Washington DCU Releases Strategic Initiatives and Exam Focus for 2020

Expect more focus around on-site IT security exams and disaster recovery programs.

1/28/2020

Compliance image

The Washington State Department of Financial Institutions Division of Credit Unions released DCU Bulletin B-20-01, which provides insight into the division’s strategic initiatives and exam focus for 2020.

Strategic Initiatives for 2020

The division’s four main strategic initiatives and objectives for 2020 are to:

  • Successfully implement the restructure of the division;
  • Perform more off-site exam work;
  • Successfully implement using the new NCUA Connect & MERIT exam software; and
  • Reconfigure how IT security exams are performed.
Exam Focus for 2020

Cybersecurity — The division will continue to perform on-site IT security exams during most safety and soundness exams. The IT examiners will:

  • Continue to encourage credit unions to complete the FFIEC Cybersecurity Assessment Tool, the NCUA Automated Cybersecurity Assessment Tool (ACET), or use a similar type of tool to help the credit union assess its cybersecurity preparedness;
  • Review the cybersecurity self-assessment work completed by the credit union; and
  • Provide guidance to help address potential cybersecurity vulnerability gaps.

Consumer Protection Law Compliance — Examiners will focus on the following compliance areas during exams:

  • Member consumer complaint processing
  • Bank Secrecy Act
  • Regulation E
  • Regulation CC
  • Equal Credit Opportunity Act

Liquidity — Examiners will continue to expand their liquidity analysis on credit unions with low cash plus short-term investment rations to ensure they have well-run liquidity management programs and adequate contingent funding sources to satisfactorily address liquidity fluctuations when they may arise.

Business Continuity/Disaster Recovery Testing — Division IT security examiners will more closely examine credit unions’ business continuity plans and disaster recovery programs with particular emphasis on the testing done to ensure the credit union can restore all vital programs, systems, and operations in the event of a substantive disaster. IT security examiners will also focus on vendor management as it relates to business continuity and disaster recovery testing because credit unions are highly dependent on vendors for much of their operational functionality.

Question of the Week

Q. We received a garnishment notice for a member who has a joint account and a business account. Are the funds in both accounts subject to the garnishment?

A. The general rule is that if the person to be garnished is the owner of the funds, not just a signer, the funds should be held. In practice, this means that if a business is organized as a sole proprietorship, the funds are held. If, however, the business is a corporation, LLC, LLP, or partnership, the funds are not held. Similarly, if the person to be garnished is the custodian on an UTMA account, the funds are not held. So, in this example, the funds from the joint account would be garnished, but the funds in the business account, unless it is a sole proprietorship, would not be garnished.

Legal Briefs

National Credit Union Administration

Submission for OMB Review; Comment Request
The National Credit Union Administration will submit the following information collection requests to the Office of Management and Budget for review and clearance in accordance with the Paperwork Reduction Act of 1995, on or after the date of publication of this notice.

Federal Housing Finance Agency (FHFA)

Notice of Annual Adjustment of the Cap on Average Total Assets That Defines Community Financial Institutions
The Federal Housing Finance Agency has adjusted the cap on average total assets that is used in determining whether a Federal Home Loan Bank member qualifies as a Community Financial Institution to $1,224,000,000, based on the annual percentage increase in the Consumer Price Index for all urban consumers (CPI-U), as published by the Department of Labor. These changes took effect Jan. 1.

Questions? Contact the Compliance Hotline: 1.800.546.4465; [email protected].