NCUA Shares 2105 Supervisory Priorities

01/07/2015 10:33 am

ALEXANDRIA, Va.—Cybersecurity, interest rate risk, Bank Secrecy Act (BSA) compliance and liquidity funding are at the top of NCUA’s supervisory priorities for 2015, according to a Letter to Credit Unions (15-CU-01) sent Tuesday.

The agency detailed what its field team will be examining:

Cybersecurity
Saying the agency will “redouble efforts” to ensure that the credit union system is prepared for a range of cybersecurity threats, the agency stated field staff  “will focus on proactive measures credit unions can take to protect their data and their members, including:

  • Encrypting sensitive data.
  • Developing a comprehensive information security policy.
  • Performing due-diligence over third parties that handle credit union data.
  • Monitoring cybersecurity risk exposure.
  • Monitoring transactions.
  • Testing security measures.

NCUA shared that field staff will evaluate credit unions’ capacity to recover and resume operations in the event a security breach occurs.

Interest Rate Risk
Reminding that exposure to interest rate risk remains a primary concern due to continued uncertainty about monetary policy and the direction of short-term interest rates, NCUA stated that field staff will continue to use existing guidance to assess credit unions’ IRR exposure. The agency stated it is “in the process of updating this guidance to ensure that IRR is assessed accurately and that the appropriate supervisory steps are taken in response to excessive IRR exposure.” 
Examiners will evaluate credit unions’ compliance with NCUA’s Interest Rate Risk Rule, which requires credit unions with assets over $50 million to draft and implement a written IRR policy and develop a program to identify, measure, monitor, and control IRR, the agency stated. 
Bank Secrecy Act Compliance
NCUA emphasized the agency “remains vigilant” in ensuring that the credit union system is not used to launder money or finance criminal or terrorist activity. The agency stated that as staff continue to assess credit unions’ BSA compliance, there will be a focus relationships with money services businesses. 
“Credit unions can provide services to MSBs while meeting their BSA requirements, but they should be aware of the unique risk exposure MSBs can present,” the letter stated.

NCUA outlined minimum expectations that credit unions should meet when providing services to MSBs, including: 

  • Identifying customers.
  • Ensuring that each MSB is registered with the Financial Crimes Enforcement Network and in compliance with state and local licensing requirements.
  • Conducting a BSA/Anti-Money Laundering risk assessment to document the level of risk associated with each MSB account and determine whether greater due diligence is necessary.

Liquidity and Contingency Funding Plans Rule
NCUA stated that it will be looking for full compliance with relevant provisions of its liquidity rule (§741.12) issued last march.

TILA-RESPA Integrated Disclosure Rule
NCUA explained it will be assessing credit unions’ compliance with relevant provisions of the Consumer Financial Protection Bureau’s TILA-RESPA Integrated Disclosure Rule after it goes into effect in August.

The rule requires loan originators to provide consumers with:

  • A Loan Estimate form, which combines the initial Truth in Lending Act (TILA) disclosure and the Good Faith Estimate. The Loan Estimate form must be delivered or placed in the mail no later than the third business day after receiving a consumer’s mortgage application.
  • A Closing Disclosure form, which combines the final TILA disclosure and the HUD-1 Settlement Statement. The Closing Disclosure form must be provided to the consumer at least three business days prior to consummation of the mortgage.

Ability-to-Repay and Qualified Mortgage Standards Rule
NCUA emphasized that credit unions have had a full year to come into compliance with the CFPB’s mortgage rule, which:

  • Requires certain mortgage lenders to consider eight specific factors to assess a borrower’s ability to repay a loan, and
  • Provides certain legal protections to loans that meet the ability-to-repay requirement and other underwriting criteria (i.e., “Qualified Mortgages”).

NCUA added that in 2015, NCUA’s Small Credit Union Examination Program (SCUEP) will employ a defined-scope exam approach that focuses staff attention on the primary areas of risk for small credit unions: internal controls, recordkeeping, and lending.

For shops under $30 million in assets, those holding CAMEL ratings from one to three will undergo a defined-scope examination. Those with CAMEL ratings of four and five will undergo a defined-scope exam, as well as well as “additional reviews as necessary to appropriately supervise the risk.”
CUs from $30 to $50 million in assets and a CAMEL rating from one to three, will undergo a defined-scope or risk focused exam, based on the Region’s discretion. Those with CAMEL ratings of four and five will face a risk-focused examination.
Credit unions above $50 million in assets will undergo a risk-focused examination.

Related

NWCUA Unveils Tool To Report Exam Issues

Revised BSA/AML Exam Manual Released

One Of First CUs To Serve Pot Industry Undergoes Exam, Learns What Regulators Are Looking For

Section: Standard
Word Count: 983
Copyright Holder: CUToday.info
Copyright Year: 2026
Is Based On:
URL: https://cuto.flux5.ccplatform.net/Fresh-Today/NCUA-Shares-2105-Supervisory-Priorities