Vendor exam authority, insurance fund changes sought

(May 21, 2021) Giving his agency examination and enforcement authority over third-party vendors, and making key changes to the structure of the federal savings insurance fund for credit unions, were the top legislative requests made to a House committee by NCUA’s Todd Harper this week.

The NCUA Board chairman told the House Financial Services Committee – which held an oversight hearing of all of the federal credit union and banking regulators — that his agency needs the third-party exam authority because, increasingly, activities that are “fundamental” to credit unions are being outsourced to entities outside of the agency’s regulatory oversight. Those activities include, he said, loan origination, lending services, Bank Secrecy Act/anti-money laundering compliance (BSA/AML), financial management and technological services including information security and mobile and online banking.

Those third parties also include credit union service organizations (CUSOs), he said. And, he added, while there are many advantages to credit unions and members in using the service providers, “the concentration of credit union services within CUSOs and third-party vendors presents safety and soundness and compliance risk for the credit union industry.”

As examples, he pointed to the top five credit union core processor vendors which, he said, provide services to approximately 87% of total credit union system assets, and the top five CUSOs, which provide services to nearly 96% of total credit union system assets. “A failure of even one of these vendors represents a significant potential risk to the Share Insurance Fund and the potential for losses from these organizations are not hypothetical,” he asserted. “Between 2008 and 2015, CUSOs contributed to more than $300 million in losses to the Share Insurance Fund alone,” he added, referring to the National Credit Union Share Insurance Fund (NCUSIF).

Harper noted that now NCUA may only examine CUSOs and third-party vendors with their permission. He asserted that continued transfer of operations to third parties (and CUSOs) “diminishes the ability of NCUA to accurately assess all the risks present in the credit union system and determine if current CUSO or third-party vendor risk-mitigation strategies are adequate.“

NASCUS supports the agency obtaining the power over technology service providers (TSPs) that provide services to federally insured credit unions — provided that any such authority requires NCUA to rely on state examinations of such service providers where such authority exists at the state level. Further, NASCUS supports efforts to strengthen state regulatory exam and supervision of third parties providing services to state-chartered credit unions.

Regarding the insurance fund, Harper made three legislative requests to the committee:

  • Increase the fund’s capacity by removing the 1.50% statutory ceiling on its capitalization;
  • Remove the limitation on assessing premiums when the equity ratio exceeds 1.30% of equity in the fund to insured shares, giving the NCUA Board discretion on the assessment of premiums;
  • Institute a risk-based premium system.

These recommended changes, if enacted, would allow the NCUA Board to build, over time, enough retained earnings capacity in the Share Insurance Fund to effectively manage a significant insurance loss without impairing credit unions’ contributed capital deposits in the Share Insurance Fund,” he said. “Moreover, these changes would generally bring the NCUA’s statutory authority over the Share Insurance Fund more in line with the statutory authority over the operations of the (FDIC’s) Deposit Insurance Fund.”


NCUA Chairman Todd M. Harper’s Written Testimony before the U.S. House of Representatives Committee on Financial Services