Dear Board of Directors:
The purpose of this letter is to provide Federally Insured Credit Unions with the enclosed guidance, developed collectively by the Federal Financial Institutions Examination Council, in an effort to assist credit unions engaging in or considering, the operation of the Remote Deposit Capture service (RDC). Credit unions should comply with this guidance in the planning, implementing, contracting, and processing of RDC activities.
RDC is an automated deposit transaction delivery system enabling members to scan items, typically checks, from remote locations and electronically transmit the electronic images or captured digital data to credit unions for posting and clearing. RDC may provide benefits to both credit unions and their members; however, this service can introduce additional legal, compliance, and operational risks.
Performing effective risk management is the key to mitigate and control associated risks. The risk management process includes:
· Risk Assessment. Management should perform a comprehensive risk assessment to identify and assess legal, compliance, and operational risks.
· Risk Mitigation and Controls. Management should establish policies addressing risk tolerance levels, internal procedures and risk controls, risk transfer mechanisms, and contracts and agreements.
· Risk Measuring and Monitoring. Management should establish operational performance metrics, benchmarks and standards, and develop management reports to support management oversight of RDC operations.
To ensure sound implementation and ongoing operations, the board of directors should approve and oversee the RDC plans and policies, and review performance and risk management reports.
If you have any questions, please contact your NCUA Regional Office or State Supervisory Authority.