National Credit Union Administration Chairman Mark McWatters on Tuesday called on Congress to help provide additional regulatory reform for CUs, noting that while NCUA can do some things on its own, a variety of substantive measures require congressional action.
Addressing the Senate Banking Committee as part of a
NCUA has already amended and expanded field of membership rules
“Allowing federal credit unions with a community or single common-bond charter the opportunity to add underserved areas would open up access for many more unbanked and underbanked households to credit union membership,” McWatters’ said in prepared testimony. “This legislative change also could enable more credit unions to participate in programs offered through the congressionally established Community Development Financial Institutions Fund, thus increasing the availability of affordable financial services in distressed areas.”
The chairman also asked lawmakers to allow all federally chartered CUs to add under-served communities to their fields of membership – regardless of whether those underserved areas meet the definition of a local community – by allowing NCUA “to permit federal credit unions to add anyone residing in a census tract where current projections indicate he or she qualifies as low-income.”
Potential systemic threat
Along with FOM expansions, McWatters also told lawmakers NCUA needs the ability to regulate third-party vendors since the rise of fintechs represents a potential systemic threat to credit unions if those partnerships aren’t properly regulated.
Fintech, said McWatters, “increases potential systemic cybersecurity risks across the financial services landscape. The credit union system is particularly at risk because the NCUA does not have sufficient legal authority to directly identify and address systemic cybersecurity risk and the potential contagion risk that key fintech service providers can pose.” He said the agency needs vendor authority on par with that of the FFIEC.
While NCUA can currently examine CUSOs and other third-party vendors, it must have their permission to do so and does not have the power to enforce corrective actions.
This is by no means the first time NCUA has called for vendor oversight – McWatters cited a GAO report stating that office has supported the idea since the late 1990s – but he framed the request as part-and-parcel with reg reform and more crucial than ever due to emerging threats from technology and a growing credit union movement.
“Today, the top five technology service providers serve more than half of all credit unions, representing 92 percent of the credit union system’s assets,” he said. “Data from the fourth quarter of 2017 show that credit unions using the services of a CUSO accounted for $1.375 trillion in assets or 99.7 percent of the system’s assets. This figure is up from 88 percent of assets at year-end 2014, and it does not include third-party vendors that are not CUSOs. A failure of even one of these vendors represents significant potential risk to the Share Insurance Fund and the potential for losses from these organizations are not hypothetical.”
McWatters also called on Congress to help CUs get additional access to capital and said the agency is developing an advanced notice of proposed rulemaking to explore alternatives to credit unions’ current interest rate ceilings.
“Possible alternatives include a higher, variable, or tiered interestrate ceiling,” he said. “The agency believes that any interest rate ceiling must protect consumers and help federal credit unions fulfill the needs of their members and communities, especially those of modest means and the underserved.”
Split reactions
Credit union trade groups responded positively to the chairman’s call for further action.
Carrie Hunt, EVP of government affairs and general counsel at the National Association of Federally-Insured Credit Unions said in a statement that while the reg relief package signed into law earlier this year “was a good start” at reg relief, “much more work needs to be done to continue to support a vibrant and growing credit union industry.”
She also emphasized credit unions’ mission to serve the underserved and said “it only makes sense for Congress remove barriers that limit credit unions’ ability to serve these consumers.”
For its part, the Credit Union National Association praised McWatters’ testimony related to attempts to increase transparency at the agency and NCUA’s implementation of S. 2155, but shot back at the regulator’s renewed attempts at vendor oversight. In a letter sent to lawmakers, CUNA president and COE Jim Nussle said the trade group “continues to oppose NCUA’s efforts to seek additional authority to examine and regulate credit union service organizations and third-party vendors. NCUA has effectively managed this risk within their current regulatory authority. Credit Unions are required to perform due diligence on their third party vendor relationships, and this due diligence is already subject to supervision by the NCUA.”
The National Association of State Credit Union Supervisors, however, offered a different perspective.
“We continue to support NCUA obtaining examination authority over technology service providers that provide services to federally insured credit unions. However, in states with existing vendor examination mechanisms in place, deference should be given to the state authority to supervise these vendors,” said NASCUS President and CEO Lucy Ito.
“As far back as 2001, NASCUS has supported limited NCUA authority over technology service providers, specifically. Most recently in 2015, in view of growing cybersecurity concerns, NASCUS promulgated a public policy position, again, proscribing NCUA’s authority to technology service providers with the added proviso that NCUA defers to state examinations of these entities in those states that have authority,” continued Ito. “Indeed, state regulators already cooperate with each other and with NCUA when examining technology service providers. Addressing cybersecurity threats necessitates a collaborative state-federal effort.”
