Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NCUA Board of Directors Policies


Published on

E. "Andy" Keeny prepared this slideshow for the NAFCU conference in October of 2012.

Published in: Economy & Finance
  • Be the first to comment

  • Be the first to like this

NCUA Board of Directors Policies

  1. 1. NCUA Board of Directors Policies –Which Ones Truly Require Action? October 26, 2012 E. Andrew Keeney, Esq. Kaufman & Canoles, P.C.
  2. 2. E. Andrew Keeney, Esq.Kaufman & Canoles, P.C.150 West Main Street, Suite 2100Norfolk, VA 23510(757)
  3. 3. Schedule• Greetings & Overview• Policy Defined• Policy as Defined by NCUA• Master List of Policies• Required Policies
  4. 4. Policy Defined• A product of wisdom in the management of affairs.• A definite course or method of action selected from among alternatives and in light of given conditions to guide and determine present and future decisions.• A high level overall plan embracing the general goals and acceptable procedures of a governmental body.• A definite course of action adopted for the sake of experimenting.Synonym: strategy; principle; rule
  5. 5. Policy Defined (continued)• From WikipediaA policy is typically described as a principle or rule to guide decisions and achieve rational outcomes. The term is not normally used to denote what is actually done, this is normally referred to as either procedure or protocol. Policies are generally adopted by the Board whereas procedures or protocols would be developed and adopted by senior executive officers. Policies can assist in both subjective and objective decision making. Policies to assist in subjective decision making would usually assist senior management with decisions that must consider the relative merits of a number of factors before making decisions and as a result are often hard to objectively test e.g. work-life balance policy.
  6. 6. Policy Defined (continued)A Policy can be considered as a “Statement ofIntent” or a “Commitment.” For that reason at least,the decision-makers can be held accountable fortheir “Policy.”
  7. 7. Board Duties and Responsibilities• Policies and Planning: “Plans and policies are the board’s major tools for influencing the direction of the credit union. Board and management work to explicitly define the credit union’s vision. Then they develop broad plans for turning that vision into reality. The board has final say in adopting plans and policies, although it’s the responsibility of management to recommend policies and policy changes.” - Source: Credit Union Board of Directors Handbook
  8. 8. Major Topics to Cover in Policies• Services and Programs • Legal – Loans – Compliance with laws and regulations – Collection and delinquency control – Staff awareness of laws – Shares, certificates, and share drafts – Board oversight of credit union operations – Member education• Human Resources • Finance – Personnel – Asset/liability and other funds management – Organizational structure – Investments – Board/CEO relations – Reserves – Education of volunteers and staff – Pricing – Code of ethics – Internal Controls – Conflicts of interest• Safety and Soundness • Other – Security – Technology and information services – Internal controls – Marketing – Disaster recovery – Sponsor relations – Insurance coverage – Community involvement – Audits Source: Credit Union Board of Directors Handbook
  9. 9. Policy as Defined by NCUA• It is important to remember that even if there is no regulatory requirement for Board approval, the Credit Union Board still has the ultimate responsibility for the operations of the Credit Union.• The NCUA Examiner’s Guide states “The Board must approve all major policies. Further, it should review, and if necessary, update those policies at least annually.”
  10. 10. Another Perspective1. We have been through a lot of documents/regulations and found that ‘Board Approval’ is not required for a great number of the items.2. What is required is that the ‘credit union’ establish a policy that addresses each of these issues.3. Policies can be established by Management to meet the requirements of the regulations and do not necessarily have to flow from/through the Board.4. We have identified policies established by Management as ‘Operating Standards.’ In doing so we do not have to seek Board approval to change these as situations arise and it relieves the Board from having to address these issues on a recurring basis.5. Each of the Operating Standards has a review period where Management must update them to assure they meet regulatory requirements.
  11. 11. List of Required Policies for Credit Unions Required Policy Regulation/ Reference1 Asset Liability Policy Adopt written policy addressing Interest Rate Risk (proposed • Interest Rate Risk Policy interest rate risk management and Mar. 24, 2011) (to be implement effective IRR program as codified at 12 C.F.R. pt. part of the asset liability program. 741)2 Authentication in an Internet Compliance required by January NCUA Letter to Credit Banking Environment Policies 2012. Unions 11-CU-09 (Online Member Authentication) CU must adopt strategies to avoid hacking and cyber crime. Educate members re: electronic protection.3 Bank Secrecy Act Compliance CU must establish and maintain 12 CFR § 748.2(b); pt. Policy written compliance program for the 751.214 for state-chartered • Customer Identification Program BSA. CIP Policy prevents money credit unions (CIP) Policy that is required by laundering and terrorist financing §326 of the Patriot Act scheme. • Anti-Money Laundering Program4 Children’s Online Privacy Adopt a policy for implementing 16 C.F.R. pt. 312.4 Protection Act (COPPA) COPPA that includes providing a Compliance Policy privacy notice on website and a notice to parents.
  12. 12. Required Policy Regulation/ Reference5 Compliance Policy/Program Each CU should have a compliance See NCUA Compliance officer that is responsible for general Manual at 8 compliance. Additionally, officers in different divisions should be responsible for compliance in their divisions.6 Consumer Leasing Act Policy Adopt policy for implementing Reg. Reg. M M.7 Credit by Banks and Persons Adopt comprehensive procedures for Reg. U Other than Brokers or Dealers for implementing Reg. U (if applicable). the Purpose of Purchasing or Carrying Margin Stock8 Credit Practices Policy Adopt policy re: credit practices. 12 CFR pt. 7069 Concentration Risk Policy Adopt policies re: risks in business NCUA Letter 10-CU-03; (Interest Rate Risk) lending and adopt sound risk Supervisory Letter 10-CU-02 management practices.10 Denial of Services Adopt a policy to limit or restrict NCUA Office of General member services. Counsel11 E-Sign Act Policy Adopt policy and procedure regarding NCUA Compliance Manual; use of electronic records. E-Sign Act §101(C)(1)
  13. 13. Required Policy Regulation/ Reference12 Electronic Fund Transfer Act Adopt policy implementing Reg. E. Reg. E Policy (EFT)13 Equal Credit Opportunity Act Ensure compliance with ECOA and adopt Reg. B Policy non-discrimination policy for credit transactions.14 Expedited Funds Availability Adopt policies to comply with Regulation Reg. CC Act Policy CC and all related regulatory requirements. This includes adopting: • Funds Availability Policy • Notices of Changes in Availability Policy15 Fair Credit Reporting Act Ensure procedures are in place for FCRA Policy implementing and complying with FCRA.16 Fair Debt Collection Ensure procedures are in place for FDCPA Practices Act Policy implementing and complying with FDCPA.17 Fair Housing Act Policy Board must ensure that policy for FHA implementing FHA does not tolerate illicit discrimination in any transaction relating to residential real estate.18 Financial Education Program Implement a policy that makes available NCUA Letter to Credit Unions for the Board of Directors training for enhancing the financial re: Duties of Federal Credit knowledge of the directors. Union Boards of Directors; NCUA Regulation §701.4; Letter No. 11-FCU-02 (Feb. 2011); 12 CFR pt. 701.4; and 11-CU-04
  14. 14. Required Policy Regulation/ Reference19 Fiduciary Duties Policy Adopt policy that specifies the 12 CFR §701.4 fiduciary duties of the Board of Directors.20 Foreclosure and Repossession Adopt policy to address mortgage NCUA Accounting Manual for Policy foreclosure concerns. FCUs; See NCUA Letter to Credit Unions re: Residential Mortgage Foreclosure Concerns, Letter No. 11-CU- 01 (Jan. 2011)21 Flood Disaster Protection Act Adopt policy for implementing N’tl FDPA; 12 CFR pt. 760 Policy or National Flood Flood Insurance Act Insurance Act Compliance Policy22 Homeowner’s Protection Act Adopt HOPA compliance policies HOPA (HOPA) because NCUA may enforce HOPA.23 Home Mortgage Disclosure Act Adopt policy for implementing HMDA Reg. C Policy when collecting and maintaining accurate data of covered loans/applications.24 Interest Rate Risk Policy Adopt policies as part of the Asset 12 CFR pt. 741 and NCUA Liability Policies of the credit union. Letters to Credit Unions 12- CU-11 and 12-CU-0525 Investment Policy Adopt policies re: liquidity, investment 12 CFR pt. 703.3 objectives, cash deposits, etc.
  15. 15. Required Policy Regulation/ Reference26 Loan Participation Policy Adopt policies re: member loan 12 CFR pt. 701.22(b,c) participation policies and procedures.27 Management Officials Interlocks Adopt compliance policy for 12 U.S.C. 1823(k), 3207; 12 Act Compliance Policy Interlocks Act. CFR pt. 711.4-.628 Office of Foreign Asset Control Credit Unions must monitor all Various OFAC laws and (OFAC) Policy and Procedure financial transactions performed by regulations or through in order to detect entities/persons subject to OFAC laws and regulations.29 Privacy Policy Adopt policy re: non-disclosure of 12 C.F.R. pt. 716 non-public information.30 Preservation of Consumer Claims Board must adopt policy for FTC Holder in Due Course and Defenses Policy (Holder in implementing the Preservation of Rule – 12 C.F.R. pt. 433.2 Due Course) Consumers’ Claims and Defenses Rule.31 Purchasing & Payment As part of the security policy, CUs 12 CFR §748 Authorization Policy must maintain policy for verifying identities of members.
  16. 16. Required Policy Regulation/ Reference32 Servicemembers’ Civil Relief Adopt policy for implementing See NCUA Compliance Manual; Act Policy SCRA. 50 U.S.C. App. § 526; and Mortgage Servicing Practices Impacting Military Homeowners Letter to Credit Unions 12-CU-0733 Real Estate Settlement Adopt policy for implementing 24 CFR §3500; Reg. X Procedures Act RESPA and Reg. X. This includes explaining coverage of regulation, exemption and disclosure requirements.34 Records Preservation Program Adopt vital records preservation 12 CFR § 749 and Record Retention Policy program and document retention policy.35 Reimbursement for Providing Adopt policy for implementing Reg. Reg. S Financial Records Policy S for collecting expenses associated with assembling and copying subpoenaed members’ records.36 Reserves on Transaction Adopt policy for implementing Reg. D Accounts Regulation D.37 Residential Mortgage NCUA Letter to Credit Unions 11- Foreclosure Concerns CU-0138 Risk-Based Lending Policies Policies that define parameters of See NCUA Letter to Credit (see also, Concentration Risk risks assumed and internal controls; Unions re: Risk-Based Lending, Policy) manage risks; implement Letter No. 99-CU-05 (June 1999) information systems or monitoring information.
  17. 17. Required Policy Regulation/ Reference39 Secure and Fair Enforcement Establish written policies providing 12 CFR § 761 and Appendix A; for Mortgage Licensing Act basic framework for compliance with NCUA Letter to Credit Unions re: (SAFE Act) Compliance SAFE Act. Compliance Deadline for SAFE Policies Act, Letter No. 10-CU-13 (Aug. 2010)40 Security Program Each CU must institute a written 12 CFR § 748 security program to protect CU from robberies, etc.41 Third Party Vendor Policy Adopt comprehensive policies re: NCUA Letter to Credit Unions re: (Indirect Lending Policies) indirect lending, including Indirect Lending and Appropriate underwriting and monitoring. Due Diligence, Letter No. 10-CU- 15 (Aug. 2010)42 Truth in Savings Act Adopt policy for implementing Truth 12 CFR § 707.2 Compliance Policy in Savings Act, including adopting policies related to activities like: • Account opening disclosures • Dividend calculations • Subsequent disclosures • Member inquiries • Training • Record retention • Advertising • Monitoring43 Truth in Lending Act Adopt policy for implementing Truth Reg. Z in Lending Act.
  18. 18. A Required Policy?Loan Workouts and Troubled Debt Restructured Loans• NCUA Board Action January 26, 2012• 12 CFR 741 Federal Register May 31, 2012• Is the adoption of a policy by the Credit Union’s Board of Directors Required???
  19. 19. Board Action Required for Loan Workout and/or TDR Policy?• NCUA Supervisory Letter of August 2008 08-CU-20 Evaluating Credit Risks to Credit Unions. No mention of policy.• NCUA Board Action Bulletin. “In developing a written policy in this area, the proposed TDR guidance would allow credit union boards and management to consider parameters.”• Final Regulation & IRPS – Federal Register May 31, 2012 1. Regulations amended to require FICUs to maintain written policies. (Summary paragraph) 2. FICUs to have written policies. (Background paragraph)
  20. 20. Board Action Required for Loan Workout and/or TDR Policy? (continued)3. Adoption of written workout policies by October 1, 2012. (Page 2 of Regulation)4. Final rule and IRPS to give FICU’s management ability to “establish” institution appropriate policies. (Page 2 of Regulation)5. The Final Rule requires the FICU board and management to adopt and adhere to an explicit written policy and standard that control the use of loan workouts. (Page 6 of Regulation)6. Accordingly, the credit union board and management must adopt and adhere to an explicit written policy and standards that control the use of loan workouts, and establish controls to ensure the policy is consistently applied.” (IRPS/Final Regulation page 8) • Board and management??
  21. 21. A Required Policy? Concentration Risk Policy?• The Board of Directors must establish a policy which addresses its philosophy on Concentration Risk. NCUA Supervisory Letter 10-CU-03 and March 2010, page 5.• The NCUA Board adopted a final amendment to Part 741 requiring FICUs to have a written policy to address IRR. NCUA Board Bulletin of January 26, 2012.• Final Regulations and IRPS – Federal Register February 2, 2012 1. The Rule includes an Appendix B setting forth guidance. It leaves to each affected credit union’s board of directors the obligation and responsibility to adopt a policy. (Page 2 of Regulation)
  22. 22. A Required Policy? Concentration Risk Policy? (continued)2. A credit union must adopt and develop an IRR policy. (Page 3 of Regulation)3. FICUs should devise a policy and risk management appropriate to their own situation. (Page 6 of Regulation)4. All FICUs required to have an IRR policy and program should incorporate the following 5 elements into their IRR program: 1. Board-approved IRR policy. (Page 8 of Regulation) 5. The Board should annually access the IRR policy. (Page 9 of Regulation)
  23. 23. A Required Policy? Suspense of Member Services Denial of Member Services• No regulation.• No Letter to Credit Unions.• No IRPS.• No Adopted Law.• NCUA Office of General Counsel 1. Letter of February 27, 1993 – An FCU may limit all services except the member fundamental rights. The Board of Directors would need to adopt a policy and disseminate it to members. 1. Letter of June 22, 1994 – Reduced Services – as long as the FCU has a rational basis for limiting services we would have no legal objection. (No mention of Policy)
  24. 24. A Required Policy? Suspense of Member Services Denial of Member Services (continued)3. Letter of February 7, 1996 – An FCU Board of Directors may fashion a number of policies to deny credit union services.3. Letter of June 10, 1996 – Denial of most services requires “a policy.”3. Letter of April 18, 1997 – A Federal Credit Union may adopt a policy of denying services to a member who has a delinquent loan.6. Letter of April 26, 1999 – A policy that withholds dividends on the full amount of funds in a member’s share account violates NCUA regulations.
  25. 25. A Required Policy? Suspense of Member Services Denial of Member Services (continued)7. Letter of March 31, 1999 – Denial of member services requires a policy.7. Letter of August 12, 2008 – a. An FCU may have a policy suspending and limiting services to members. b. “We” would have no objections to suspending certain services to member where there is a logical relationship between objectionable conduct and the services to be suspended. c. FCUs need to ensure that the policy is in writing and provided to all members. d. We suggest you consult to determine the applicability of ECOA and the effects test.
  26. 26. Policy Required? Yes No1 Asset Liability Policy • Interest Rate Risk Policy X2 Authentication in an Internet Banking Environment Policies (Online Member X Authentication)3 Bank Secrecy Act Compliance Policy • Customer Identification Program (CIP) X Policy that is required by §326 of the Patriot Act • Anti-Money Laundering Program4 Children’s Online Privacy Protection Act (COPPA) Compliance Policy X
  27. 27. Policy Required? Yes No5 Compliance Policy/Program X6 Consumer Leasing Act Policy X7 Credit by Banks and Persons Other than Brokers or Dealers for the Purpose of X Purchasing or Carrying Margin Stock8 Credit Practices Policy X9 Concentration Risk Policy (Interest Rate Risk) X10 Denial of Services X11 E-Sign Act Policy X
  28. 28. Policy Required? Yes No12 Electronic Fund Transfer Act Policy (EFT) X13 Equal Credit Opportunity Act Policy X14 Expedited Funds Availability Act Policy X15 Fair Credit Reporting Act Policy X16 Fair Debt Collection Practices Act Policy X17 Fair Housing Act Policy X18 Financial Education Program for the Board of Directors X
  29. 29. Policy Required? Yes No19 Fiduciary Duties Policy X20 Foreclosure and Repossession Policy X21 Flood Disaster Protection Act Policy or National Flood Insurance Act Compliance X Policy22 Homeowner’s Protection Act (HOPA) X23 Home Mortgage Disclosure Act Policy X24 Interest Rate Risk Policy X25 Investment Policy X
  30. 30. Policy Required? Yes No26 Loan Participation Policy X27 Management Officials Interlocks Act Compliance Policy X28 Office of Foreign Asset Control (OFAC) Policy and Procedure X29 Privacy Policy X30 Preservation of Consumer Claims and Defenses Policy (Holder in Due Course) X31 Purchasing & Payment Authorization Policy X
  31. 31. Policy Required? Yes No32 Servicemembers’ Civil Relief Act Policy X33 Real Estate Settlement Procedures Act X34 Records Preservation Program and Record Retention Policy X35 Reimbursement for Providing Financial Records Policy X36 Reserves on Transaction Accounts X37 Residential Mortgage Foreclosure Concerns X38 Risk-Based Lending Policies (see also, Concentration Risk Policy) X
  32. 32. Policy Required? Yes No39 Secure and Fair Enforcement for Mortgage Licensing Act (SAFE Act) X Compliance Policies40 Security Program X41 Third Party Vendor Policy (Indirect Lending Policies) X42 Truth in Savings Act Compliance Policy X43 Truth in Lending Act X
  33. 33. LawsBank Bribery Act Policy Fair Housing Purchasing & Payment Authorization PolicyBankruptcy Policy FDCPA Records PreservationBylaw Flood Disaster Regulation ECAN-SPAM Policy FLSA RESPACharge Off FMLA Security PolicyChildren’s Online Policy Foreclosure Software PolicyConsumer Leasing Act HMDA Taxpayer Identification MatchingCredit Practices HOEPA (Home Ownership & TIL Equity Protection Act)ECOA Office of Foreign Assets Control Truth in Savings PolicyEmployment Policy OSHA Whistleblower PolicyExpedited Funds Act Patriot Act Wire Transfer PolicyFair Credit Reporting Act Privacy Act Workers Compensation
  34. 34. Allowed by Law or NCUA? List of Required Board Adopted Policies *Some need to be annually reviewedAllowance for Loan Loss Policy Id Theft (717.90) (Board or Loan Non-Accrual (741.3)(TDR 741.3) appropriate committee)Board Volunteer Expense Identity Theft Protection Loan Participation PolicyReimbursement (701.33) Policy* (717.90) (701.22(b)(c))Board/Volunteer Education (Standard Indirect Lending (10-CU-15) MBL Policy* (723.5a)Bylaws, Article VI, Section 6d)BSA* (748.2(b)) (Interest Rate Risk; Information Security Member Id. Policy (748 – Board or741(b)(5)(i) may be included in ALM)* Program/Records committee of Board) Preservation (749)Business Continuity Disaster Insurance/Fidelity Bond Privacy (716)Preparedness (749) Coverage* (Bylaws)Concentration Risk (10-CU-03; Investment Policy/ALM (703) Risk Based Lending (99-CU-05)10-CU-02) (701.23)Courtesy Pay (701.21(c)(3)) Interest Rate Risk* (see BSA) SAFE Act (Mortgage Licensing Act of 2008)Denial of Services Policy (General Lending (701.21(c)(2)) Security Program (748)Counsel Letters)E-Commerce Policy (02-CU-17) Loan Collections (Bylaws, Article Truth in Savings (707.2) VI, Section 6C)Foreclosure & Repossessed Assets Loan Incentive Policy* Unlawful Internet Gambling Act(08-CU-25) (701.21(c)(8)(iii)(c))
  35. 35. Policy as Defined by NCUA• It is important to remember that even if there is no regulatory requirement for Board approval, the Credit Union Board still has the ultimate responsibility for the operations of the Credit Union.• The NCUA Examiner’s Guide states “The Board must approve all major policies. Further, it should review, and if necessary, update those policies at least annually.”
  36. 36. Fish, or Cut Bait Anthony Demangone September 18, 2012• “Not making decisions. Listen, investigate, seek suggestions, but whatever you do, decide.” Dan Rockwell• “So go ahead and act as if your decisions are temporary. Because they are. Be bold, make mistakes, learn a lesson and fix what doesn’t work. No sweat, no need to hyperventilate.” Seth Godin• “There you have it. Fish, or cut bait. Use due diligence. Do your homework. But by all means, decide. Make a choice. It will provide clarity, efficiencies, and a new direction.” Anthony Demangone
  37. 37. E. Andrew Keeney, Esq.Kaufman & Canoles, P.C.150 West Main Street, Suite 2100Norfolk, VA 23510(757)
  38. 38. NCUA Board of Directors Policies –Which Ones Truly Require Action? October 26, 2012 E. Andrew Keeney, Esq. Kaufman & Canoles, P.C.