NCUA Releases Diversity & Inclusion Checklist

The National Credit Union Administration (NCUA) released Letter to Credit Unions 16-CU-05 which contains a checklist for assessing credit unions’  diversity and inclusion policies and practices.  The goal of the voluntary self-assessment is to establish a baseline for evaluating diversity and inclusion in the credit union system.  Individual credit union self-assessment results will not be shared with examiners and will have no bearing on CAMEL ratings.  There is no penalty for credit unions that currently have limited or no diversity or inclusion policies in place.

The NCUA is encouraging all credit unions with at least 100 employees to complete the voluntary self-assessment checklist and mail it back to the NCUA’s Office of Minority and Women Inclusion (OMWI) by November 30, 2016.

Also included in the letter to credit unions is an article entitled Diversity: A Good Investment for Credit Unions and the Final Interagency Policy Statement Establishing Joint Standards for Assessing Diversity Policies and Practices in Regulated Entities.

In other news, the Federal Financial Institutions Examination Council (FFIEC) issued a revised Information Security booklet, which is part of the FFIEC Information Technology Examination Handbook (IT Handbook).

The revised booklet addresses the factors necessary to assess the level of security risks to a financial institution’s information systems.  The booklet also helps examiners evaluate the adequacy of the information security program’s integration into overall risk management.

The Information Security booklet describes effective information security program management, including the following phases of the life cycle of information security risk management:

  • Risk identification;
  • Risk measurement;
  • Risk mitigation;
  • Risk monitoring and reporting.

The booklet provides an overview of information security operations, including the need for effective (1) threat identification, assessment, and monitoring and (2) incident identification, assessment and response. It discusses methods to achieve and assess information security program effectiveness, including assurance and testing. It also incorporates cybersecurity concepts, such as threats, controls, and resource requirements for preparedness. The booklet contains updated examination procedures to help examiners measure the adequacy of an institution’s culture, governance, information security program, security operations, and assurance processes.

The IT Handbook is available at

Compliance Question of the Week

What is the dormancy period for a UTMA account? Do we wait until the account is payable to the minor, or does it follow the guidelines of a traditional share account?

For UTMA accounts opened in WA, OR, ID, and CA, credit unions should follow the same dormancy guidelines that they follow for regular share accounts. If there is no positive owner contact within the specified amount of time (generally 3 years), credit union should report the account as dormant.

When the unclaimed property is a UTMA, it must be identified as a UTMA when it is reported to the state. For example, a UTMA would be reported as John Doe, Custodian, Jane Doe, UTMA.


WA Unclaimed Property Guide
CA Holder Reporting Guide
Oregon Unclaimed Property Guide
Idaho Statute 14-506

Legal Briefs

National Credit Union Administration (NCUA)

The NCUA announced that total loans outstanding at credit unions saw a 10.5 % increase over the same period in 2015, resulting in more than $800 billion outstanding loans.

The NCUA announced that it will hold a public briefing on its proposed 2017-2018 budget on Thursday, October 27th.

The NCUA released a new online training service aimed at helping credit union board members learn more about strategic planning.

The NCUA released a voluntary self-assessment checklist to help credit unions evaluate their compliance with the voluntary diversity policies and practices.

Consumer Protection Financial Bureau (CFPB)

The CFPB announced its Youth Financial Education Initiatives. The initiative includes a CFPB report on helping youth achieve financial capability as well as a person finance teaching tool.

Federal Reserve Board (FRB)

The FRB has posted an update to the Beige Book, which provides summaries on consumer spending and tourism, nonfinancial services, manufacturing, real estate and construction, banking and finance, and other topics that impact the economy.

The FRB, jointly with the FDIC and OCC, issued a study on banking activities and investments that was released to Congress and the Financial Stability Oversight Council.

Federal Deposit Insurance Corporation (FDIC)

The FDIC released the September listing of banks’ CRA ratings. The September list indicated that 3 banks received ratings of outstanding while 57 received ratings of satisfactory.

The FDIC released its Second Quarter State Profiles. The profiles summarize banking and economic conditions in each state.

Office of the Comptroller of the Currency (OCC)

The OCC released its August financial institution CRA performance ratings.  The August list shows that 7 institutions received outstanding ratings, 22 earned satisfactory ratings, and 1 financial institution received a substantial noncompliance rating.

Financial Crimes Enforcement Network (FinCEN)

FinCEN issued advisory FIN-2016-A003 to warn financial institutions guard against the increase of e-mail related fraud scams.

FinCEN issued advisory FIN-2016-A004, which outlines jurisdictions identified by the Financial Action Task Force (FATF) as having AML and CFT deficiencies.

Federal Financial Institutions Examination Council (FFIEC)

The FFIEC issued a revised Information Security Booklet (part of the IT Examination Handbook). The revised booklet includes information on effective information security programs as well as providing an overview of security operations.

Office of Foreign Assets Control (OFAC)

OFAC has updated the SDN list as of September 1, 2016. The last update prior to this was August 31, 2016.

Questions? Contact the Compliance Hotline: 1.800.546.4465,

Posted in Compliance News, Economy, NCUA.