The purpose of this letter is to provide guidance for requesting approval of corporate credit union service organization ("CUSO") activities. Beginning April 18, 2011, Section 704 (e) of NCUA's Rules and Regulations requires a corporate CUSO to limit its activities to brokerage services, investment advisory services, and other categories of activities as approved in writing by NCUA and published on NCUA's website. By delaying the effective date of corporate CUSO rule change until April 18, 2011, NCUA is providing corporate CUSOs time to seek approval of additional activities. In addition to approving activities in response to CUSO requests, NCUA may approve selected activities on its own initiative. Once NCUA has approved and published an activity category, any corporate CUSO may engage in the activity without further approval, as long as it operates the corporate CUSO in accordance with any specific requirements set forth in the published approval. Additionally, once an activity is approved, NCUA will not remove that particular activity or make substantial changes to the content or description of that approved activity, except through a formal rulemaking change.
How to Submit Requests
Corporate CUSOs should submit written requests for approval of the specific CUSO activities currently engaged in with supporting documentation to the, attention of Scott Hunt, Director of the Office of Corporate Credit Unions ("OCCU") no later than March 31, 2011i. Requests may be submitted electronically via email to OCCUMail@ncua.gov or to Office of Corporate Credit Unions,1775 Duke Street, Alexandria, VA 22314.
CUSOs activity approval request packages should include, but not be limited to, the following information.
- A letter requesting approval of the specific CUSO activities with supporting documentation.
- Detailed description of each specific activity.
Note: Be specific in describing the activity as some activities may be referred to generically but actually are a combination of different activities. For example, the term "item processing" can encompass a number of different check processing activities.
- Therefore, a request for item processing services must further detail each check processing activity included with the service.
- Background information on each specific CUSO activity. Who utilizes the activity; how this activity is appropriate for supporting the "normal course of business" for credit unions; how many credit unions use the service, or for newly proposed activities, how many users are projected to use the service; etc. Include all information deemed important that supports the CUSO's activities.
- Detailed description of any existing regulatory requirements and surveillance related to the activity. Include a description of any standard control structure(s) surrounding each activity. For example, ACH is governed by NACHA rules and FRB operating, circulars; standard controls include agreements, dual authorization, user, batch, and file limits, day-time constraints, etc.
- Detailed description of the risks associated with the activity and standard mitigating controls that would minimize, or mitigate the risks.
- Description of necessary staff expertise and experience for managing these activities and associated risks.
Note: OGCU's primary focus during the review and approval process will be to determine whether the activity is appropriate for a corporate CUSO and to evaluate the high level, systemic risks associated with the individual activities as well as their impact on the insurance fund. This could result in requests for additional documents related to activity statistics or transaction processing volumes to fully evaluate the risks associated with the activity.
Notification of Approval
CUSOs requesting approval of activities will receive written notice of the activities that are approved. As required by the rule, NCUA will then post approved CUSO activities on the website along with any related restrictions or reporting requirements.
Corporate CUSOs Engaged in Non-Approved Activities
Corporate credit unions must monitor their CUSOs to ensure they are only engaging in approved activities. The new rule requires a corporate to extricate itself from a CUSO that is engaged in activities not preapproved by NCUA. Part 704 allows a corporate credit union to take until October 20, 2011, to divest itself from a CUSO engaging in one or more unapproved activities, but only if the CUSO was engaging in those activities before October 20,2010, and the corporate credit union can establish that those activities satisfied the requirements of section 704.11 as it existed before October 20, 2010.
I hope this information proves helpful in seeking NCUA approval for CUSO activities. I encourage you to reach out to your district examiner or corporate field supervisor if you have any questions or would like to discuss any issues in more detail.