Credit Unions: Get Exam-Ready for 2023 with Top Takeaways from NCUA’s Supervisory Priorities
Last year the National Credit Union Administration (NCUA) surprised everyone with an especially long list of supervisory priorities. For 2023, the NCUA has a long list once again with interest rate risk, liquidity risk, and credit risk topping the list.
What about non-financial risks? Here’s a rundown of NCUA’s top exam priorities – and tips on how to make sure your credit union is exam ready.
Fraud prevention and identification
It’s no secret that fraud is on the rise. The Federal Trade Commission (FTC) warned that reports of consumer fraud increased 70% between 2021 and 2022 and fraud remains an expensive problem for financial institutions.
The NCUA is making fraud prevention and detection a high priority in 2023. The name of the game is risk management. The agency will be reviewing internal controls and looking for evidence of separation of duties. It’s also introducing a new questionnaire designed to help examiners scope their exams by identifying red flags signaling new and existing fraud risks at a credit union.
How to prepare: Review your fraud controls for effectiveness – especially since it’s been a while since they were last assessed. Scammers are constantly coming up with new devious ways to commit fraud, and the only way to keep up is to regularly assess your controls and decide if they need to be adjusted or if new ones should be added. That’s not just good exam prep. It’s also the best way reduce fraud losses.
Information security and cybersecurity at credit unions
Cybersecurity remains a top NCUA priority for 2023 with the introduction of new Information Security Examination procedures.
The NCUA is looking for dynamic cybersecurity programs that can adjust to identify and combat new threats. It suggests credit unions considering completing the voluntary Automated Cybersecurity Evaluation Toolbox (ACET) to prepare for exams.
How to prepare: Make sure you assess your cybersecurity posture. If you need help completing the ACET, our Ncyber solution makes it easier to work your way through the ACET and integrates with Nrisk and Nvendor to help you keep an eye on key controls.
Consumer protection remains a high priority for credit unions
Consumer protection is a hot button issue for all financial institutions, including credit unions. In 2023, the NCUA will devote attention to:
- Overdraft programs. The NCUA will dig into overdraft programs, going beyond 2022’s request for information about policies and procedures to review website advertising, balance calculation methods, and settlement processes. It will be looking to see if your credit union assessed your overdraft program’s potential risk for consumer harm from unexpected overdraft fees and whether you’ve taken action to remediate them.
How to prepare: Conduct an overdraft program risk assessment. This blog on risk assessing your overdraft program gives you some ideas where to start. For a more in-depth look, Nrisk has a model risk assessment for overdraft services.
- Fair lending. Steering and loan pricing discrimination risk will be a main focus when examiners review policies and practices. Residential real estate appraisal bias will be under a microscope with policies and practices reviewed. Appraisal consistency, fairness, and accuracy will be addressed in tailored file reviews.
How to prepare: The best way to identify discrimination and fair lending violations is analyzing your data. Fair lending analytics help you uncover disparities so you can figure out why they are occurring and if they indicate a fair lending problem that needs to be remediated. Uncovering problems and correcting them before examiners find them is always a smart move.
- The Truth in Lending Act (TILA). If your credit union experienced significant growth in auto lending, expect examiners to look at compliance and disclosures.
How to prepare: Make sure your auto lending policies, procedures, and disclosures are accurate, up-to-date, and working effectively. If you work with third parties, engage in proper vendor management to ensure they are also adhering to TILA.
- The Fair Credit Reporting Act (FCRA). Credit reporting, including furnishing, adverse action notices, risk-based pricing, and consumer rights disclosures, is an examination priority.
How to prepare: Review your FCRA policies and procedures with special attention paid to high-risk areas. If you need help assessing FCRA risk, consult the model template in Nrisk.
Other areas of note include the CECL transition and succession planning.
NCUA’s exam priorities point to risk management
What’s the common theme running through NCUA’s supervisory priorities? It’s risk management. From identifying high risk areas to testing controls, exam readiness is about a lot more than compliance. It’s about having a risk management mindset where continual, proactive risk assessments the rule of the day and new and existing risks are measured, monitored, and mitigated.
Don’t wait for exam time to question whether your credit union is ready. Good risk management means being ready every day. Your members deserve a safe, sound credit union where they are protected.
Want to stay on top of the latest credit union regulatory developments?
Check out the monthly updates in our Regulatory Update podcast.
Topics: Risk Management, Compliance