The National Credit Union Administration has released
That’s because with the new examination schedule in effect, some credit unions won’t see examiners in their shops for up to 18 months after the date of their most recent exam, meaning some CUs could face next year’s examinations with either short notice on new exam priorities or an outdated list.
The good news is that the regulator’s supervisory priorities have remained pretty consistent for the last few years. Cybersecurity assessments, BSA compliance, interest rate and liquidity risk, commercial lending and consumer compliance are all areas of focus in 2017, along with internal controls and fraud prevention. And that last item could be particularly thorny, given the fact that internal fraud continues to plague CUs – especially small ones – and frequently leads to further industry consolidation.
“I don’t think fraud is rising at an alarming rate, but we do understand it more and catch it more than we used to,” noted Geoff Bacino, a former NCUA board member and a member of the Association of Credit Union Internal Auditors. “I [recently attended] a volunteer leadership institute conference in Hawaii and they had a whole session on fraud; you didn’t see that a few years ago. So I think it’s coming to the forefront more.”
John McKechnie, a former NCUA and CUNA staffer and now a credit union consultant, noted the emphasis on stopping fraud represents an acceptance of just how big a problem fraud is in the industry.
“When Board Member [Mark] McWatters made points during a recent board meeting about the percentage of losses to the Share Insurance Fund that are attributable to fraud, a lot of people in the credit union movement applauded that, because they realized that…there’s a large body of regulations, but we’re not addressing the real-world concerns about fraud,” said McKechnie, referring to a 2015 finding that fraud contributed to 43% of NCUSIF losses over the course of the preceding decade. “All the regs in the world don’t matter if you’re not adequately controlling against fraud. I hope the agency is beefing up its attention and trying to encourage credit unions to beef up their own attention to fraud prevention. Credit unions applauded when the agency began to take a look at the reality about fraud that isn’t addressable through regulation.”
Are CUs ‘missing the boat’?
One element of the priority list that Bacino said CUs need to pay more attention to is BSA compliance, “which is probably tied a little to the cannabis industry” and the rising number of CUs serving legal marijuana businesses. Bacino noted that McWatters “has already said we need to do something about this,” but NCUA Chairman Rick Metsger has previously signaled that the regulator won’t be issuing any guidance on how CUs should serve pot shops, saying that with the drug still illegal at the federal level, a solution is best left to Congress.
“You’ve got millions in cash floating around out there because you can’t figure out a way for financial institutions to serve these folks,” noted Bacino. “I frankly think it’s an issue credit unions should take the lead on. We talk about serving all segments of our membership base [but] if you don’t at least make an attempt then credit unions are missing the boat on this.”
Some credit unions – most notably Arvada, Col.’s
Bacino, for his part, agreed that the ultimate solution on this issue will have to come from Congress, but noted that some guidance does exist, including the so-called
“Partner Colorado has shown that there are ways to handle this,” said Bacino. “There are companies out there that can track the dollar from the time it comes into the dispensary to the time it gets to the credit union, and that’s important. It’s no longer a moral argument; it’s no longer whether you agree or disagree…There comes a point where credit unions want to take the lead and figure out how to serve this community.”
For its part, the Credit Union National Association said the priority list contained few surprises, given the conversations the trade group has had with the regulator in recent months, including the focus on fraud prevention. In its compliance blog, the National Association of Federally-Insured Credit Unions outlined how this year's priorities might impact CUs -- as well as that the regulator has addressed many of these topics in its examiner's guide -- and reminded that unless extenuating circumstances arise, CUs will have at least four weeks notice before exams this year, will be implementing measures to improve coordination of document requests from CUs, and will be separating pre-exam planning and scoping from the beginning of on-site work.
