SSA Head Archives - Page 20 of 24

Request for Comment: Policy for Setting the Normal Operating Level NCUSIF

Prepared by NASCUS Legislative & Regulatory Affairs Department
May 2021

In 2017, NCUA closed the Temporary Corporate Credit Union Stabilization Fund (TCCUSF) and distributed its funds, property, and other assets and liabilities to the NCUSIF. At that time, NCUA also set the Normal Operating Level (NOL) of the NCUSIF at 1.39% and adopted a policy for setting the NOL.

NCUA is seeking public comments on whether changes should be made to the policy by which the National Credit Union Share Insurance Fund (NCUSIF) NOL is set.

Comments must be received on or before July 26, 2021. The Request for Comment may be read in its entirety here.

Summary

Statutory Background:

The FCUA directs NCUA to maintain an equity ratio for the NCUSIF not less than 1.2% and not more than 1.5%. The FCUA further directs the calendar year-end equity ratio to be used to determine whether the NCUA must make a distribution to FICUs. NCUA must, by statute, make a distribution to FICUs if:

The NCUSIF’s equity ratio exceeds the NOL.
The NCUSIF’s available assets ratio exceeds 1%.
Any loans to the Fund from the Federal Government, and any interest on those loans, have been repaid.

Setting the NOL:

NCUA’s policy for setting the NOL, established in 2017, is as follows:

Annually, NCUA reviews the NOL to determine if a change is warranted.
Any change in the NOL of more than 1 basis point will only be made after public notice and comment.
In conjunction with the public notice and comment, NCUA will issue a public report with data supporting the proposed change in the NOL.

In setting the NOL, NCUA seeks to achieve the following objectives:

Retain public confidence in federal share insurance.
Prevent impairment of the 1% contributed capital deposit.
Ensure the NCUSIF can withstand a moderate recession without the equity ratio declining below 1.2% over a 5-year period.

NCUA’s NOL Policy Model:

To implement its NOL policy, NCUA developed a calculation based on projections related to the following factors:

The modeled performance of the NCUSIF over a 5-year period assuming a moderate recession. The model’s stress scenario estimates 3 primary drivers of outcomes:
- insurance losses
- insured share growth
- yield on investments

The NCUA’s analysis is based on the FRB’s adverse economic scenario. However, since the FRB did not publish an adverse scenario in 2020 or 2021, the NCUA must use a scenario developed from the FRB’s baseline and severely adverse scenarios.

The modeled potential decline in value of the NCUSIF’s claims on the corporate credit union asset management estates in a moderate recession.
The projected decline in the equity ratio through the end of the following year without an economic downturn.

The economic conditions posed by the pandemic, including unprecedented share growth resulting in an NCUSIF equity ratio of 1.26% at year-end 2020, and the approaching wind-down of the NGN program and failed federal corporate credit union estates. have caused NCUA to reconsider the feasibility of using a moderate recession and a 5-year performance period as the basis for modeling stress on the NCUSIF. NCUA now seeks comments on the policy and approach for setting the NCUSIF Normal Operating Level.

In particular, the Board is interested in comments addressing the following questions:

Should a moderate recession be the basis for evaluating the Insurance Fund performance during an economic downturn, or should the NCUA change the policy to consider a severe recession?
What data source(s) should the NCUA use for determining the characteristics of a potential moderate or severe recession – the Federal Reserve scenario, an independent source, or the NCUA’s judgment?
Should the NCUA continue modeling the performance of the NCUSIF over a 5-year period or a longer or shorter period?
How should the NCUA utilize the modeled potential decline in value of the NCUSIF’s claims on the corporate asset management estates going forward until the estates are fully resolved?
Should the NCUA continue to incorporate in the NOL analysis the projected equity ratio decline through the end of the following year without an economic downturn? Should this period be longer or shorter, or not factored into the analysis at all?
Given forecasting uncertainties and timing challenges, would it be reasonable for the NCUA to change the requirement to request public comment only if the NOL were to change by a larger amount than just one basis point?
Should the NOL be re-evaluated in the midst of an economic downturn or should it be left unchanged until the onset of an economic recovery?
Should the NOL be re-evaluated on qualitative factors based on the COVID-19 pandemic?
Is there any other information that NCUA should consider when setting the NOL?

Interim Final Rule Summary: Temporary Regulatory Relief in Response to COVID–19 — Prompt Corrective Action
Parts 702

Prepared by NASCUS Legislative & Regulatory Affairs Department
May 2021

NCUA issued an Interim Final Rule (IFR) to reenact 2 temporary changes made to part 702, Prompt Corrective Action (PCA) to provide regulatory relief to federally insured credit unions (FICUs) during the COVID–19 pandemic. The first change enables NCUA to issue orders applicable to all FICUs to waive the earnings retention requirement for any FICU that is classified as adequately capitalized. The second change modifies requirements for specific documentation required for net worth restoration plans (NWRPs) for FICUs that become undercapitalized.

These changes will be in place until March 31, 2022. This rule is substantially similar to an interim final rule that the Board published on May 28, 2020. (NASCUS’ comment letter in response to the 2020 IFR may be read here)

Comments must be received on or before June 18, 2021. The IFR may be read in its entirety here. The rule became effective on April 19, 2021.

Summary

In May 2020, NCUA issued an IFR that temporarily amended:

Part 702.201 earnings retention requirement for credit unions classified adequately capitalized; and
Part 702.206(c) Net Worth restoration Plans (NWRPs) for FICUs that become undercapitalized

In light of the economic dislocation resulting from the pandemic, and the rapid growth of deposits on many credit union balance sheets resulting from government stimulus and recovery efforts, NCUA determined that decreasing the earnings-retention requirements set forth in the NCUA’s regulations was necessary to avoid a significant redemption of shares in otherwise healthy credit unions. As a result, NCUA allowed any natural-person FICU that had a net worth classification, of adequately capitalized between March 31, 2020, and December 31, 2020, to decrease its earnings-retention requirement to zero.

The 2020 regulatory relief expired on December 31, 2020. Although the regulatory relief expired at year-end 2020, NCUA has continued to evaluate the economic impact of the pandemic and government-sponsored economic relief efforts.

In response to the enactment of the American Rescue Plan Act of 2021 that provides direct financial relief to individual taxpayers, NCUA anticipates that credit unions will once again receive a significant increase in deposits due to stimulus checks and believes it is appropriate to reinstitute the changes to the PCA provisions previously adopted in May 2020.

Reinstated Regulatory Relief

Part 702.201—Earnings-Retention Requirement for ‘‘Adequately Capitalized’’ FICUs

The purpose of existing § 702.201 is to restore a FICU that is less than well capitalized to a well-capitalized position in an incremental manner. Part 702.201 currently allows NCUA to waive the restoration requirement on a case-by-case basis upon submission of an application for waiver by a FICU and the FCUA provides NCUA authority to waive the requirement without an application or an individual order.

In light of the ongoing economic issues related to the pandemic, NCUA is re-enacting the change to the rule to provide for a blanket waiver of the earning retention requirement under PCA for adequately capitalized credit unions. The amendment also allows the NCUA Regional Director to require an application from a specific credit union should the situation so warrant.

This change will expire on March 31, 2022.

Section 702.206(c)—Net Worth Restoration Plans (NWRPs)

Pursuant to the FCUA, a FICU that is less than adequately capitalized must submit an NWRP to the NCUA. NCUA implements this provision through § 702.206. As discussed above, given the lingering economic issues related to the pandemic, NCUA has determined that it is appropriate to waive the NWRP content requirements for FICUs that become classified as undercapitalized predominantly as a result of share growth.

With this change, a FICU may submit a significantly simpler NWRP to the NCUA Regional Director attesting that its reduction in capital was caused by share growth and that such share growth is a temporary condition due to the combination of the pandemic and federal stimulus payments to taxpayers. (FISCUs must comply with applicable state requirements when submitting NWRPs for SSA approval.)

When reviewing an NWRP submitted pursuant to this provision, the NCUA RD will determine if the decrease in the net worth ratio was predominantly a result of share growth by analyzing the numerator and denominator of the net worth ratio:

No change, or an increase in the numerator and an increase in the denominator, would indicate that the decrease in the net worth ratio was due to share growth.

However, if there is an increase in the denominator and a decrease in the numerator, the NCUA RD will analyze whether the decrease in the numerator would have caused the credit union to fall to a lower net worth classification if there were no change in the denominator.

If so, the credit union’s net worth decline would not be predominantly due to share growth and the credit union would not be eligible to submit a streamlined NWRP.

NCUA notes that based on December 31, 2020, Call Report data, 48 credit unions would require an NWRP to be in place or be submitted for approval based on their PCA classification (up 30% from the 37 credit unions as of December 31, 2019).

The amendments made by the interim final rule will automatically expire on March 31, 2022 and are limited in number and scope.

Letter to Credit Unions 21-CU-03 LIBOR Transition
May 2021

NCUA issued LTCU 21-CU-03 to discuss issues related to the cessation of the publication of the London Inter-bank Offered Rate (LIBOR) and provide credit unions with the related Supervisory Letter 21-01 “Evaluating LIBOR Transition Plans” that NCUA issued to its examiners.

NCUA’s guidance follows guidance issued in November 2020 by the federal bank agencies, the FFIEC’s July 1, 2020, Joint Statement on Managing the LIBOR Transition, and the March 5, 2021, announcement by the LIBOR administrator announced that it cease publication of the one-week and two-month LIBOR settings immediately following publication of the December 31, 2021, LIBOR. The remaining LIBOR benchmarks will cease publication after the LIBOR publication on June 30, 2023.

NCUA cautions credit unions that the fact of certain LIBOR rates publishing until June 30, 2023, is not an opportunity to continue using LIBOR (i.e. entering into new contracts with terms beyond December 31, 2021) even though it might allow those contracts to mature naturally along with existing contracts with terms ending before December 31, 2022.

The NCUA encourages all federally insured credit unions to transition away from using the U.S. dollar LIBOR settings as soon as possible, but no later than December 31, 2021.

Summary of NCUA’s Supervisory Letter 21-01 “Evaluating LIBOR Transition Plans”

While the guidance officially only applies to NCUA examiners, NCUA has shared it with states as well and many states will likely adopt similar guidance (indeed several states had already issued guidance on LIBOR well before NCUA’s new guidance).

I. Background

NCUA provides examiners background on the LIBOR, characterizing it as is a widely used short-term interest rate benchmark referenced in derivative, bond, and loan contracts, including a range of consumer lending instruments such as mortgages and student loans. Current USD LIBOR settings include overnight, 1 week, & 1, 2, 3, 6, & 12-month rates. Then the following occurred:

July 2017 – actions by European regulators (for deep background click here) set in motion developments leading to the announced end of LIBOR publication.
July 2020 – FFIEC Joint Statement on Managing the LIBOR Transition highlighted the risks resulting from the transition away from LIBOR. NCUA & other bank regulators advise institutions to avoid using LIBOR no later than 12/31/ 2021.
November 2020 – A clearer transition path away from LIBOR develops when it is announced some LIBOR rates might be published beyond 12/31/2021.
March 5, 2021 – Announcement that 1-week and 2-month USD LIBOR will cease publication after 12/31/2021. The remaining USD LIBOR settings will cease after June 30, 2023, allowing existing transactions indexed to the more widely-used LIBOR settings to mature naturally.

NCUA believes that given consumer protection, litigation, and reputation risks, entering new contracts using LIBOR as a reference rate after December 31, 2021, would create safety and soundness, and compliance risks. FICUs should not be entering new contracts that use LIBOR as a reference rate unless they have robust fallback language that includes a clearly defined alternative reference rate, specific triggers, a spread adjustment, and some description of the conforming changes that are necessary.

II. Potential LIBOR Exposure

Credit unions may have LIBOR exposure in a variety of products & transactions, including derivatives, business loans, consumer loans, variable rate notes, securitizations (such as mortgage-backed securities), FHLB borrowings, and other products that have variable interest rates.

NCUA notes examiners should consider potential LIBOR exposure in the following products/portfolios and review for material LIBOR related risk:

Real Estate Loans
The adjustable-rate mortgage (ARM) is traditionally the most common product incorporating LIBOR as a benchmark. Credit unions could originate an ARM using loan underwriting standards established by a GSE such as Fannie or Freddie which also provide fallback language if LIBOR is no longer available. ARM mortgages that conform to GSE underwriting standards that credit unions originate represent low LIBOR risk.For non-conforming or customized ARMs that a credit union has originated and held in its portfolio, NCUA instructs its examiners to determine if an ARM has robust fallback language in the event the variable rate index is no longer available.
Other Loans
Student loans also make up a significant portion of LIBOR-indexed loans owned by credit unions. NCUA notes that the potential for a high number of individual student loan accounts, combined with the likelihood of frequent borrower address/employment changes, may complicate credit union efforts to communicate rate changes to borrowers. For credit unions holding significant numbers of LIBOR-indexed student loan accounts, NCUA instructs examiners to consider:
- reviewing the credit union’s transition plan
- checking for fallback language
- determining if the credit union has dedicated sufficient resources to modify LIBOR-indexed student loan accounts

Credit unions will typically have limited LIBOR exposure in commercial loan portfolios. A commercial loan may be part of a syndicated loan—typically, a variable rate instrument that references LIBOR as the variable rate index. Variable-rate commercial loans originated by a credit union are generally indexed to the Prime rate.

Auto loans typically use a fixed interest rate due to the relatively short-term maturity of the loans.

Credit card loans are revolving lines of credit with no fixed maturity date and are typically variable in rate using the Prime rate as a base index, plus an added spread to account for credit risk.

Investments
Legacy LIBOR-indexed securities remain a significant percentage of variable rate assets held by credit unions. Fortunately, LIBOR-indexed investments typically have bond trustees that represent investors who are responsible for implementing robust fallback language to a new reference rate or rates in the transition away from LIBOR, which allows examiners to review such holdings with a low level of concern.
Borrowings
As of September 27, 2019, the FHFA directed the FHLBank System to stop entering into LIBOR-based transactions involving advances with terms that mature after 12/31/2021. In July 2020, FHLB member banks were asked members to specifically identify LIBOR-indexed loans that are listed as collateral.NCUA instructs examiners to consider evaluating if the amount of LIBOR-indexed real estate loans pledged as collateral to an FHLB are material given the state of readiness of the credit union’s transition planning. Examiners can get the additional information and transition updates from the credit union’s FHLB member website.
Shares
NCUA expects examiners to understand the credit union’s rate-setting methodology and to determine whether any repricing indexes are LIBOR-based. NCUA notes that most dividend rates paid on share accounts (e.g., money market, regular shares, & share drafts) are set by the credit union’s board rather than contractually tied to LIBOR.
Derivatives
Interest rate derivatives are generally the largest transaction exposure to LIBOR risk for financial institutions, however this exposure is significantly smaller in credit unions. Interest rate swaps are the most common type of derivative that references USD LIBOR. Interest rate swaps involve the exchange of a fixed interest rate for a variable rate, or vice versa, and where the variable rate in the swap is often LIBOR. Derivative transactions are governed under an International Swaps and Derivatives Association (ISDA) agreement. In 2020, ISDA launched its Fallbacks Supplement and Fallbacks Protocol which amend ISDA’s standard definition for interest rate derivatives to incorporate robust fallbacks for derivatives linked to a key interbank offered rate. These changes became effective January 25, 2021. Centrally cleared swaps can be considered low risk, as can bi-lateral swaps for which counterparties have signed the ISDA protocol.

III. LIBOR Replacement Alternatives

NCUA does not endorse a specific replacement rate for USD LIBOR and the choice of reference rate is a business decision left to the credit union to determine what is appropriate (other than continuing to use LIBOR).

NCUA reiterates: All LIBOR-based contracts that mature after December 31, 2021 (one-week and two-month) and June 30, 2023 (one-, three-, six- and twelve-month) should include contractual language that provides for use of a robust fallback rate.

Secured Overnight Financing Rate
While NCUA does not endorse a specific replacement index, the guidance does provide credit unions information on the alternative rate recommended by the Alternative Reference Rates Committee (ARRC). The ARRC was a joint FRB, CFTC, Treasury and Office of Financial Research initiative to identify an alternative to LIBOR. In June 2017, the ARRC selected the Secured Overnight Financing Rate (SOFR) as its recommended alternative to the USD LIBOR. The SOFR is based on transactions in the Treasury repurchase market, where banks and investors borrow or loan Treasuries overnight. As a result, SOFR is a secured rate and does not have a credit risk element.NCUA also discusses the fact that some existing contracts either do not address what happens in the absence of LIBOR or have provisions that could dramatically alter the economics of contract terms if LIBOR is discontinued. NCUA notes that there may be some contracts for which amending to address the discontinuance of LIBOR would be difficult or impossible. For contracts governed by NY law (as many financial contracts are) new legislation enacted in April addresses legacy contracts that mature after June 2023 and do not have effective fallbacks by:

- Prohibiting a party from refusing to perform its contractual obligations or declaring a breach of contract as a result of the discontinuance of LIBOR or the use of the statute’s recommended benchmark replacement;
- Definitively establishing that the recommended benchmark replacement is a commercially reasonable substitute for and a commercially substantial equivalent to LIBOR; and
- Providing a safe harbor from litigation for the use of the recommended benchmark replacement.

IV. Examination Considerations

NCUA is instructing its examiners to review credit union planning for the transition away from LIBOR through narrowly focused reviews tailored to the size and complexity of a credit union’s LIBOR exposures. The following criteria will be used to determine if a credit union’s LIBOR risk is minimal:

Credit union is prepared to stop originating or engaging in any LIBOR-related transactions as soon as possible, but not later than December 31, 2021.
Credit union has minimal exposure to one-week or two-month LIBOR-indexed transactions that mature after December 31, 2021 (either by the total number or dollar balance) that do not have robust fallback language.
Credit union has minimal exposure to 1, 3, 6, & 12 – month LIBOR-indexed transactions that mature after June 30, 2023 (either by the total number or dollar balance) that do not have robust fallback language.

The following are 6 risk areas examiners will use as a guide:

1) Transition Planning – Instructs examiners that credit unions should be transitioning away from LIBOR by end of 2021 and that transition plans should be commensurate with the LIBOR exposure. Credit unions that have complex products or multiple product lines tied to LIBOR should maintain detailed plans and a project roadmap that defines transition timelines and milestones.

2) Financial Exposure Measurement and Risk Assessment – FICUs with financial exposure to LIBOR should accurately measure and report their exposure to senior management, and the board including details on products, contracts, balances and transition costs.

3) Operational Preparedness and Risk Control – Credit unions need to identify any internal and vendor-provided systems and models that use or require LIBOR and establish contingency plans in case a TSP cannot transition away from LIBOR.

4) Contract Preparedness – FICUs should identify any contracts that reference LIBOR and not execute new contracts without fallback language. Transition plans should address how management will determine the impact of the end of LIBOR on existing contracts and the steps to be taken to make any needed modifications.

5) Communication – FICUs should communicate the implications of the LIBOR transition on impacted financial products to their counterparties and members and mind compliance with any applicable laws and regulations such as Truth in Lending Act. For more information, see NCUA’s Federal Consumer Financial Protection Guide.

6) Oversight – A credit union should provide its transition plan to the personnel necessary to implement the transition and provide regular status updates to senior management and the board.

Examiners have been instructed to document their LIBOR exposure findings in the revised LIBOR Alternative Readiness Workbook and to communicate any findings and recommendations to the credit union’s board and management through the ROE.

CFPB Summary: Request for Information/Comment on Financial Institutions’ Use of Artificial Intelligence/Machine Learning
Docket No. CFPB-2021-0004

Prepared by the Legislative & Regulatory Affairs Division
April 2021

The OCC, Federal Reserve Board, FDIC, NCUA and CFPB (collectively, “the agencies”) issued a Request for Information (RFI)/Comments on financial institutions’ use of artificial intelligence (AI), including machine learning (ML). The purpose of the RFI is to understand respondents’ views on the use of AI by financial institutions in their provision of services to customers and for other business or operational purposes; appropriate governance; risk management and controls over AI; and any challenges in developing, adopting, and managing AI. The RFI also solicits respondents’ views on the use of AI in financial services to assist in determining whether any clarifications from the agencies would be helpful for financial institutions’ use of AI in a safe and sound manner and in compliance with applicable laws/regulations, including those related to consumer protection.

Comments are due by July 1, 2021. The proposed rule can be access here.

Summary:

The agencies support responsible innovation by financial institutions that include the identification and management of risks associated with the use of new technologies and techniques. With appropriate governance, risk management, and compliance management, financial institutions’ use of innovative technologies/techniques such as those involving AI, has the potential to augment business decision-making, and enhance services available to consumers and businesses. The appendix of this RFI includes a non-comprehensive list of laws, regulations, and other agency issuances that may be relevant to the use of AI approaches by agency-supervised institutions. Uses of AI by financial institutions include (but are not limited to):

Flagging Unusual Transactions: This involves employing AI to identify potential suspicious, anomalous or outlier transactions (fraud detection and financial crime monitoring)
Personalization of Customer Services: AI technologies, such as voice recognition and natural language processing (NLP), are used to improve customer experience and to gain efficiencies in the allocation of financial institution resources.
Credit Decisions: This involves the use of AI to inform credit decisions in order to enhance or supplement existing techniques.
Risk Management: AI may be used to augment risk management and control practices. For example, the AI approach might be used as a check on a more traditional credit model. Financial institutions may use AI to enhance credit monitoring, payment collections, loan restructuring and recovery, etc.
Textual Analysis: This refers to the use of NLP for handling unstructured data (generally text) and obtaining insights from that data or improving the efficiency of existing processes.
Cybersecurity: AI may be used to detect threats and malicious activity, reveal attackers, identify compromised systems and support threat mitigation.

Potential Benefits of AI

The Bureau recognizes the potential benefits of AI such as:

Improved efficiency
Enhanced performance and cost reduction
Identification of relationships among variables that are not intuitive
Facilitates processing of large/detailed data sets
More accurate, lower-cost, and faster underwriting
Expanded credit access for consumers/small businesses

Potential Risks of AI

The Bureau notes the importance of financial institutions having processes in place to identify and manage potential risks associated with AI such as:

Operational vulnerabilities such as internal process/control breakdowns, cyber threats, information technology lapses, risks associated with the use of third parties, and model risks
Heightened consumer protection risks such as possible UDAAP/UDAP violations or privacy concerns.
AI may present particular risk management challenges to financial institutions in the areas of explainability, data usage and dynamic updating.

Explainability

This refers to how an AI approach uses inputs to produce outputs. Lack of explainability can prohibit financial institution management’s understanding of the conceptual soundness of an AI approach. Lack of explainability can also inhibit independent review and audit and make compliance with laws and regulations, including consumer protection requirements, more challenging.

Broader or More Intensive Data Usage

Data plays an important role in AI. Due to the fact that an AI algorithm is dependent upon the training data, an AI system generally reflects any limitations of that dataset. As a result, AI may perpetuate or even amplify bias or inaccuracies inherent in the training data or make incorrect predictions if the data set is incomplete or non-representative.

Dynamic Updating

Some AI approaches have the capacity to update on their own, sometimes without human interaction, often known as “dynamic updating.” Monitoring and tracking an AI approach that evolves on its own can present challenges in review and validation.

Request for Comments:

In this RFI, the agencies are seeking information on financial institutions’ risk management practices related to AI; barriers or challenges facing financial institutions when developing, adopting and managing AI and its risks; and benefits to financial institutions and their customers from the use of AI. The RFI also solicits respondents’ views on the use of AI in financial services which will help the agencies determine whether any clarification would be helpful for financial institutions’ use of AI in a safe and sound manner and in compliance with applicable laws and regulations, including those related to consumer protection.

The agencies are also asking particular questions regarding the following:

Explainability:

To address the lack of explainability of certain AI approaches, researchers have developed techniques to help explain predictions or categorizations. These techniques are often referred to as “post-hoc” methods, because they are used to interpret the outputs rather than the design.

Related Questions:

How do financial institutions manage AI risks relating to overfitting? What barriers or challenges, if any, does overfitting pose for developing, adopting, and managing AI? How do financial institutions develop their AI so that it will adapt to new and potentially different populations (outside of the test and training data)?

Cybersecurity Risk:

Like other data-intensive technologies, AI may be exposed to risk, from a variety of criminal cybersecurity threats. For example, AI can be vulnerable to “data poisoning attacks,” which attempt to corrupt and contaminate training data to compromise the system’s performance.

Related Questions:

Have financial institutions identified particular cybersecurity risks or experienced such incidents with respect to AI? If so, what practices are financial institutions using to manage cybersecurity risks related to AI? Please describe any barriers or challenges to the use of AI associated with cybersecurity risks. Are there specific information security or cybersecurity controls that can be applied to AI?

Dynamic Updating:

A particular characteristic of some AI is the ability for it to learn or evolve over time, especially as it captures new training data. This can present challenges for validating, monitoring, tracking and documenting the AI approach.

Related Questions:

How do financial institutions manage AI risks relating to dynamic updating? Describe any barriers or challenges that may impede the use of AI that involve dynamic updating. How do financial institutions gain an understanding of whether AI approaches producing different outputs over time based on the same inputs are operating as intended?

AI Use by Community Institutions:

A financial institution’s AI strategy, use of AI, and associated risk management practices could vary substantially based on the financial institution’s size, complexity of operations, business model, staffing and risk profile, and this could affect the corresponding risks that arise. Community institutions may be more likely to use third-party AI approaches or rely on third party services that use AI. This may pose different challenges in a financial institution’s adoption of AI.

Related Questions:

Do community institutions face particular challenges in developing, adopting, and using AI? If so, please provide detail about such challenges. What practices are employed to address those impediments or challenges?

Oversight of Third Parties:

Financial institutions may opt to use AI developed by third parties, rather than developed internally. Existing agency guidance describes information/risks that may be relevant to financial institutions when selecting third party approaches and sets out principles for the validation of such third-party approaches.

Related Questions:

Please describe any particular challenges or impediments financial institutions face in using AI developed or provided by third parties and a description of how financial institutions manage the associated risks. Please provide detail on any challenges or impediments. How do those challenges or impediments vary by financial institution size and complexity?

Fair Lending:

Depending on the specific use, there may be uncertainty about how less transparent and explainable AI approaches align with applicable consumer protection legal and regulatory frameworks, which often address fairness and transparency.

Related Questions:

What techniques are available to facilitate or evaluate the compliance of AI-based credit determination approaches with fair lending laws or mitigate risks of noncompliance? Please explain these techniques and their objectives, limitations of those techniques, and how those techniques relate to fair lending legal requirements?
What are the risks that AI can be biased and/or result in discrimination on prohibited bases? Are there effective ways to reduce risk of discrimination, whether during development, validation, revision and/or use? What are some of the barriers to or limitations of those methods?
As part of their compliance management systems, financial institutions may conduct fair lending risk assessments by using models designed to evaluate fair lending risks. What challenges, if any, do financial institutions face when applying internal model risk management principles and practices to development, validation, or use of fair lending risk assessment models based on AI?
The Equal Credit Opportunity Act (ECOA), which is implemented by Regulation B, requires creditors to notify an applicant of the principal reasons for taking adverse action for credit or to provide an applicant a disclosure of the right to request those reasons. What approaches can be used to identity the reasons for taking adverse action on a credit application, when AI is employed? Does Regulation B provide sufficient clarity for the statement of reasons for adverse action when AI is used? If not, please describe in detail any opportunities for clarity.

Additional Considerations:

To the extent not already discussed, please identity any additional uses of AI by financial institutions and any risk management challenges or other factors that may impede adoption and use of AI.
To the extent not already discussed, please identify any benefits or risks to financial institutions’ customers or prospective customers from the use of AI by those financial institutions. Please provide any suggestions on how to maximize benefits or address any identified risks.

Coming soon

Interim Final Rule Summary Asset Thresholds
(Parts 700, 702, 708a, 708b, & 790)

Prepared by NASCUS Legislative & Regulatory Affairs Department

March 2021

To help credit unions manage the accelerated balance sheet growth resulting from various governmental monetary actions in response to the COVID-19 pandemic, NCUA is issuing an Interim Final Rule (IFR) allowing federally insured credit unions (FICUs) to use their March 31, 2020 asset data to determine the applicability of certain regulatory asset thresholds during calendar years 2021 and 2022.

Specifically, the IFR allows use of March 31, 2020, financial data when determining:

Whether the FICU is subject to supervision by NCUA’s Office of National Examinations and Supervision (ONES) ; and if the FICU is subject to ONES
Which of three capital planning and stress testing tiers the FICU is subject to

NCUA also reserves the authority to classify a FICU as subject to ONES supervision and assign that credit union to a Tier commensurate with the credit union’s risk profile.

The Interim Final Rule may be read here. Comments are due to May 24, 2021.

The rule applies to both FISCUs and FCUs and becomes effective upon publication in the Federal Register.

Summary

At the start of the pandemic, consumer spending decreased as individual states & major metropolitan areas ordered millions of Americans to stay home. Meanwhile, market volatility created a flight to safety which pushed money from the markets to safer assets, including deposits in credit unions. NCUA notes that fiscal stimulus applied additional upward pressure on FICU balance sheets. In fact, the balance sheet of FICUs just below $10 billion in assets have swelled by an average of about 14% in contrast to 2019 when they average asset growth of just 9%.

As a result of the pandemic related balance sheet growth, some larger FICUs are approaching the regulatory asset thresholds that trigger supervision by NCUA’s Office of National Examinations and Supervision (ONES) and additional regulatory compliance obligations.

Because complying with the more stringent regulatory standards applicable to FICUs with assets of $10 billion and greater would impose additional transition and compliance costs on some FICUs that would not be subject those standards “but for” the consequences of the pandemic, NCUA has determined to provide affected FICUs more time to either reduce their balance sheets, or to prepare for higher regulatory standards.

Capital Planning & Stress Testing Thresholds

Pursuant to § 702, FICUS over $10 billion in assets are subject to three tiers of stress testing:

- Tier I – $10b assets – $15b assets – Capital Plan

- Tier II – $15b assets – $20b assets – Capital Plan & Stress Testing

- Tier III – $20b+ assets – Capital Plan submitted to NCUA & Stress Testing

The asset thresholds for each tier is based on a FICU’s asset size on March 31 each year and if a FICU crosses any of the tier I, II, or III asset thresholds at that time, then the FICU’s new classification is effective on January 1 of the next year. Therefore, a FICU’s capital planning and stress requirements for this year were determined by its assets as of March 31, 2020 and were effective January 1, 2021.

Under the IFR, a FICUs Tier for 2022 will be determined by its March 31, 2020 assets. This means that asset growth in 2020 will not trigger new regulatory requirements under Part 702 until January 1, 2023, at the earliest.

Oversight by ONES

Currently, ONES oversees FICUs with $10 billion or more in assets as of March 31 of the previous year. Under the interim final rule, the NCUA will use financial data as of March 31, 2020, instead of March 31, 2021, to determine the supervision of natural person credit unions for calendar year 2022.

Reservation of Authority

NCUA notes that there may be circumstances when deferring a FICUs supervision by ONES, or its ascension to a higher Tier would be inappropriate. In such cases, NCUA reserves its existing authority pursuant to § 702 to designate a FICU as subject to ONES supervision or a tier I, II, or III credit union. When making any such determination, the Board would consider all relevant factors affecting the FICU’s safety and soundness, including, but not limited to:

The extent of asset growth of the FICU since March 31, 2020
The causes of such growth, including whether growth occurred as a result of mergers or purchase and assumption transactions; whether such growth is likely to be temporary or permanent
Whether the FICU has become involved in any additional activities since March 31, 2020, and, if so, the risk of such activities
The type of assets held by the FICU

In the IFR, NCUA emphasizes that the agency will consider whether the FICU crossed a threshold due to a merger or purchase and assumption transaction that significantly increases the FICU’s asset size as opposed to growth resulting from monetary policy response to the pandemic. FICUs crossing a regulatory threshold because of a merger or purchase and assumption transaction have the opportunity to plan and prepare for the change in regulatory requirements.

Regulatory Alert 20-RA-09 2021 Exemption Thresholds Adjustments Under the Truth in Lending Act (Regulation Z) and the Consumer Leasing Act

December 2020

NCUA’s Regulatory Alert notifies credit unions of the three annual exemption thresholds for 2021 related to 1) special appraisal requirements for higher-priced mortgage loans; and 2) consumer credit; and 3) lease transactions. The 2021 thresholds will be the same as the 2020 thresholds.

Appraisals for Higher-Priced Mortgage Loans Exemption Threshold

The exemption threshold for 2021 will remain at $27,200 based on the Consumer Price Index for Urban Wage Earners and Clerical Workers (CPI-W) in effect as of 6/1/2020.

Consumer Credit and Consumer Lease Exemption Thresholds (Regulation Z and Regulation M)

The exemption threshold for 2021 will remain at $58,300 based on the CPI-W in effect as of 6/1/2020.

NCUA Risk Alert: 20-Risk-02 COVID-19 Fraud Schemes

August 2020

NCUA issued Risk Alert 20-RA-02 to inform credit unions about fraud risks associated with the COVID-19 pandemic. The economic dislocation resulting from the pandemic, the various government programs implemented to mitigate those effects, and the altered operations of credit unions managing the pandemic present opportunities for criminal elements to exploit vulnerabilities and compromise credit unions and their members.

Financial Institution Fraud

NCUA recommends credit unions review risks related to:

New account fraud, identity theft, cybersecurity risks (NCUA)
Imposter scams and money mule schemes (FinCEN)
Mobile banking application fraud (FBI)

Other federal agencies are good resources on evolving pandemic related fraud trends:

Small Business Administration Loan Fraud

The SBA is administering 2 loan programs, the Paycheck Protection Program and the Economic Injury Disaster Loans, to provide relief to business impacted by the pandemic. The most common red flags for fraud related to these programs are:

PPP applications with manipulated or fraudulent supporting documentation.
PPP applications w/different names that contain nearly identical application information & supporting documentation originating from the same IP address.
Recently established fake businesses with no internet presence & having minor differences between names on the application & business registration documents.
Existing accounts always have low balances with no history of payroll expenses.
New accounts that appear to have been created solely to apply for or receive SBA funds. The accounts had no previous business activity and funds are quickly transferred after receipt of SBA loan proceeds.
After loan advances or proceeds are deposited into an account, funds are immediately withdrawn in cash, wired out, transferred to an investment account, used to purchase luxury assets not associated with typical business-related expenses, or used to start an entirely new business.

Credit unions should report suspected fraud to the SBA Office of the Inspector General (SBA OIG). Additional guidance on PPP loans is available in SBA Procedural Notice 5000-20036. The SBA OIG has also published a lender alert regarding EIDL.

Business Tax Credits Fraud

NCUA’s Risk Alert provides information on the CARES Act Employee Retention Credit and the Credit for Sick and Family Leave. Both programs provide for eligible employers to receive an advance of the credits to help meet weekly payroll. Suspected fraud related to the programs should be reported to IRS Criminal Investigation. Red flags of fraud related to these programs include:

U.S. Treasury check deposits while receiving loan proceeds from SBA programs. Businesses are only allowed to take advantage of the Employee Retention Credit or the PPP program. They may not take advantage of both programs.
Inflated wages or numbers of employees to increase the amount of tax credits or advances received through a U.S. Treasury check.
U.S. Treasury check deposits into accounts with no indication of business or payroll activity.
U.S. Treasury check deposits used to pay personal expenses.

Unemployment Insurance Fraud

The CARES Act provides additional unemployment insurance funding for eligible individuals through multiple unemployment assistance programs including the Pandemic Unemployment Assistance (PUA) program. These programs disburse their benefits by various means are attractive targets for fraud. The most common red flags associated with these programs include:

Account receives unemployment benefits from another state without a reasonable explanation or from multiple other states.
A single account receives unemployment benefits for multiple individuals.
New accounts are opened, or existing accounts lack transactional activity, then suddenly used to collect unemployment benefits.
Imposter schemes, where a fraudster poses as an official entity to defraud victims, such as obtaining personally identifiable information to fraudulently file for unemployment insurance benefits.
Money mules, where an individual knowingly or unknowingly obtains money on behalf of, or at the direction of, someone else to improperly obtain unemployment insurance benefits.

Suspected fraud related to these programs should be reported to the Department of Labor Office of the Inspector General.

Reporting Fraud

In addition to reporting suspected fraud to the appropriate federal agency, credit unions may also contact NCUA’s Fraud Hotline (800.827.9650), an NCUA Regional Office or their SSA.

As appropriate, credit unions should also file SARs with FINCEN with suspected COVID-19 related fraud. SAR filings should include:

The type of fraud or scam (by name if possible; i.e imposter scam)
affected programs
identifying information when possible such as IP addresses

Regulatory Alert 20-RA-06 Treatment of Certain COVID-19-Related Loss Mitigation Options Under the Real Estate Settlement Procedures Act

August 2020

NCUA’s Regulatory Alert notifies credit unions of the CFPB’s interim final rule amending Regulation X (RESPA) that added a temporary exception to Subpart C to Reg X for certain COVID-19-related loss mitigation options. The rule became effective July 1, 2020.The rule allows a loan mortgage servicer to offer a borrower a loss mitigation option based on an evaluation of limited information collected from a borrower if certain criteria are met.

Reg X generally a mortgage loan servicer to exercise reasonable efforts to obtain all documents and information to complete a loss mitigation application from a borrower, and assess the borrower for all loss mitigation options available to the borrower based on the completed application. There are 2 exceptions:

When a servicer has exercised reasonable diligence in obtaining the documents and information to complete a loss mitigation application, but a loss mitigation application remains incomplete for a significant period of time under the circumstances without further progress by a borrower to make the loss mitigation application complete
When a servicer offers a short-term payment forbearance program or a short-term repayment plan to a borrower based upon an evaluation of an incomplete loss mitigation application.

The interim final rule adds a third temporary exception that is designed allow servicers to offer a payment deferral option offered by Fannie Mae and Freddie Mac, at the direction of the Federal Housing Finance Agency (FHFA), and a loss mitigation option for FHA insured loans.

To qualify for the 3^rd exception, a credit union must meet 3 criteria:

Allow a borrower to delay paying all forborne principal and interest payments, and all principal and interest payments that are due and unpaid, until:
- the mortgage loan is refinanced
- the mortgaged property is sold
- the term of the mortgage loan ends
- for a mortgage insured by FHA, the mortgage insurance terminates
Not charge or accrue interest on any amounts a borrower may delay paying through the loss mitigation option; not charge any fee in connection with the loss mitigation option; and waive all existing late charges, penalties, stop payment fees, or similar charges promptly upon a borrower’s acceptance of the loss mitigation option
Terminate any pre-existing delinquency when a borrower accepts the loss mitigation offer

Under the interim final rule, when a borrower accepts a loss mitigation offer, a credit union is not required to comply with requirements of 1024.41(b)(1) and (2), which apply to an application a borrower submitted before the credit union made its loss mitigation offer.

Credit unions must also comply with other Regulation X requirements after a borrower accepts a loss mitigation offer. For example:

If a mortgage loan becomes delinquent again (at any time), a credit union would have to satisfy the early intervention requirements of 1024.39
If the borrower submitted a new loss mitigation application, the credit union would have to comply with the usual loss mitigation procedures

Small Servicer Exemption and the Prohibition on Certain Foreclosure Activities

NCUA notes that credit unions engaged in servicing mortgage loans that qualify as small servicers (they service 5k or fewer loans, all of which they or an affiliate own or originated) are not subject to the provisions of Regulation X relevant to this Regulatory Alert and are not affected by the amendment in the interim final rule. However, a small servicer is subject to the prohibition on certain foreclosure activities in Regulation X.⁵

Credit unions should read the provisions of the interim final rule and Reg X to determine the effect on their operations.

Letter to Credit Unions 20-CU-23 Annual Voluntary Credit Union Diversity Self-Assessment

August 2020

NCUA issued LTCU 20-CU-23 to encourage credit unions to completing NCUA’s Annual Voluntary Credit Union Diversity Self-Assessment. NCUA notes that in 2018, 81 credit unions completed the assessment and last year that number increased to 118. NCUA believes the Diversity Self-Assessment is “a valuable tool for credit unions seeking to make a stronger commitment to diversity, inclusion, and equity” and can help industry strengthen its commitment to those principles.

NCUA aggregates the data from submissions and issues a report on the state of diversity, equity, and inclusion throughout the credit union system. No respondents are identified in the report.

NCUA notes that the Diversity Self-Assessment is available to be completed year-round but that most credit unions complete it at year-end. NCUA encourages credit unions to voluntary commit to completing the Annual Voluntary Credit Union Diversity Self-Assessment by emailing [email protected] and pledging to submit the survey by year-end.

Letters to Credit Unions 20-CU-22 Update to NCUA’s 2020 Supervisory Priorities

July 2020

NCUA issued LTCU 20-CU-22 to update its Supervisory Priorities listed in LTCU 20-CU-01 in light of developments related to the COVID-19 pandemic. NCUA notes that given the challenges presented by the pandemic, the agency will be:

updating the Examiner’s Guide to include additional guidance for examiners and review procedures
scheduling eligible credit unions for examination in accordance with the extended examination cyclepursuant to the 2016 NCUA Exam Flexibility Initiative
conducting risk-focused examinations, concentrating on areas of highest risk, new products and services, and compliance on all other credit unions

Information on the NCUA’s response to the pandemic is available at Coronavirus (COVID-19): Information for Federally Insured Credit Unions and Members.

Updated Exam Priorities for 2020 Q3 and Q4

Bank Secrecy Act Compliance/Anti-Money Laundering

NCUA will continue to conduct BSA/AML reviews with an emphasis on CDD and beneficial ownership requirements (effective May 11, 2018). NCUA will also focus on proper filing of SARs and CTRs and reviews of bi-weekly 314(a) information requests.

(NASCUS Note: On August 3, 2020 FINCEN issued updated FAQs related to CDD.)

NCUA participates on an interagency working group with FinCEN and other FBAs which has to date:

Issued joint statements addressing improved efficiency through shared resources (see LTCU 18-CU-04, Sharing Bank Secrecy Act Resources)
Encouraged innovative approaches to meeting BSA/AML compliance obligations
Promoted risk-focused BSA/AML supervision
Published updates to the BSA Examination Manual

NCUA has a Bank Secrecy Act Resources webpage with additional information.

Coronavirus Aid, Relief and Economic Security Act

NCUA has added the CARES Act as a supervisory priority and its examiners will review credit unions’ good faith efforts to comply with the Act.

For more information, see LTCU 20-CU-07, Summary of the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

Consumer Financial Protection

NCUA will continue to examine for compliance with applicable consumer financial protection regulations during every examination including:

Electronic Fund Transfer Act (Reg E) – Examiners will evaluate EFT policies & review initial account disclosures & Reg E error resolution
FCRA – Examiners will review credit reporting policies & procedures and the accuracy of reporting to credit bureaus, particularly the date of first delinquency
GLBA – Examiners will evaluate credit union protection of non-public data
Small dollar lending – Examiners will test for compliance with the NCUA PALs rules & review other credit union short-term, small-dollar loan programs
TILA (Reg Z) –Examiners will evaluate whether finance charges and annual percentage rates are accurately disclosed, and late fees are levied appropriately
Military Lending Act (MLA) and Servicemembers Civil Relief Act (SCRA) – For credit unions that have not received a recent review, examiners will review credit union compliance with the MLA and SCRA

NCUA will also emphasize review of the following regulatory changes enacted since the start of the COVID-19 pandemic:

EFT Act (Regulation E) –Examiners will evaluate compliance with the Remittance Transfer Rule safe harbor threshold & fee changes
TILA (Reg Z) –Examiners will also evaluate practices related to recent changes in TRID and Reg Z Rescission rules in response to the pandemic

Credit Risk Management and Allowance for Loan and Lease Losses

NCUA is shifting its priority from reviewing underwriting standards and concentrations risk (NCUA expectations discussed in 10-CU-03, Concentration Risk) to reviewing adequacy of ALLL accounts. Because of the delay to CECL, NCUA will not be assessing transition to the CECL standard until further notice. However, credit unions must still maintain an ALLL account in accordance with FASB ASC Subtopic 450-20 (loss contingencies) and/or ASC 310-10 (loan impairment).

To evaluate the adequacy of credit unions’ ALLL accounts NCUA will review:

ALLL policies and procedures
ALLL reserving methodology & including modeling assumptions
Adherence to GAAP
Independent reviews of credit union reserving methodology and documentation practices by the Supervisory Committee or by an internal or external auditor

NCUA references additional resources, including:

Interagency Statement on Loan Modifications and Reporting for Financial Institutions Working with Customers Affected by the Coronavirus (revised)
LTCU 20-CU-13, Working with Borrowers Affected by the COVID-19 Pandemic;
NCUA’s Frequently Asked Questions for Federally Insured Credit Unions;
LTCU 02-CU-09, Allowance for Loan and Lease Losses; and
NCUA Accounting Bulletin, 06-01, Interagency Advisory Addressing the ALLL Key Concepts and Requirements.

NCUA will also review credit union policies and the use of loan workout strategies, risk management practices, and new strategies implemented to assist borrowers impacted by the pandemic.

Information Systems and Assurance (Cybersecurity)

NCUA is shifting its focus from performing ACET cybersecurity maturity assessments to evaluating critical security controls. NCUA is also piloting an Information Technology Risk Examination solution for Credit Unions (InTREx-CU) which is intended to harmonizes the IT and Cybersecurity examination procedures shared by the FDIC, FRB, and some state financial regulators to ensure consistent approaches are applied to community financial institutions. The InTREx-CU will be deployed to identify gaps in security safeguards, allowing examiners and credit unions to identify and remediate potential high-risk areas through the identification of critical information security program deficiencies as represented by an array of critical security controls and practices.

The NCUA has also published information on the increased cybersecurity threats resulting from the COVID-19 pandemic. See NCUA’s Cybersecurity Resources website and NCUA’s Frequently Asked Questions for Federally Insured Credit Unions.

LIBOR Transition Planning

On July 1, 2020, FFIEC issued a Joint Statement on Managing the LIBOR Transition that highlighted the risks that will result from the transition away from LIBOR. NCUA will continue assessing credit unions’ exposure and planning related to a transition away from LIBOR using the NCUA’s LIBOR Assessment Workbook.

Liquidity Risk

NCUA will continue to review liquidity risk management and planning in all credit unions, and will place emphasis on:

The effects of loan payment forbearance, loan delinquencies, projected credit losses and loan modifications on liquidity and cash flow forecasting
Scenario analysis for changes in cash flow projections for an appropriate range of relevant factors (for example, changing prepayment speeds)
Scenario analysis for liquidity risk modeling, including changes in share compositions and volumes
The potential effects of low interest rates and the decline of credit quality on the market value of assets, funding costs and borrowing capacity
The adequacy of contingency funding plans to address any potential liquidity shortfalls

More information is available in the NCUA’s Examiner’s Guide.

Serving Hemp-Related Businesses

NCUA will continue to collect data thru the examination process on credit unions serving Hemp businesses. See LTCU 20-CU-19, Additional Guidance Regarding Servicing Hemp-Related Businesses and FinCEN’s June 29, 2020 guidance.

Modernization Updates

NCUA Connect and MERIT

In September 2019, NCUA began piloting both a new user portal (NCUA Connect) and a new examination tool, the Modern Examination and Risk Identification Tool (MERIT).

Following challenges related to the COVID-19 pandemic, the NCUA has delayed the rollout, training and launch of these applications to all examination staff until the second half of 2021. However, the agency will continue to use MERIT in 2020 and 2021 in both a pilot and limited-release capacity.

Additional information about these applications is available on the NCUA website.

NCUA Request for Information (RFI): Strategies for Future Examination & Supervision Utilizing Digital Technology

Prepared by NASCUS Legislative & Regulatory Affairs Department
July 2020

Summary

NCUA has published a Request for information (RFI) to gather stakeholder input as the agency considers alternative procedures to modernize its examination program to improve the program’s efficiency and effectiveness. NCUA seeks to leverage data and technology to transition to a predominately offsite examination and supervision model.

NCUA hopes to:

Reduce burden on credit unions and increase agency efficiency by reducing onsite examination time
Improve offsite supervision capabilities
Provide more consistency and standardization for the examination and supervision process
Improve communication between examiners, credit unions, and state supervisory authorities
Explore and evaluate technology utilization and appetite for adoption.

NCUA will use stakeholder RFI response to:

Refine a strategy for leveraging technology in the future examination and supervision process
Determine how much onsite examination activity would still be required with an examination primarily done offsite
Develop an implementation strategy that reduces burden while maintaining supervisory effectiveness

The RFI may be read here. Comments are due to NCUA August 31, 2020.

Summary

During the traditional onsite examination, conducted generally every 18 months, examiners gather information, conduct analysis, review documents and controls, hold meetings, develop recommendations, and deliver a final report to a credit union’s board of directors. In response to examiner requests, credit unions provide data from multiple sources and in multiple formats. Before 1995, the NCUA collected data from credit unions in written format. In 1995, the agency initiated its first electronic data collection program when it instituted the AIRES Examination Program and encouraged federally insured credit unions to provide member data to examiners electronically:

In October 2016, NCUA issued its Exam Flexibility Initiative report. One of the 10 recommendations made in the report was for NCUA to evaluate alternative approaches to its current examination program by seeking ways to reduce onsite presence. As a result, NCUA piloted the Flexible Examination Program (FLEX) in 2017 to assess examiners’ ability to work remotely on elements of examinations of well-run credit unions that have appropriate technology and platforms to securely provide electronic data.

During the pilot, NCUA states that examiners were, on average, able to reduce their time onsite by 30%. NCUA also learned it needed a secure file transfer portal to support the transmission of data remotely and securely. In July 2018, NCUA deployed a secure file transfer portal, however most of NCUA’s examination work is still conducted onsite (pre-COVID 19).

NCUA developed a secure file transfer portal in July 2018. However, most of the review of credit union information and data is still conducted onsite. In 2018, NCUA established the Virtual Examination Program to explore ways for NCUA to move to a more virtual-based exam program within the next 5-10 years.

NCUA’s goal is to adopt an exam model in which examiners would review a credit union’s operational and financial condition remotely. NCUA is also looking for “innovative methods to augment the agency’s evaluation of a credit union’s financial and operational condition.”

As NCUA considers how to modernize its examination program, its set the following principles:

Evaluate all material risk exposures and compliance matters fully
Leverage new data and analytical techniques to achieve desired supervisory outcomes efficiently and effectively
Optimize the benefits of utilizing technology for examinations without increasing the risk to the safety and soundness of the credit union system
Minimize the burden on supervised institutions

In the RFI, NCUA seeks feedback on the following questions:

What capabilities can federally insured credit unions adopt to facilitate the NCUA’s transition toward more offsite exam work?

What capabilities do you recommend the NCUA adopt to be able to conduct more examination work offsite?

How would such offsite capabilities increase the efficiency and effectiveness of the exam and supervision process from the credit union perspective?

Do you think the NCUA can do significantly more offsite work without compromising its safety and soundness responsibilities?

What credit union data can be provided to examiners to facilitate more

offsite supervision and reduce time onsite during the examination?

(a-b)

(a) What credit union data is currently provided to other parties that NCUA could potentially leverage to reduce the burden on credit unions?

(b) To ease the administrative burden, should the NCUA ask third party service providers for data on credit unions directly?

Are credit unions moving from a physical presence in member services to more reliance on digital or mobile banking platforms? How should the examination program evolve to accommodate these changes?

What other methodologies or approaches should NCUA include in this exam study?

Would credit unions benefit from more clarity and consistency on the timing and types of documents and data examiners need to conduct examinations?

(a-b)

(a) Would it be easier or less burdensome for credit unions to provide documents and data to the NCUA on a more scheduled, flow basis throughout the year so the time spent onsite would be more efficient and the majority of the examination/supervision could primarily be conducted offsite?

(b) If this process could lead to more frequent/ offsite contacts using technology and reduce the time and frequency of full- scope onsite examinations, do you think this would be an improvement and/or less burdensome than the current examination process or cause more disruption?

What do you see as the most significant challenges facing the NCUA’s move to an offsite examination/ supervision model that utilizes technology?

(a-b)

(a) What difficulties do you foresee with moving to a future examination model for federal and state charted credit unions?

(b) How could we better coordinate with the states in this approach?

What concerns do you have, if any, about a diminished NCUA onsite presence, and can these be mitigated?

What impact, positive or negative, do you anticipate this future examination program strategy will have on your credit union and its operation?

Will moving offsite create any noticeable change in credit unions’ ability to provide services to members, particularly during major disruptions, like pandemics?

Are there resiliency tests that can be performed by examiners offsite that could not be performed when examiners are onsite? If so, please detail them.

If rebuilding the examination process from scratch, how might you redesign what is currently done today in order to reduce the burden on credit unions and/or minimize time that examiners need to be onsite at credit unions?

What new or emerging technologies could enable the NCUA to examine a credit union with less time onsite?

Are video and telecommunications capabilities sufficient to maintain good lines of communication between examiners and credit union management and officials with reduced in-person meeting opportunities? What other methods of communication or communication protocols would support quality communications between the credit union and examination staff?

What types of artificial intelligence and/or machine learning techniques are you currently using or anticipate using?

Does the NCUA have regulations/ policies that are sufficiently flexible to allow you to leverage various technological advances such as artificial intelligence, machine learning, process robotics, Fintech, Regtech, and Suptech etc.?

Do the current regulations/policies create unnecessary hurdles or burdens with respect to adopting technology? Are there ways we can update our regulations/policies to help facilitate a greater use of technology?

Do you feel comfortable using the NCUA’s secure file transfer portal as a means to transfer data electronically, including personally identifiable information and confidential credit union data, to NCUA staff?

If not, please provide details regarding your concerns and recommendations on ways the NCUA could mitigate these concerns.

(a-c)

(a) What issues are unique to smaller institutions regarding the use and implementation of innovative products, services, or processes that the NCUA should consider?

(b) Additionally, by moving to an offsite exam posture, will this negatively affect small credit unions that may not have the technology required to transmit requested documentation?

With respect to the future examination model, should the NCUA consider alternative exam approaches for smaller credit unions?

Are there better ways for the NCUA to support your financial inclusion and financial education mission by using technology? Additionally, are there better ways for the NCUA to use technology to help low-income designated credit unions and minority depository institutions to better serve their members?

Do you feel there are circumstances that would disqualify or preclude a credit union from participating in this examination model where the majority of work is completed offsite?

What documentation and measures should be collected and used to assess a credit union’s financial education efforts or programs?

Are there better ways for the NCUA to receive important contextual information regarding how you serve the low-income, underserved, and unbanked communities in your field of membership?

What baseline data protection and privacy safeguards would enable credit unions to comply with consumer protection statutes and federal/state law when sharing data for remote examinations?

How could an offsite posture affect the oversight of consumer financial protection and BSA/anti- money laundering laws and regulations at your credit union? What changes should the NCUA make to address your concerns?

All technology is coupled with internal and external security risks. As credit unions remain diligent in addressing these risks, what can the NCUA do to support credit unions’ security posture?

What cybersecurity challenges do you see with the NCUA moving to this future examination model?

Are there digital banking activities or issues that are not covered by this RFI that the NCUA should address?

(a-c)

In response to the pandemic, the NCUA moved to an offsite posture. Did you participate in an exam during this time?

(a) From your perspective, what has worked well?

(b) What exam steps could continue to be completed offsite after we return to an onsite posture?

Are there issues the NCUA should consider in light of changes in the banking system that have occurred in response to the COVID–19 pandemic?

XXX

Policy for Setting the Normal Operating Level NCUSIF

Request for Comment: Policy for Setting the Normal Operating Level NCUSIF

Interim Final Rule Summary: Temporary Regulatory Relief in Response to COVID–19 — Prompt Corrective Action Parts 702

Interim Final Rule Summary Asset Thresholds (Parts 700, 702, 708a, 708b, & 790)

Regulatory Alert 20-RA-09 2021 Exemption Thresholds Adjustments Under the Truth in Lending Act (Regulation Z) and the Consumer Leasing Act

NCUA Risk Alert: 20-Risk-02 COVID-19 Fraud Schemes

Regulatory Alert 20-RA-06 Treatment of Certain COVID-19-Related Loss Mitigation Options Under the Real Estate Settlement Procedures Act

Letter to Credit Unions 20-CU-23 Annual Voluntary Credit Union Diversity Self-Assessment

Letters to Credit Unions 20-CU-22 Update to NCUA’s 2020 Supervisory Priorities

NCUA Request for Information (RFI): Strategies for Future Examination & Supervision Utilizing Digital Technology

Interim Final Rule Summary: Temporary Regulatory Relief in Response to COVID–19 — Prompt Corrective Action
Parts 702

Interim Final Rule Summary Asset Thresholds
(Parts 700, 702, 708a, 708b, & 790)