Compliance Blog

Posted by Anthony Demangone, deep in the throes of cabin fever.

Hey guys, we're closed again, as the federal offices have closed for the day.  For those of you shaking your heads, you have no idea what snow does to this area.  We fear snow like a cat fears rocking chairs. Plus, we're supposed to get 10' to 20' tonight into Wednesday evening.  Pray for us.

NAFCU members, if you have a compliance need, please email us at compliance@nafcu.org.  Please be patient with us, as we're working remotely.

Here's a shot from outside our front door.  It was taken early Saturday morning.

 

Guess which car is owned by someone who was born in Pennsylvania?

 

***

We're going to have to take a break from Reg Z today.  Working remotely diminishes one's capacity to analyze complex documents.  But here's something that caught my eye.  NCUA recently issued legal opinion letter 09-1229.  The letter explains that  "regulatory compliance services" are a permissible CUSO activity under the preapproved category of clerical, professional, and management services.  It is a very good read, and very interesting.

People have discussed this quite a bit, and a few have asked me what I think about a CUSO offering compliance services as a way to help manage compliance costs and improve compliance functions.  Here are some thoughts:

• Certainly, this is a great way to build expertise and manage costs.  A number of credit unions can split the cost of two or three compliance professionals.  The CUSO should be able to recruit experts who can devote their days to compliance-related matters.
• Would the credit unions using the CUSO completely outsource their compliance function?  Or is the CUSO just to augment the credit union's existing compliance team/person?  That's a big question that needs to be answered.
• If a credit union were to completely outsource its compliance function to the CUSO, here are a few things to think about:
  1. Management of expectations.   The CUSO would likely have a limited staff.  What happens when a credit union has a team of examiners in house?  Or if 2 different credit unions using the CUSO have exams at the same time? I doubt that any CUSO would be able to provide 24/7 attention during a crisis.
  2. That which we outsource, we often forget.  If a credit union completely outsources its compliance function to a CUSO, it runs the risk of losing its internal compliance expertise.  Quickly.  Then the credit union is very dependant on that CUSO. Very.
  3. Boiler plate.  Policies and procedures will need to be produced.  If the CUSO is producing them, the policies and procedures for the credit unions using the CUSO will likely be very similar.  If the CUSO is building them from scratch for each participating credit union, then it will need to devote a lot of resources in that area.

I think the idea of forming a CUSO to help with compliance burdens is fascinating, but my gut reaction is that it would work best to augment existing compliance efforts - not to replace them.