Compliance Blog

Written by Elizabeth M. Young LaBerge, Regulatory Compliance Counsel

MLA DOD Database in the Works

On a short call this afternoon, the Defense Manpower Data Center (DMDC) informed NAFCU that it is working on establishing the two methods for identifying covered borrowers which are considered safe harbors under the MLA rule.
 

First, it is working with the nationwide consumer reporting agencies to report on covered borrow status for persons over the age of 18.

Second, it is working on a web interface which will allow financial institutions direct access for running covered borrower checks. Direct connection is expected to be broadly available in summer of this year.

Credit unions who want to directly access the DMDC data for running covered borrower checks must declare that by February 1, 2016 NAFCU will provide details on that process as soon as we have more information.

NCUA Supervisory Priorities for 2016

Earlier this week, NCUA released Letter to Credit Unions 16-CU-01, detailing the agency's supervisory priorities for 2016. The top areas of supervisory focus include cybersecurity assessment, response programs for unauthorized access to member information, BSA compliance, interest rate risk, TRID compliance and CUSO reporting.

Cybersecurity Assessment

Cybersecurity threats have appeared on the last four supervisory focus letters, and it is clear that won't change in the near term. In the letter, NCUA encouraged credit unions to use the FFIEC's Cybersecurity Assessment Tool released last year. It went further to say that the tool would be incorporated into the examination process in the second half of 2016, but did not explain how, precisely, it will be used.

Response Programs for Unauthorized Access to Member Information

The letter also indicated that NCUA examiners will be reviewing credit unions incident response programs. This is the first year that response programs have been highlighted separately from cybersecurity threats, but the change is not surprising in light of last year's reports of massive information breaches and high-profile litigation surrounding breaches from previous years. NCUA directed credit unions to Appendix B to Part 748 of NCUA rules and regulations for guidance on the minimum components of an incident response program.

BSA Compliance

As with previous years, compliance with the BSA will continue to be a focus. Specifically, NCUA indicated that its examiners will be focusing on credit unions relationships with money services businesses (MSBs). NCUA directed credit unions to its guidance, Identifying and Mitigating Risks of Money Service Businesses, issued to examiners and credit unions in 2014.

Interest Rate Risk

Interest rates were raised this year, and NCUA indicated that it will be paying attention to interest rate risk. NCUA is in the process of updating the supervisory guidance on interest rate risk management, and we should expect to see that guidance published this year. Examiners will be transitioning to new exam procedures regarding IRR over the course of the year, receiving training in April. Credit unions should be prepared to provide field staff with documentation supporting the credit union's ability to successfully manage their IRR through changing market conditions, including rising rate environments.

TRID

How is your TRID compliance going? NCUA has highlighted TRID compliance as a priority this year, but regarding examination the letter merely says that Field staff will be reviewing credit unions compliance with relevant provisions.  

CUSO Reporting

CUSOs will start reporting in 2016, and NCUA will be checking for registration and reporting once that process starts. The CUSO Registry is not yet live on NCUA's website, but it is expected to be available beginning February 1, 2016. NCUA states a Letter to Federally Insured Credit Unions on the topic is forthcoming.

Last Chance on Early Bird Savings

For those of you who are considering attending NAFCU's popular Regulatory Compliance School, our early bird savings code is about to expire this Friday, January 15th. With one full day dedicated to regulatory updates and the option to take the exams needed to become a NAFCU Certified Compliance Officer (NCCO), you won't want to miss this event. Use code SCHOOL SAVINGS to save $100.00.