Compliance Blog

Dec 26, 2018

Need To Fill Downtime Over the Holidays, How About Training?

By Reginald Watson, Regulatory Compliance Counsel, NAFCU

Season Greetings Compliance friends, I hope everyone is enjoying the holidays!

As work-related obligations tend to slow down around the holidays, I sometimes try to use this time effectively by catching up on any webinars or training I might have missed throughout the year. Some of these are required based upon my NCCO or CLE obligations, while others are just fun topics I’ve been interested in and want to learn more about! It seems many credit union Board members have also found some time to kill, since NAFCU has been asked a few times over the past week about NCUA’s training requirements for board members.

Rather than specific board training requirements, NCUA provides general guidelines addressing the Board’s oversight of the credit union, financial literacy and fiduciary duties among other topics. From there, the credit union’s internal policies and procedures typically set guidelines for what training is required of the board. Thus, training policies can range widely from credit union to credit union. NAFCU has also compiled a helpful list summarizing the training requirements for all credit union employees. That being said, let’s take a journey through some of NCUA’s expectations for the Board of Directors in several areas:

NCUA

The Federal Credit Union Bylaws state that the board has the responsibility for establishing policies to address training of newly elected and incumbent directors “in areas such as ethics and fiduciary responsibility, regulatory compliance, and accounting.” See, Appendix A to Part 701, Art. VI, § 6(d).

Furthermore, section 701.4(b)(3) of NCUA’s Rules and Regulations requires board members to have a working familiarity with basic finance and accounting practices either at the time of election or appointment or within a reasonable time thereafter. NCUA Letter to Federal Credit Unions 11-FCU-02 also provides guidance on NCUA’s basic expectations regarding board member knowledge as well as how members of the board may acquire such training.

NCUA’s Bank Secrecy regulation requires that credit unions "…provide training for appropriate personnel.” See, 12 C.F.R. § 748.2(c)(4). This has been interpreted to mean credit unions should train at a minimum “all personnel whose duties require knowledge of the BSA,” which includes the Board of Directors. Here’s an excerpt from the FFIEC’s BSA/AML Examination Manual:

"The board of directors and senior management should be informed of changes and new developments in the BSA, its implementing regulations and directives, and the federal banking agencies’ regulations. While the board of directors may not require the same degree of training as banking operations personnel, they need to understand the importance of BSA/AML regulatory requirements, the ramifications of noncompliance, and the risks posed to the bank. Without a general understanding of the BSA, the board of directors cannot adequately provide BSA/AML oversight; approve BSA/AML policies, procedures, and processes; or provide sufficient BSA/AML resources."

In Letter to Credit Unions 05-CU-09, NCUA mandates that this BSA training be done at least annually. While these requirements seem very general, it is possible that the credit union’s board has already established an annual training requirement as a matter of credit union policy, and an examiner may inspect to ensure the credit union is following its internal Board training policy.

Information Technology

Elsewhere, the FFIEC implies that the Board should be sufficiently informed about IT activities in order to provide proper oversight. Although there does not appear to be a direct training requirement, it is implied in the requirement that the board have enough knowledge to be able to provide a credible challenge to management. A “credible challenge” is defined as “being actively engaged, asking thoughtful questions, and exercising independent judgment.” See, FFIEC IT Booklet, Management, at I.A.1.  Similarly, the IT guidance recommends that the board or its audit committee be well informed and seek training to fill any knowledge gaps relating to the credit union’s system of internal controls as well as any significant operational risks associated with new products, emerging technologies, information systems, and electronic banking. See, FFIEC IT Booklet, Audit.

Contractual Agreements

Finally, the credit union may also have an independent board training requirement as part of its fidelity bond coverage agreement. Part 713 of NCUA’s Rules and Regulations requires federal credit unions to maintain a certain minimum amount of bond coverage for fraud and dishonesty by all employees, directors, officers, supervisory committee members, and credit committee members. It is common that as part of this coverage, the contractual agreement may require additional training of credit union directors beyond the requirements of Section 701.4(b)(3).

Where do we start?

In addition to many third party training services, NCUA has also released a few sets of Board training videos, covering topics such as Effective Board Management, CU Policies and Procedures, Mergers, Understanding Financial Statements, and Understanding Key Ratios. For additional information, NAFCU also provides comprehensive Board of Directors Online Training available here.

Outside of any contractual obligations, NCUA’s requirements seem to leave a great deal of flexibility for credit unions to come up with intuitive or fun ways to hone the skills of its Board members so they are well informed and ready to take on the new year!