect yourself.

Our digital banking platform is designed to make accessing and managing your finances convenient, intuitive and secure.

While we go to extraordinary lengths to safeguard your personal information, there are also important measures you can take to protect yourself when you bank online. We advise you take additional precautions while browsing online and practice good cyber hygiene like strong passwords, safe browsing and regularly monitoring your accounts. Let’s work together to protect your account and keep your money safe.

If you become aware of any loss, theft, misuse, or unauthorized use of your banking access data or information, contact us immediately.

Phone: 204.958.8588 (toll free 1.877.958.8588)
Hours: Monday to Friday, 8 a.m. – 8 p.m. (CST)

Saturday 9 a.m. – 4 p.m. (CST)

ACU dedicates considerable resources and efforts to protecting the security of your account information. We ensure your account integrity in the following ways:

  • Every ACU employee is required to pass an annual privacy compliance test as part of how we train and reinforce the importance we place on member information confidentiality and security.
  • A series of firewalls prevent unauthorized access to our internal systems. As data comes to us over the internet from your device, it goes through a series of safety checkpoints so that only authorized messages and transactions enter our computer systems.
  • We physically secure our internal servers, telecommunications systems and service centres so that your personal and financial information is protected physically as well as digitally.
  • The password that you use for online and mobile banking, as well as the Personal Identification Number (PIN) for your debit card, are inaccessible to us and we will never ask you to reveal them. Our online banking system uses two-factor authentication, a security feature that sends unique one-time passcodes for certain security sensitive activities. Examples would be adding bill payees, updating your contact information and resetting your password.
  • We will only exchange information with you through our secure email portal (see Email Security for more information) and our secure messaging service which allows you to communicate with us directly through online banking.
  • For using Secure email, the link to this portal will be sent to you by the representative and you should be expecting it. If you receive an email from ACU with a link but are not expecting it, do not click on the link. If you're unsure or want to report any suspicious requests, please contact us at any time. Within the secure messaging service, you may include account numbers and any other information that may help us better assist you with your questions.
  • We take your concerns about receiving emails seriously. Emails from ACU follow standard privacy rules.
    • All of our email marketing communications come from donotreply@acu.ca
    • ACU will never ask you to enter your password or financial information through email or send such information in an email
    • All of our marketing emails have an unsubscribe option in the footer
    • All communications follow CASL compliance
    • We will never send you third-party marketing emails or use your email for any marketing you haven't agreed to receive
    • We will never share your email address outside of ACU
    • If you're unsure or want to report any suspicious requests, please contact us at any time

Feel free to read more about how our privacy policies and practices protect your personal information.

Our digital banking system has industry-leading security capabilities, including robust fraud prevention, cyber security features and high-risk transaction protections to ensure that your transactions are secure while data is transmitted between your device and our banking server.


We use 256-bit TLS encryption on our desktop website and mobile app, enabling you to easily and securely complete banking transactions on your phone, tablet or computer.

Controlled account access

You have control over your account access – only you know your sign-in credentials, user name and password. Our employees do not have this information, nor do they require it from you.

Password protections

There is a maximum number of attempts to input the password for your account. If it exceeds the number, your online access will be disabled, and you must contact a member representative to assist you.

Mobile Apps

The following permissions and activities are required by our mobile app to operate.

  • Access Camera” permission is used by the app to deposit a cheque via mobile deposit capture, store a custom profile and background picture.
  • Access Location” permission is used by the app to accurately locate the nearest ATM or branch in the “Find Us” feature.
  • Call permission” is used to automatically call the user’s preferred branch by tapping on the phone number in the “Find Us” feature.
  • Read Contacts” permission is used to set up new Interac e-Transfer® contacts and send an Interac e-Transfer. Only the device contact information a user confirms is readable by Interac.
  • Internal Storage” permission is required to view, share and download PDF files from the mobile app to a user’s device. A Synergy CU monthly account statement is an example of a PDF file.
  • App Activities” uses mobile app interaction data for analytics on usage and crash information for the current app version. We also monitor application stability using the crash logs to make ongoing improvements. Data collected on app activities, information and performance is completely anonymous and aggregated – individual users are not identifiable.

We do all that we can to make certain that your financial information is secure. You can help us, by doing your part to stay safe.

  • Do not follow links from e-mails to your financial institution’s website. Type in the address (https://acu.ca) and look for https in the address.
  •  Scammers will try scare-tactics – saying your account has been closed or there’s an issue to get you to take immediate action. Call your credit union to independently verify these types of messages. 

Use strong, unique passwords

  • Ensure your banking login password is unique – avoid re-using passwords from other sites and services you use. 
  • Choose a password that is memorable for you, but not easy to guess, and avoid using personal information like phone numbers, birth dates, your pet’s name, etc.
  • Don’t use the auto-save function for user names and passwords on your browser and device. Consider using protected password management software or another secure system for storing passwords.  
  • Never share your password with anyone – including employees at this credit union. They will never ask you for your credentials. 
  • Make it a habit to change your online banking password and your PIN on a regular basis
  • Contact us immediately if you suspect someone has illegally obtained knowledge about your online banking password or your PIN

Monitor your accounts and set up alerts

  • Review your statements regularly and set up transaction alerts for your account to help you identify any irregular activities.  
  • You can receive notices when certain activities occur with your accounts such as password changes, sign in attempts, adding bill payees and more. You can manage your alerts in the Setting section of online banking or directly on the mobile app.
  • Our alert messages will never contain any personal information about you or account and will never ask you to click or download anything.

Be aware of cyber crime

  • Cyber-criminals seek vulnerabilities in human behaviours to steal credentials. They are using social engineering tactics to trick people into providing sensitive information or visiting a malicious website.
  • Financial phishing and smishing scams: A cyber-criminal poses as your financial institution sending you emails (known as phishing) or text messages (known as smishing) in an attempt to get you to provide your login credentials.

Protect your computer

Threat protection software secures your information and privacy on your computer. Installing this software will mitigate virus threats, ransomware, provides firewall protection and protect you from harmful sites and data.

Browse safely

Make sure you are using the most current version of your online browser, and it shows https:// as part of the web address in the browser bar, as this verifies the security certificate of the website is authentic.

  • Sign out of your online banking session
  • Don’t access your account using public Wi-FI or a public computer
  • Use our alerts options and one-time password features

Manage your operating systems

Keep your operating system up to date to protect against malware and viruses and download the latest security patch when it becomes available.

Protect your device

  • Keep your operating system updated and install anti-virus software
  • Ensure your device has password protection
  • Download apps exclusively from Google Play, Apple Store, etc., not from a link
  • Install anti-virus software for your smartphone if available and update it frequently
  • Install an app that enables you to track the location of your device. These often enable you to remove locate or factory reset a device if lost or stolen
  • Keep your smartphone's operating system updated
  • Don’t remove the manufacturer’s restrictions on the device (aka jailbreaking)

What to do if you become a victim of fraud, or are aware of a scam

Many scams may breach consumer protection laws (those enforced by the Competition Bureau, other government and law enforcement agencies), and may also breach the fraud provisions of the Criminal Code.

Fraud needs to be reported, even if they didn't scam you. The Competition Bureau of Canada outlines how to report frauds and scams.

If you are a victim of a scam or fraud, and have suffered property or monetary loss, contact the Winnipeg Police Service at 204-986-6222.

Report email and SMS spam. See Canada's Anti-Spam Legislation page, and check the link for the Spam Reporting Centre.


This website uses cookies to improve your user experience. By continuing to browse the site you are agreeing to our use of cookies.