Compliance Center: Washington State DCU Releases 2015 Examination Priorities

The Washington State Division of Credit Unions (DCU) released bulletin B-15-03 which details the areas the DCU’s examination focus for 2015.  Liquidity risk, interest rate risk (IRR), and Cybersecurity top the priorities for the DCU.

Many of the examination focus areas have changed from 2014 to 2015.  The examination focus for your individual credit union may or may not correspond with DCU’s 2015 exam focus areas. Examiners will continue to risk focus each individual examination to effectively and efficiently use our limited exam resources. This helps DCU better address the safety and soundness and regulatory concerns of the 60 state chartered credit unions under its regulatory purview.

The 2015 six main examination focus areas are:

Liquidity Risk

On average, liquidity levels at credit unions has decreased significantly in 2014.  Specifically, cash plus short-term investment ratio declined significantly.  Examiners will monitor the trend and review whether overall liquidity management is sufficient and whether credit unions can meet future cash flow needs under stressed conditions.  In addition, examiners will assess whether credit unions are complying with the NCUA’s requirements under 741.12.  In addition, the DCU is breaking out the “L” component of the CAMEL rating with the introduction of the “S” for sensitivity to market risk.  This change will be implemented in spring of 2015.

Interest Rate Risk (IRR)

Examiners will closely evaluate and review each credit union’s overall IRR management program and balance sheet composition to determine whether IRR levels are too high.  Examiners will consider the following main factors when making this evaluation:

  • The current and projected levels of net income and net worth;
  • The ability of management including the board, to manage and control IRR;
  • The ability of staff and management to accurately measure and assess IRR exposure;
  • The credit unions’ current IRR trend; and
  • Whether the credit union’s ALM and IRR strategies and practices are consistent with anticipated market interest rate changes and board approved IRR tolerance limits


Examiners will ask management and staff about how their credit unions deploy appropriate defenses to protect information systems and confidential information, including confidential information entrusted to vendors.  Specifically, DCU examiners will focus their reviews on the following cybersecurity/information security program content:

  • Information security policies and procedures;
  • Cybersecurity/information security risk assessments;
  • Cybersecurity/information security control testing;
  • Information systems unusual activity monitoring;
  • Security awareness education and training;
  • Encryption of credit union information systems and sensitive member information;
  • Vendor oversight as it relates to keeping member information secure;
  • Incidence response program; and
  • Business operations recovery after a cybersecurity incidence.

Credit Risk Management Program

Examiners will continue to stress the importance of having a strong credit risk management (CRM) program that effectively and proactively manages credit risk. Examiners will focus on evaluating whether the credit union’s CRM program is appropriate for the size and complexity of its lending program and risk profile. They will review how well the CRM program is implemented and used in lending, collections and credit risk decision making processes, including the setting of appropriate loan concentration limits.

Consumer Protection Law Compliance

DCU plans on scheduling six separate compliance examinations at credit unions with total assets over $500 million. Examiners will continue to evaluate the following: (1) The effectiveness of the overall compliance management program; (2) The program’s ability to detect and self-correct compliance problems; and (3) The credit union’s timeliness in implementing new regulatory compliance requirements. This is in addition to examiners reviewing a credit union’s compliance with specific consumer compliance regulations. Except for the six credit unions with scheduled separate compliance exams, compliance work will be done during regular safety and soundness examinations. Examiners will focus on the overall effectiveness of a credit union’s compliance program, given its asset size and product offering, the new TILA-RESPA integrated disclosure requirements, and the Ability-to-Repay and Qualified Mortgage Standards Rule that became effective in early 2014

The Importance of Having Strong Management Throughout the Credit Union

The biggest determinant of a credit union’s success is the quality of its management (including the board of directors and supervisory committee). Examiners will continue to evaluate whether a credit union has strong management to develop and implement programs and products that minimize risks while keeping the credit union productive and profitable.

Compliance Question of the Week

Our member is asking for a copy of their ChexSystems report. Can we provide a copy of the report to them?

In most cases, your contract with ChexSystems will prohibit you from providing the report directly to the consumer. However, the consumer can obtain the report from ChexSystems on their by visiting the following website:

Legal Briefs

National Credit Union Administration (NCUA)

NCUA Chairman Matz released a statement regarding credit union volunteers being the “first line of defense” for the credit union system. Matz went to discuss areas that volunteers should look at interest rate risk warnings and cybersecurity assessments.

The NCUA announced that 31 federally insured credit unions will be paying civil money penalties for the late filing of their third quarter 2014 Call Reports. NCUA Chairman Matz did state that the number of late filers is dropping, but there are still credit unions that are filing late.

Consumer Financial Protection Bureau (CFPB)

In a recent blog entry, the CFPB informed consumers of the 7 factors that determine their mortgage interest rate, including credit score, loan term, and down payment amount. The blog entry includes links to a tool that held consumers determine how different adjustments to the loan will impact their rate.

The CFPB finalized minor changes to the “Know Before You Owe” mortgage rules. These changes address when disclosures will be received after a rate lock and information on certain construction loans.

The CFPB announced new additions to its senior leadership team. The positions that were added include Assistant Director of Enforcement, Deputy Chief Operating Officer, Northeast Regional Director of Supervision and Examination, and Chief Human Capital Officer.

Federal Trade Commission (FTC)

The FTC released an additional study related to its 2012 report regarding the accuracy and completeness of consumer credit reports.

U.S. Department of Housing and Urban Development (HUD)

HUD released new residential construction statistics for December 2014.

Federal Housing Finance Agency (FHFA)

The FHFA announced that the House Price Index rose in November by a seasonally adjusted 0.8 percent.

Financial Crimes Enforcement Network (FinCEN)

FinCEN issued its January 2015 update of its SAR Stats.

Federal Reserve Bank (FRB)

The FRB has released its January 2015 update on payment system risk which shows the peak and average daylight overdrafts and related fees.

U.S. Department of the Treasury (Treasury)

Treasury Secretary Lew delivered remarks to the Brookings Institute, discussing his response to the President’s State of the Union Address and the U.S. tax system.

Office of Foreign Assets Control (OFAC)

OFAC has updated the SDN list as of January 16, 2015. The last update prior to this was January 14, 2015.

Questions? Contact the Compliance Hotline: 1.800.546.4465,

Posted in Compliance News, NCUA.