Compliance Blog

NCUA Updates 2020 Supervisory Priorities

On Wednesday, July 15, 2020 the NCUA took an unusual step and issued an updated version of its 2020 supervisory priorities. But we are living in unusual times, and given the ongoing pandemic including guidance issued by the Federal Financial Institutions Examination Council (FFIEC), it is helpful to have an update to this document since the original supervisory priorities were published in January. Credit unions may be wondering what is different between the two documents, so here is a summary.

Bank Secrecy Act/Anti-Money Laundering

BSA/AML compliance will remain a supervisory priority, and compliance with customer due diligence requirements and proper filing of suspicious activity reports (SARs) and currency transaction reports (CTRs) will remain a focus. NCUA also provided links to key resources and indicated the agency continues to work on several initiatives including: additional updates to the FFIEC BSA/AML Examination Manual; establishing interagency work-streams to define AML compliance effectiveness; publishing guidance on politically exposed persons; updating the interagency statement on BSA/AML enforcement; and offering clarification and suggestions to improve SARs and CTRs.

CARES Act

The Coronavirus Aid, Relieve, and Economic Security Act (CARES Act) included many requirements that impact credit unions like forbearances for certain federally backed mortgages, limits on credit reporting and the paycheck protection program loans. A summary of these provisions is available here. The CARES Act is now a supervisory priority for 2020 given “the importance of the provisions outlined in the Act.” The agency will “review credit unions’ good faith efforts to comply” with the Act.

Consumer Financial Protection

The priorities specific to consumer financial protection laws remain largely unchanged (this past NAFCU Compliance Blog post and this member-only Compliance Monitor article). However, these compliance reviews will now place additional emphasis on two additional things: Compliance with recent changes to Regulation E’s remittance transfer rule; and a review of any waivers of the waiting periods in the TILA/RESPA Integrated Disclosures (TRID) rule and waivers of the rescission time periods in Regulation Z.

Credit Risk Management and ALLL

While the original supervisory priorities focused on loan concentrations in terms of credit risk, because of the pandemic and updated regulatory and statutory changes, NCUA is “shifting its emphasis.” Specifically, the agency will review actions that credit unions took to aid borrowers in need of assistance and consider whether the credit union’s allowance for loan and lease losses (ALLL) is adequate to address the effects of economic downturn. NCUA included a list of relevant resources with regard to ALLL requirements:

Additionally, given that the implementation of the current expected credit losses (CECL) standard has been delayed until January 2023, NCUA will not be assessing credit unions’ efforts to come into compliance with CECL until further notice.  

Cybersecurity

While the original supervisory priorities focused on assessing cybersecurity maturity using the Automated Cybersecurity Examination Tool (ACT), this is another area where NCUA is switching gears. The agency will instead focus on “critical security controls.” Additionally, NCUA will begin piloting a new information technology risk examination solution called InTREX-CU, which is based off of tools currently used by the Federal Deposit Insurance Corporation, the Federal Reserve System and some state financial regulators. This will “ensure consistent approaches are applied to community financial institutions.” While NCUA has not yet issued many details on the InTREX-CU program, credit unions can find information about the FDIC’s InTREx program here.

LIBOR Transition Planning

This will remain a 2020 supervisory priority. While the CFPB is currently working on this issue and has released some resources on this topic from a consumer lending perspective, other contracts may be impacted like investments. Examiners will continue to assess credit unions for exposure to LIBOR, conducting reviews using the agency’s LIBOR Assessment Workbook, located in the Interest Rate Risk Exam Procedures section of the online Examiner’s Guide.

Liquidity Risk

Liquidity risk is also still a supervisory priority. However, because the economic impact of the pandemic may place additional stress on credit union balance sheets, examiners will look at liquidity risk management and planning in all credit unions. The emphasis will be placed on: the effects of loan payment forbearance, delinquencies, projected credit losses and loan modifications; scenario analysis for changes in cash flow projections based on a range of factors like changing prepayment speeds; scenario analysis for liquidity risk modeling including changes in share composition and volumes; the potential effects of low interest rates and decline in credit quality on the market value of assets, funding costs, and borrowing capacity; and the adequacy of any contingency funding plans.

Finally, NCUA provided an update on its ongoing exam modernization initiatives. For a few years, NCUA has worked on a new user portal for exams called NCUA Connect and a new examination tool called the Modern Examination and Risk Identification Tool (MERIT). MERIT would replace the existing AIRES questionnaires and NCUA began using this tool for some credit unions above $10 billion in assets late last year. The original plan was to have large scale training of examiners on MERIT this summer, but given challenges due to the pandemic, NCUA is delaying the broad rollout until the second half of 2021. However, some credit unions may still have exams using MERIT instead of AIRES in 2020 and early 2021 as NCUA has both a pilot program and possible limited release capacity.

In another note, NCUA also created a chapter in its Examiner’s Guide on COVID-19 specific exam issues. This reflects FFIEC guidance issued in June and will be addressed in more detail in a future NAFCU Compliance Blog.

About the Author

Brandy Bruyere, NCCO, Vice President of Regulatory Compliance, NAFCU

Brandy Bruyere, NCCO, Vice President of Regulatory ComplianceBrandy Bruyere, NCCO was named vice president of regulatory compliance in February 2017. In her role, Bruyere oversees NAFCU's regulatory compliance team who help credit unions with a variety of compliance issues. She also writes articles for NAFCU publications, such as the NAFCU Compliance Blog.

Read full bio