Washington State Division of Credit Unions Releases Examination Focus for 2018

To help your credit union better prepare for examinations, here are the highlights from the bulletin.

1/16/18

Picture of a gavelThe Washington State Division of Credit Unions Released DCU Bulletin B-18-01, which provides insight into the top examination focus areas for 2018. To help your credit union better prepare for examinations, here are the highlights from the bulletin.

Cybersecurity

IT examiners will continue to stress the importance of each credit union completing the FFIEC cybersecurity self-assessment tool, or a similar assessment tool. Cybersecurity attacks against credit unions remain persistent, sophisticated, and expensive to remedy. The FFIEC cybersecurity assessment tool or an appropriate substitute will help credit unions assess their cybersecurity preparedness.

The Division will review the cybersecurity self-assessment work that was completed by each credit union, and will provide guidance to help address potential cybersecurity vulnerability gaps. It is important that credit union management, including the board of directors, continues to carefully evaluate all cybersecurity risk management practices.

Member Business Loans

Because of an increase in the growth of MBL lending, and due to proposed changes to WAC 208-460, management must be able to provide documentation to support its ability to effectively monitor and manage its commercial loan portfolio. This includes having qualified staff, processes, and policies to ensure the safety and soundness of its MBL program. Additionally, the board of directors must adopt specific MBL loan policies and review them at least annually.

Consumer Protection Law Compliance

The Division will continue to schedule separate compliance examinations at credit unions with assets of more than $500 million. For credit unions that do not have a separate compliance examination scheduled, the compliance examination work will be part of the regular safety and soundness examination. Examiners will focus on FinCEN requirements, including BSA, MRBs (as applicable), and reviewing procedures and process related to the Beneficial Owner Rule.

Interest Rate Risk

Examiners will closely evaluate and review each credit union’s overall IRR management program and balance sheet composition to determine whether IRR levels are too high. The NCUA has provided IRR resources for credit unions and guidance for examiners. The examiners’ scope of review on IRR will be more in depth for credit unions with higher levels of long-term fixed rate assets and higher levels of IRR.

Credit unions with higher levels of IRR and balance sheet complexity should have more developed IRR policies, procedures, modeling systems, reporting, and control systems in place. Credit unions with limited IRR exposure will not be expected to have an extensive IRR management program.

The Importance of Strong Management to Credit Union Success

Examiners will continue to evaluate whether a credit union has strong management to develop and implement programs and products that prudently manage risks, while keeping the credit union productive, profitable, and competitive.

Effective Due Diligence and Program Management Over Indirect Lending Programs

In accordance with DCU Bulletin B-16-18, titled Indirect Lending and Credit Tier Exceptions, and NCUA Letter to Credit Unions 10-CU-15, titled Indirect Lending and Appropriate Due Diligence, examiners will closely review a credit union’s policies, procedures and practices over its indirect lending programs to determine whether risks are being properly managed and controlled. Additionally, examiners will closely evaluate whether satisfactory due diligence (both new and ongoing relationships) is performed on the indirect lending dealerships (usually an auto dealership).

Credit unions engaged in indirect lending must have clear underwriting practices that take into account objective factors such as a borrower’s creditworthiness, the age and value of the collateral, and the terms of the transaction, and must be able to demonstrate effective monitoring and control over the indirect lending program and its dealerships. Credit unions must be proactive, rather than reactive, should problems occur.

Question of the Week

Are we supposed to give a member a copy of a CTR we are filing if he or she requests one?

There is no rule by FinCEN that mandates a credit union give a copy of the CTR to the affected member. The credit union has several options:

  • Give the member a copy of the CTR.
  • Give the member a blank CTR.
  • Show the member the completed CTR, but do not provide a copy.
  • Develop a policy of not giving out copies of CTRs.
  • Develop a policy of giving out copies of CTRs.
  • Direct the member to the FinCEN website for additional information.

The filing of a CTR can be disclosed to a member. FinCEN has created a pamphlet credit unions may hand out to members who have questions about CTRs.

It is important to remember that an SAR cannot be disclosed to the member and a copy should never be provided to the member.

Related Links:

Legal Briefs

Federal Reserve Board (FRB)

The FRB has released the minutes of its Discount Rate Meeting.

The FRB issued a press release announcing the appointment of the chairs and deputy chairs for the Federal Reserve Banks for 2018.

Office of the Comptroller of the Currency (OCC)

The OCC issued an alert about a business that is purporting to be an online financial institution that is not a licensed or chartered bank in the United States. The entity is operating under the name Bluegate Industrial Bank USA, N.A.

Federal Deposit Insurance Corporation (FDIC)

The FDIC issued the Winter 2017 of its Supervisory Insights.

Office of Foreign Assets Control (OFAC)

OFAC has updated the SDN list as of January 12, 2018. The last update prior to this was January 5, 2018.

Questions? Contact the Compliance Hotline: 1.800.546.4465, compliance@nwcua.org.