Summary on the CFPB Interpretive Rule: FCRA/Preemption of State Law

CFPB Interpretive Rule on Fair Credit Reporting Act; Preemption of State Laws
12 CFR Part 1022

The Consumer Financial Protection Bureau (Bureau) issued an interpretive rule that clarified that the Fair Credit Reporting Act (FCRA) generally preempts State laws that touch on broad areas of credit reporting, consistent with Congress’s intent to create national standards for the credit reporting system.  The new interpretive rule replaces the July 2022 interpretive rule that was withdrawn by the Bureau in May 2025.

The new interpretive rule became effective on October 28, 2025. The rule can be found here.

Summary

The Fair Credit Reporting Act (FCRA) specifies requirements “concerning the creation and use of consumer reports.”  The Bureau notes that the FCRA has always preempted State law, however, the scope of that preemption has changed over time.

The FCRA has preempted state laws “to the extent that those laws are inconsistent with any provision of” the FCRA. Additionally, in 1996, Congress emphasized the national nature of FCRA standards by adding a provision that further preempted any state regulation related to specifically enumerated subjects already regulated by the FCRA. This newly added provision was due to expire in 2004. However, in 2003, Congress made the provision permanent. The primary preemption provision of the FCRA, 15 USC 1681t(b)(1) includes language that preempts areas of state law that were intended to be governed solely by Federal law. The provision specifically prohibits the imposition of state laws regarding any of the subject matters regulated under the subparagraphs of 1681t(b)(1).

In July 2022, the Bureau published an interpretive rule analyzing Section 1681t finding that the provision has a “narrow sweep” that allows for substantial State regulation of consumer reports and consumer reporting agencies. The rule concluded that unless a state law specifically concerned a requirement or obligation addressed in Section 1681t of the FCRA, it was not preempted.

In May 2025, the Bureau withdrew a number of guidance documents including this 2022 interpretive rule. The previous interpretation was withdrawn because it was determined to be unnecessary and did in alignment with the Administration’s goal of reducing compliance burdens. In addition, the Bureau is now issuing this new interpretive rule to clarify that the 2022 interpretation was incorrect. Specifically, the Bureau suggests that the 2022 interpretive rule contradicted the plan text of Section 1681t(b)(1), ignored the legislative history of the preemption clause, and reflected a misguided policy choice that would undermine the credit reporting system and credit markets. The new interpretation was issued to clarify the expectation of Congress that the FCRA create a national credit reporting standard that generally preempts broad state laws on the issue of credit reporting.

Senate Proposed Bill S. 3017: Streamlining Transaction Reporting and Ensuring Anti-Money Laundering Improvements for a New Era Act – STREAMLINE Act

NASCUS Summary
October 24, 2025

Background

The STREAMLINE Act (Streamlining Transaction Reporting and Ensuring Anti-Money Laundering Improvements for a New Era Act) was introduced in the U.S. Senate on October 20, 2025, by Senator Kennedy and co-sponsored by several other senators. It aims to modernize and improve the efficiency of financial reporting requirements under the Bank Secrecy Act (BSA), particularly those related to Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs). These reports are critical tools for detecting and preventing money laundering, terrorist financing, and other illicit financial activities.  The bill also proposes to require Treasury to review and modernize reporting forms, recordkeeping requirements and reporting thresholds at least every 5 years while seeking to mandate automation of reporting systems.

Implications For Credit Unions

  • Higher thresholds mean fewer CTRs and SARs, reducing compliance costs and administrative workload.
  • Encourages automation and streamlining of reporting systems.
  • Provides predictability through periodic inflation adjustments.

Implications For Regulators

  • May require updates to state rules, guidance and exam procedures to align with federal thresholds.
  • Changes in reporting volumes could affect monitoring and oversight.
  • Potential involvement in reviewing and implementing updated procedures.

 Summary of Key Provisions

Currency Transaction Reports (CTRs) pursuant to sections 5313 and 5315 of title 31, United States Code

  • Raises the reporting threshold from $10,000 to $30,000.
  • Requires inflation adjustment every 5 years based on the Consumer Price Index (CPI), rounded to the nearest $1,000.

Nonfinancial Business Reporting Updates Section 5331 of Title 31

  • Raises the threshold for reporting cash transactions from $10,000 to $30,000.
  • Includes similar inflation adjustments every 5 years.

Suspicious Activity Reports (SARs) for certain transactions as described under section 5318(g) of title 31, United States Code

  • Raises the threshold from $2,000 to $3,000.
  • Raises the threshold from $5,000 to $10,000 for others.

Treasury Review and Reporting

  • Requires review and modernization of reporting forms and recordkeeping requirements.
  • Mandates analysis of aggregation, prioritization, and automation of reporting systems.
  • Requires submission of a report to Congress with recommendations.

Rule of Construction

  • Clarifies that the Act does not affect the Treasury’s authority to issue Geographic Targeting Orders (GTOs).
  • Does not alter existing GTOs or prevent lowering thresholds when legally justified.
  • Does not alter the ability of the Secretary of Treasury to reduce reporting thresholds when consistent with applicable law.

Timeframes related to the above changes

  • Updated thresholds would need to occur no later than 180 days after the date of enactment.
  • Updates for inflation occur no later than 5 years after the date of enactment, and every five years thereafter.
  • The bill states that no later than 360 days after the date of enactment, the Secretary of the Treasury shall:
    • Review forms, reporting, and record-keeping requirements to ensure they are effective and efficient for identifying illicit finance activity
    • Update forms, as necessary
    • Conduct reviews and submit reports
    • Submit to the Committee on Banking, Housing, and Urban Affairs of the Senate and the Committee on Financial Services of the House of Representatives a report that:
      • Summarizes the results of the review
      • Include recommendations for updating forms and requirements

NASCUS Summary on the NCUA Proposed Rule: Prohibition on Use of Reputation Risk
October 21, 2025

NCUA has issued a proposed rule to codify the elimination of reputation risk from its supervisory program. The proposed rule would prohibit NCUA:

  1. From criticizing or taking adverse action against a federally insured credit union (FICU) or any other entity NCUA may now or in the future supervise;
  2. From requiring, instructing, or encouraging a FICU to close an account, to refrain from providing an account, product, or service, or to modify or terminate any product or service on the basis of a person or entity’s political, social, cultural, or religious views or beliefs, constitutionally protected speech, or on the basis of politically disfavored but lawful business activities perceived to present reputation risk;
  3. From requiring, instructing, or encouraging an institution or its employees to terminate a contract with, discontinue doing business with, or modify the terms under which it will do business with a person or entity on the basis of the person’s or entity’s political, social, cultural, or religious views or beliefs, constitutionally protected speech, or on the basis of the third party’s involvement in politically disfavored but lawful business activities perceived to present reputation risk.

NCUA emphasizes that the proposed prohibition on NCUA’s use of reputation risk does not affect requirements or limitations related to field of membership. Nor would the prohibition affect requirements under OFAC, CTR rules, or the NCUA’s administration of Community Development Revolving Loan Fund activities, or any other federal law mandates consideration of criteria such as character and fitness or integrity.

NASCUS Note: The proposed rule, while applicable to NCUA’s interactions with federally insured state (chartered) credit unions (FISCUs), it only applies to NCUA examiners and NCUA activities. It does not apply to state rules, state supervision, or state examiners.

Comments are due to NCUA by December 22, 2025.

Background

NCUA’s proposed rule follows Letter to Credit Unions 25-CU-05 Elimination of Reputation Risk issued in September of this year. The LTCU in turn follows Executive Order 14331, Guaranteeing Fair Banking for All Americans. The Executive order required federal bank regulators (including NCUA) to remove reputation risk from their oversight and supervisory materials and directed the Small Business Administration. For more background on the Executive Order, see this overview from Holland & Knight.

It is important to note that proposed rule deals exclusively with NCUA’s use of reputation risk in its regulatory and supervisory functions. The proposed rule does not address the second element of Executive Order 14331 related to prohibitions on institutions debanking of customers protected political views. The proposed rule would not alter the ability of a credit union to make business decisions regarding its members, accountholders, or third-party arrangements consistent with safety & soundness and compliance with applicable laws.

The preamble to the proposal notes that in NCUA’s view, assessing reputation risk is too subjective, too ambiguous, and lacks measurable criteria and is therefore inappropriate for NCUA to use in its oversight. However, NCUA also notes that credit unions should operate in a manner that members view favorably, noting that credit union management is better positioned to make decisions that will positively reflect on the credit union.

Proposed Rule and Changes

The proposal would make two changes to the current NCUA Rules and Regulations.

  • Part 702 Prompt Corrective Action

Under NCUA’s Capital Planning rule, Part 702.304(b)(2) requires as a mandatory part of a covered credit union’s capital planning include:
A discussion of how the credit union will, under expected and unfavorable conditions, maintain stress test capital commensurate with all of its risks, including reputational, strategic, legal, and compliance risks;

  • Part 791 Rules of NCUA Board Procedure; Promulgation of NCUA Rules & Regulations; Public Observation of NCUA Board Meetings

The bulk of the proposed changes would affect Part 791.

  1. The proposed rule would change the title of Part 791 to “Rules of NCUA Board Procedure; Promulgation of NCUA Rules & Regulations; Public Observation of NCUA Board Meetings; Use of Supervisory Guidance; Prohibition on Use of Reputation Risk” [emphasis added]
  2. The proposed rule would add new Subpart E to Part 791, Prohibition on Use of Reputation Risk by NCUA. The provision prohibits NCUA from criticizing an “institution,” formally or informally, or taking “adverse action” against an institution on the basis of “reputation risk.”

NASCUS note: One key to understanding the proposed rule is understanding how NCUA is defining some key terms such as “reputation risk” and “adverse action.” Key definitions in the proposed rule include:

  • “Adverse action” would be defined as any negative feedback delivered by or on behalf of the NCUA to an institution, including in an NCUA-issued report of examination or a formal or informal enforcement action, supervisory action, or decisions on applications.
  • ‘‘Doing business with’’ means an institution providing any product or service, account services; contracting with a 3rd party vendor; providing discounted or free products or services to customers or third parties, including charitable activities; entering into, maintaining, modifying, or terminating an employment relationship; or any other similar business activity that involves an institution’s member or accountholder or a third party.
  • ‘‘Institution’’ means an entity for which the NCUA makes or will make supervisory determinations or other decisions, either solely or jointly.
  • ‘‘Reputation risk’’ is defined as any risk, regardless of how the risk is labeled by the institution or the NCUA, that an action or activity, or combination of actions or activities, or lack of actions or activities, of an institution could negatively impact public perception of the Institution for reasons unrelated to the current or future financial condition of the institution.

NASCUS note: In theory, these definitions taken together likely mean that on a joint State/NCUA exam, NCUA would not participate in any discussions by the state of reputation risk. It also likely means that NCUA would assign its own CAMELS rating for a FISCU where the state rating included reputation risk. What is unclear is what NCUA would do with respect to accepting a state examination, where NCUA was not present (a majority of FISCU exams) and the state references reputation risk.

Request for Comments

NCUA identified 9 specific issues for which they would like feedback. However, stakeholders may offer comments on all aspects of the proposed rule.

  1. Do commenters believe the prohibitions capture the types of actions that add undue subjectivity to supervision based on reputation risk? If there are other prohibitions that would be warranted, please identify such prohibitions and explain.
  2. Is the definition of ‘‘adverse action’’ in the proposed rule sufficiently clear? Should the definition be broader or narrower? Are there other types of agency actions that should be included in the list of ‘‘adverse actions?’’ Does the catch-all provision at the end of the definition of ‘‘adverse action’’ appropriately capture any agency action that is intended to punish or discourage credit unions on the basis of perceived reputation risk? Is such catch-all provision sufficiently clear?
  3. Are commenters aware of any other uses of reputation risk in supervision that should be addressed in this proposed rule? If so, please describe such uses and their effects on credit unions.
  4. Do commenters believe the definition of ‘‘reputation risk’’ should be broadened or narrowed? If so, how should the definition be broadened or narrowed? Please provide support for any suggested changes.
  5. The proposed definition of ‘‘reputation risk’’ includes risks that could negatively impact public perception of a credit union for reasons unrelated to the credit union’s financial condition. Should this be broadened to include reasons unrelated to the credit union’s operational condition?
  6. Should the list of relationships that would constitute ‘‘doing business with’’ include additional types of relationships?
  7. Does the removal of reputation risk create any other unintended consequences for the agency or institutions?
  8. Would the proposed rule have any costs, benefits, or other effects that the agency has not identified? If so, please describe any such costs, benefits, or other effects.
  9. Should the definition of institution be broadened or are there any other categories of activities that should be excluded from the scope of the rule?

FinCEN Summary: Notice on Financially Motivated Sextortion

FIN-2025-NTC2 | Financial Crimes Enforcement Network
NASCUS Legislative and Regulatory Affairs

October 2025

On September 8, 2025, FinCEN issued a Notice on “Financially Motivated Sextortion.” This Notice is addressed to financial institutions and describes the risks, red flags, and reporting expectations surrounding financially motivated sextortion.

 According to the Notice, financially motivated sextortion occurs when perpetrators, using fake personas, coerce victims to create and send sexually explicit images or videos of themselves, only to threaten to release the compromising material to the victims’ friends and family unless the victims provide payment.

How Financially Motivated Sextortion Works

Perpetrators often use fake online identities (or hijacked accounts) to befriend or lure targets, then request explicit images and later extort money by threatening disclosure of the images. These schemes tend to become more aggressive and once the initial payment is made, further demands continue, and are often made via P2P payment apps, convertible virtual currency (CVC), prepaid cards, money orders, and even goods.

The notice draws specific attention to how perpetrators may layer, launder, or obfuscate the cash flow through intermediaries or money mules, sometimes across multiple jurisdictions.  Additionally, perpetrators may utilize AI and deepfakes to generate synthetic explicit content (or alter images) to extort victims.

Jurisdictional and Geographical Patterns

The Notice indicates that perpetrators of these schemes are often located outside the United States, primarily in West African countries such as Benin, Cote d’Ivoire, and Nigeria, or Southeast Asian countries such as the Philippines, and they typically target English-speaking countries. According to FinCEN’s analysis of BSA data, the top reported jurisdictions where the subjects of suspicious transactions potentially related to financially motivated sextortion schemes were located, in rank order, include: Cote d’Ivoire, the United States, the Philippines, Monaco, Burkina Faso, the Dominican Republic, Kenya, Benin, and Nigeria (hereinafter referred to as “Jurisdictions of Concern”).  In some cases, perpetrators may operate as part of an organized criminal group; however, in most instances, the perpetrators are individuals or small groups.

Red Flag Indicators for Financial Institutions

The Notice provides for ten “red flag” behaviors or indicators that financial institutions should monitor. These include:

Red Flag Indicators for Victims Experiencing Financially Motivated Sextortion

  • Minor or customer sends multiple rapid P2P payments to a recipient in a Jurisdiction of Concern, with no clear personal link to that location.
  • A minor or young adult customer makes multiple low, round-dollar P2P transfers ($10–$50) over a short period to individuals with no prior relationship; the recipient quickly sends the funds to other accounts.
  • A customer makes payments that include payment memos with messages indicating extortion (e.g., “delete the pictures,” “please stop”) and typically occur during late-night and early-morning hours.
  • A customer, including a minor with a co-signed P2P account, buys CVC on a P2P platform and transfers it to an unhosted wallet linked to illicit activity or to a wallet with no prior relationship or lawful purpose.
  • A customer, including a minor with a co-signed account, makes multiple unusual prepaid card purchases that are later redeemed in another jurisdiction.

Red Flag Indicators for Money Mule Accounts

  • A customer, including a minor with a co-signed account, receives multiple P2P payments from unrelated parties and quickly forwards the funds to other unrelated accounts, potentially indicating money mule coercion.
  • A customer’s account receives numerous small P2P deposits over a short period, followed by rapid cash withdrawals or transfers with no apparent lawful purpose.
  • A customer’s P2P or bank account experiences a high volume of transfers to and from accounts in Jurisdictions of Concern with no business or apparent lawful purpose.
  • A customer receives multiple P2P payments, uses the funds to buy CVC, and transfers it to an unhosted wallet linked to illicit activity or to a CVC exchange in a Jurisdiction of Concern.
  •  A customer deposits or cashes multiple small money orders from unrelated or geographically distant individuals with no apparent lawful purpose.

SAR Filing Instructions

The Notice provides SAR filing instructions and requests that financial institutions indicate a connection between suspicious activity begin reported and activities highlighted in this notice by including the key term “FIN-2025-SEXTORTION” in SAR Field 2, as well as in the narrative.  SARE Field 38(z) (Other) should also be selected as the associated suspicious activity type to indicate a connection between suspicious activity reported and financially motivated sextortion activity, and include the term “SEXTORTION” in the text box.

Frequently Asked Questions Regarding Suspicious Activity Reporting Requirements

Financial Crimes Enforcement Network
NASCUS Legislative and Regulatory Affairs

October 9, 2025

The Financial Crimes Enforcement Network (FinCEN), together with the other federal banking agencies, has issued an FAQ regarding Suspicious Activity Reporting Requirements.  The FAQ consists of four questions with a stated goal of “ensuring financial institutions are not needlessly expending resources on efforts that do not provide law enforcement and national security agencies with the critical information they need to detect, combat, and deter criminal activity.”

The questions address:

  • Whether a SAR is required when there may be structuring to avoid the $10,000 CTR reporting threshold, stating: “The mere presence of a transaction or series of transactions, at or near the $10,000 CTR threshold is not information sufficient to require the filing of a SAR.” Rather, a SAR is only required “if the institution knows, suspects, or has reason to suspect” a series of transactions are “designed to evade” CTR filings. It further explains where the lines may be drawn when determining whether to file.
  • As it relates to continuing activity reviews: FinCEN recognizes these are a “burden” and states that a separate review of a customer or account following the filing of a SAR to determine whether suspicious activity continued is not required. Financial institutions instead “may rely on risk-based internal policies, procedures, and controls to monitor and report suspicious activity as appropriate, provided those internal policies, procedures, and controls are reasonably designed to identify and report such activity.”
  • Question three of the FAQ provides a timeframe for filing any continuing SARs.
  • The fourth question clarifies if a financial institution decides to not file a SAR, there is not a requirement to document this.  It is important to note, financial institutions may continue to document when they decide not to file a SAR.

CFPB Final Rule re Small Business Lending under the Equal Credit Opportunity Act; Extension of Compliance Dates

12 CFR Part 1002

The Consumer Financial Protection Bureau (CFPB) finalized its June 18, 2025 interim final rule amending Regulation B to extend the compliance dates set forth in its 2023 small business lending rule, as amended by a 2024 interim final rule and to make other date-related conforming adjustments.  

The final rule becomes effect on December 1, 2025.  The final rule can be found here.

Summary

Section 1071 of Dodd Frank amended the Equal Credit Opportunity Act (ECOA) to require that financial institutions collect and report to the CFPB certain data regarding applications for credit for women-owned, minority-owned, and small businesses.  Section 1071’s statutory purposes are to (i) facilitate enforcement of fair lending laws, and (ii) enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Section 1071 directs the CFPB to prescribe such rules and issue such guidance as may be necessary to carry out, enforce and compile data pursuant to Section 1071.  In March 2023, the Bureau issued a final rule to implement Section 1071.  In early June 2024, the Bureau issued an interim final rule to extend the rule’s compliance dates.  The Bureau then issued a second interim final rule on June 18, 2025, the CFPB extended the compliance dates set forth in the 2023 final rule by approximately one year. 

In this final rule, the Bureau finalizes the compliance dates specified in the 2025 interim final rule. The new compliance dates are July 1, 2026 (Tier 1 institutions); January 1, 2027 (Tier 2 institutions) and October 1, 2027 (Tier 3 institutions). 

12 CFR Part 1091

The Consumer Financial Protection Bureau (CFPB) issued a final rule that rescinds the amendments it adopted in April 2022, November 2022 and April 2024 to the Procedures for Supervisory Designation Proceedings, with the exception of some limited process adjustments.

The final rule becomes effective as of October 27, 2025The final rule can be found here.

Summary

Section 1024 of the Consumer Financial Protection Act authorizes the Bureau to supervise a nonbank covered person that the Bureau “has reasonable cause to determine, by order, after notice to the covered person and a reasonable opportunity for such covered person to respond…is engaging, or has engaged, in conduct that poses risks to consumers with regard to the offering or provision of consumer financial products/services.”

In 2013, the Bureau issued procedures to govern these supervisory designation proceedings.  Under the 2013 rule, information regarding the proceedings was treated as confidential supervisory information and not publicly disclosed.

The Bureau then issued a series of rules (in 2022 and 2024) that amended the 2013 rule. The new rules enabled the Director to publicly release the Director’s final decisions and orders designating respondents for supervision.  The Bureau also removed the role of the Associate Director of SELF from the process and instead specified that the Director would preside over the proceeding without receiving a recommended determination. 

In May 2025, the Bureau issued a notice of proposed rulemaking that requested public comment on rescinding the 2022-2024 rules and restoring the 2013 rule.  After considering the comments, the Bureau has decided to rescind the 2022-2024 rules, except that the Bureau is retaining some limited process adjustments that were contained in the 2024 rule.

NASCUS Legislative and Regulatory Affairs Committee
September 2025

Consistent with Executive Order (EO) 14281, Restoring Equality of Opportunity and Meritocracy,” the NCUA has issued LTCU 25-CU-04 removing references to disparate impact liability from its “Fair Lending Guide.” The NCUA is also removing references in other issuances and has directed examiners to no longer request, review, or conclude on or follow up on:

  • Matters related to a credit union’s disparate impact risk,
  • Internal disparate-impact risk analysis, or
  • Disparate-impact risk assessment processes or procedures.

Supervisory processes will continue to include fair lending risk assessments and the analysis of HMDA data for potential evidence of disparate treatment.

NASCUS Legislative and Regulatory Affairs Committee
September 2025

In response to Executive Order (EO) 14331, Guaranteeing Fair Banking for All Americans, the NCUA has issued Letter to Credit Unions (LTCU) 25-CU-05. The LTCU notifies federally insured credit unions (FICUs) that, effective September 25, 2025, the Agency will no longer be utilizing reputation risk and equivalent concepts in the examination and supervisory process, nor will they refer to or engage in discussions about reputation risk as part of examinations and supervision contacts of a credit union or CUSO.

The NCUA will continue to include key review areas historically classified under reputation risk, like financial liability associated with litigation and insider abuse, as part of an examination as necessary.

The agency is reviewing and updating its regulations, manuals, guidance, and training materials to remove references to reputation risk. The LTCU notes that until these resources are updated, this LTCU supersedes any previous information related to reputation risk.

Justification Summary

NASCUS Legislative and Regulatory Affairs Department
September 30, 2025

The National Credit Union Administration (NCUA) has published its proposed budget[1] for fiscal years 2026 and 2027, marking a significant shift toward streamlined operations and fiscal prudence. This year no public briefing has been set to offer comments; however, interested parties may provide comments on the budget, as published in the Federal Register[2], until October 24, 2025.  While NASCUS refrains from commenting on a peer regulatory budget, concerns continue regarding the development and implementation of the Overhead Transfer Rate (OTR), which will be addressed in its own review process.

The overall budget, which includes the Operating Budget, Capital Budget, and Share Insurance Fund Administrative Expenses Budget, reflects a concerted effort to align with federal efficiency mandates.  At the office level, most NCUA departments face budget and staffing reductions, with the Office of the Executive Director and Office of External Affairs and Communication seeing the largest proportional cuts. Despite these reductions, the agency prioritizes crosscutting investments in IT and modernization to support its mission.

In 2026, the total proposed budget stands at $313.8 million, a notable 20.6% decrease from the previous year. This reduction is largely attributed to a 23% cut in staffing, a 34% decline in contracted services, and a 13% decline in travel expenses. These changes stem from the agency’s reorganization under the President’s Department of Government Efficiency initiative, which included a Voluntary Separation Program that saw 262 employees depart. The 2026 budget supports 967 positions, with flexibility to rehire up to 23 roles as needed.

The 2027 budget is projected at $344.7 million, representing a 9.8% increase over 2026 but still 12.8% below 2025 levels. This growth accounts for inflation and a reduction of surplus funds from prior years.  The proposed 2027 budget is $1.9 million higher than the proposed 2026 level largely because of the $1.7 million in proceeds from the sale of the Austin, TX building that offsets the 2026 budget. When excluding this one-time revenue, the 2027 budget increases $150,000, or 3 percent, compared to the 2026 level.

The Operating Budget for 2026 is set at $292.4 million, with 82% allocated to employee compensation and benefits. Contracted services are budgeted at $24 million, supplemented by $44.8 million in prior-year surpluses. Travel, rent, and administrative costs are all trimmed to reflect the agency’s leaner structure.

Capital investment projections total $18.1 million in 2026, targeting key upgrades including a $3.2 million enterprise computer refresh, $2.9 million in enhancements to the MERIT examination platform, and $1 million for a new customer relationship management system. Additional funds support IT infrastructure and minor headquarters maintenance.

The Share Insurance Fund Administrative Expenses Budget is reduced to $3.3 million, aided by proceeds from the sale of the Austin, TX office. These funds support stress testing, examiner training, and insurance-related operations.

To finance its operations, the NCUA relies on a combination of the Overhead Transfer Rate[3] (OTR) and operating fees. Based on the Board-approved methodology and the proposed budget, the OTR for 2026 is estimated to be 61.8 percent, which is an increase of one basis point from 2025. Thus, 61.8 percent of the total 2026 Operating Budget is estimated to be paid out of the Share Insurance Fund. The remaining 38.2 percent of the Operating Budget is estimated to be paid for by operating fees collected from federal credit unions. The operating fee rate[4] is reduced by 23.6%, thanks to surplus funds and asset growth. 

NASCUS continues to believe that while improvements in the methodology to apply expenses to the NCUSIF through the OTR have been instituted, there remain legitimate talking points regarding further improvements to ensure the appropriateness of the allocation of expenses between the two programs.  At this time, the NCUA Board has not scheduled an open hearing to receive verbal input on the proposed budget.  NASCUS will notify membership once a public hearing date has been announced.

NASCUS will be providing comments to NCUA regarding the proposed budget.  NASCUS members should provide suggested comments to SVP John Kolhoff by October 15, 2025.

[1] www.ncua.gov/files/publications/budget/budget-justification-proposed-2026-2027.pdf

[2] 90 FR 46640

[3] On November 16, 2017, the NCUA Board adopted a new methodology for calculating the OTR starting with the 2018 OTR. 82 FR 55644, November 22, 2017.  

[4] See https://www.federalregister.gov/documents/2023/12/26/2023-28303/national-credit-union-administration-operating-fee-schedulemethodology    

DateTitleSummary
April, 2021Legal Opinion: 21-3500 Proposed Capital Markets Funding Program for Credit UnionsAvailable
June, 2020Automated Loan Underwriting System – Segregation of Duties for Loan Officers Available 
June, 2020Reasonable Proximity AnalysisAvailable 

NASCUS Legislative and Regulatory Affairs
September 2025

On August 28, 2025, in conjunction with an advisory, FinCEN issued a Financial Trend Analysis on Chinese Money Laundering Networks (CMLN). FinCEN analyzed 137,153 BSA reports, totaling $312 billion in suspicious activity. The analysis was conducted on reports filed between January 1, 2020, and December 31, 2024.  FinCEN’s analysis identified specific trends in CLMN activity. The trends included the role of U.S. and foreign-based Chinese passport holders. The analysis also provides insight on how CMLNs launder illicit proceeds from criminal activities, including drug trafficking, and how CMLNs launder money on a global scale.

The following are key highlights identified in the analysis.

  • Banks Filed the Majority of Potentially CMLN-Related BSA Reports in the Dataset: Depositories filed 85% of reports reviewed, which predominantly identified subjects engaged in money laundering activity. MSBs filed the second-highest number of reports, accounting for 9%.
  • CLMNs Rely on U.S.-Based Chinese Nationals to Deposit Cash – Often Unknown Sources of Funds – into the U.S. Financial System: CMLNs facilitate money laundering for criminal organizations by using U.S.-based accounts, including both personal and business accounts. These are often initiated through large cash deposits, inconsistent with the customer’s profile. Foreign-based accounts are also used to move and launder illicit funds through the U.S. financial system.
  • CMLNs’ Access to USD Potentially Facilitates Trade-Based Money Laundering Schemes: CLMN’s service Chinese nationals seeking U.S. dollars (USD), facilitate trade-based money laundering (TBML), and enable other types of money laundering schemes. The analysis identified that financial institutions filed 512 reports within the review period that referenced the term TBML, totaling $9.7 billion in reported suspicious activity.
  • CMLNs Potentially Work with U.S. Based “Daigou” Buyers to Launder Illicit Proceeds: The analysis found that CMLNs recruit individuals known as “daigou” buyers (“buying on behalf of”) to purchase high-value electronics and luxury goods for export to the People’s Republic of China.  “Diagou” was reporting in a small number of BSA reports in the review period and was associated with $9.6 million in suspicious activity.
  • Potential Human Trafficking and Smuggling Related Activity Involving U.S.-Based Chinese Passport Holders: Financial institutions filed 1,675 BSA related reports during the review period, indicating suspicious activity potentially involving human trafficking or human smuggling.
  • CMLNs are Potentially Using Adult Daycare Centers Located in New York to Further Laundering Activities. CMLNs are also Linked to Healthcare Fraud, Elder Abuse, and Illicit Gaming Activity: The analysis found that financial institutions filed 43 BSA reports during the review period, involving $766 million in suspicious activity, on 83 adult and senior day care centers, all of which listed addresses in New York. An additional 108 BSA reports in the dataset involved deposited funds associated with healthcare fraud, elder abuse, and suspicious gaming activity.
  • CMLNs Potentially Facilitating Real Estate Purchases Funded by Illicit Proceeds from a Variety of Financial Crimes: Financial institutions filed 17,389 BSA reports during the review period associated with more than $53.7 billion in suspicious activity involving the real estate sector. CMLNs potentially play a key role in laundering illicit funds through U.S. real estate by using complex, layered transactions; involving third parties; and ultimately, integrating illicit proceeds into the real estate sector. They also potentially target high-value markets and leverage Chinese investors who have strong interest in U.S. real estate.
  • CLMNs May Use Chinese Students to Engage in a Variety of Suspicious Activities and Schemes: FinCEN found that financial institutions filed 20,282 BSA reports during the review period involving $13.8 billion in suspicious activity and referenced individuals purporting to be Chinese students. These students may be vulnerable to recruitment and exploitation by U.S.-based CMLNs, which need access to, and control of, many bank accounts to place illicit funds into the U.S. financial system.