Nsight Blog | Ncontracts

What Will NCUA Examiners Be Looking at in 2020?

Written by Michael Berman | Jan 14, 2020 12:08:18 PM

The NCUA’s 2020 Supervisory Priorities are published—and they are giving us a first look at the areas where NCUA will focus its examination efforts this year.

The list remains similar to last year’s with BSA, cybersecurity, consumer protection/compliance, credit risk, and CECL high on the list, and nothing has been removed. The letter has also been expanded from years past to address new rules that have been integrated into exams and what lays ahead for NCUA exam modernization efforts.

Read on to find out where examiners will be paying extra close attention.

NCUA’s 2020 Priorities

  • BSA/AML
  • Consumer financial protection
  • Cybersecurity
  • Credit risk and liquidity risk
  • CECL
  • Planning for end of LIBOR

BSA/AML: Attention to this area remains high, with extra emphasis on customer due diligence and beneficial ownership requirements and properly filing SARs and CTRs. There are also plans to provide clarifications and update enforcement guidelines.

Consumer financial protection: Each year the NCUA analyzes trends in violations, complaints and regulatory change to decide which consumer financial protection regulations will be reviewed at every exam.

In 2020, they include:

  • Electronic Fund Transfer Act (Regulation E): Examiners will evaluate Electronic Fund Transfer (EFT) policies and procedures and review initial account disclosures. Examiners will also review compliance with Regulation E’s error resolution procedures for when consumers assert an error.
  • Fair Credit Reporting Act (FCRA): Examiners will review credit reporting policies and procedures. If applicable, examiners will also review the accuracy of reporting to credit bureaus, particularly the date of first delinquency.
  • Gramm-Leach-Bliley (Privacy Act): Examiners will continue to assess compliance with Gramm-Leach-Bliley to evaluate credit union protection of non-public personal information about consumers.
  • Small dollar lending (including Payday Alternative Lending): Examiners will test for compliance with NCUA Payday Alternative Lending (PALs) rules and interest rate cap. In addition, examiners will determine whether a credit union’s short-term, small-dollar loan programs that are not PALs comply with regulatory requirements.
  • Truth in Lending Act (Regulation Z): Examiners will evaluate credit union practices concerning annual percentage rates and late charges. These reviews will assess how credit unions apply loan payments to principal, interest, fees and other charges, and whether the application is consistent with the written agreement and disclosures. Examiners will also review whether credit unions appropriately levy late fees. They will also test whether credit unions are accurately disclosing finance charges and annual percentage rates.
  • Military Lending Act (MLA) and Servicemembers Civil Relief Act (SCRA): MLA and SCRA have been a supervisory priority since 2017 and will remain so for 2020. For credit unions that have not received a recent review, examiners will review credit union compliance with the MLA and SCRA.

Credit risk: Underwriting standards and procedures will continue to be emphasized by examiners, particularly reviews of borrower ability to meet debt service requirements. Concentration risk will also be reviewed, with enhanced exam procedures for CUs with very high loan concentrations of specific types of loans.

Current Expected Credit Losses (CECL): Examiners will want to see how CUs are planning for CECL despite the one-year delay in implementation.

Information systems and assurance (Cybersecurity): Cybersecurity remains a top concern for NCUA examiners.

Here’s what’s hot in exams:

  • An updated version of the Automated Cybersecurity Examination Tool (ACET) will be released in 2020 with the ability to complete self-assessments available in early 2020.
  • NCUA will begin cybersecurity maturity assessments at credit unions with assets between $100 million and $250 million. (The agency already began these assessments at institutions with more than $250 million in assets and expects to complete the initial four-year cycle in 2021 before repeating it starting in 2022.)
  • NCUA will pilot new procedures for evaluating critical security controls during exams in between maturity assessments. These will be influenced by a CU’s size and risk profile.
  • NCUA also plans to increase cybersecurity stakeholder outreach, education and awareness.

Preparing for the end of LIBOR: With the London Interbank Offered Rate (LIBOR) set to be phased out at the end of 2021. Failing to prepare for the end of this critical benchmark can pose safety and soundness risks to a credit union.

Examiners will be paying attention to how CUs prepare. They’ll want to see CUs identify the number and balance amounts of all LIBOR-related transactions, both on- and off-balance sheet exposures. They’ll also want to see related planning, governance, senior executive engagement, budgeting, accounting, and how other impacts are being addressed.

Liquidity risk: Making yet another appearance on the list, NCUA says examiners will be reviewing liquidity management and planning at credit unions. CUs with low levels of on-balance sheet liquidity will receive particular attention.

The letter also describes the NCUA’s modernization efforts, including the planned general release of NCUA Connect, the agency’s new user portal, and MERIT, the new examination platform.

You Ought to Know

In a break from years past, the supervisory priorities letter highlights new rules that have been integrated into exams and NCUA efforts to modernize the exam program.

Key highlights include:

  • After a pilot program, the NCUA is rolling out NCUA connect to all credit unions and state regulators.
  • The agency is also releasing its Modern Examination and Risk Identification Tool (MERIT) to all examiners in the second half of 2020. Improvements over AIRES include the ability to securely transfer exam-related documents and files; corrective action status updates and due date change requests, and secure access to exam reports.
  • The NCUA plans to issue guidance on banking hemp-related businesses “soon.” Examiners will be gathering data on how credit unions are servicing these businesses this year.
  • Exam programs have been updated to include rules approved last year, including the Commercial Real Estate Appraisal Rule, Private Flood Insurance Rule, Public Unit and Nonmember Shares Rule.
  • The agency is working to modernize other systems, including CUOnline (the Profile and Call Report).

Do you feel confident that your credit union is organized, compliant and ready for examiners? If not, 2020 is the year to re-examine your compliance management system, and decide what your CMS is missing.

 

Related: What Is A Compliance Management System And Why Your FI Needs One