To Address Risks, NCUA Board Chairman Suggests Questions for Management
ALEXANDRIA, Va. (Jan. 22, 2015) – Credit union volunteers helped guide their institutions through the financial crisis, and now they should work with management to address future risks, National Credit Union Administration Board Chairman Debbie Matz said today.
“You are the first line of defense against potential losses,” Matz said. “Engaged volunteers have led credit unions diligently, from recession through recovery. You have turned unprecedented challenges into enduring opportunities. With the financial crisis behind us, we need to discuss the challenges ahead, including interest-rate risk, cybersecurity and the need for credit unions to hold adequate capital.”
Matz spoke to participants attending the annual Volunteer Leadership Institute. She discussed the looming challenges of interest rate risk and cybersecurity. She also posed questions about risk planning for volunteer directors to ask credit union management.
Interest Rate Risk Warnings
Matz said the interest rate risk for the credit union system is now higher than it was before the crisis. Net long-term assets have risen from 25 percent of all assets 10 years ago to 35 percent today. With the most recent rise in long-term interest rates, Matz said, credit unions saw a $5 billion negative swing as unrealized gains became unrealized losses, possibly foreshadowing actual losses if future rate hikes compress interest margins.
NCUA maintains an interest rate risk resource page with more information for credit unions.
Matz encouraged volunteer directors to use that information and ask management questions about interest rate risk exposure, including:
- How is management measuring a credit union’s interest rate risk exposure?
- What has management learned from shock testing?
- Should a credit union change its balance sheet, product pricing or investment strategy to avoid excessive interest rate risk?
- How should the credit union’s interest rate risk policy be updated to reflect the Fed’s new interest rate forecast?
- What internal controls ensure the credit union will follow the board’s interest rate risk policy?
Cyber threats are likewise growing at an alarming rate, Matz said, as the number, variety and sophistication of fraudsters and terrorists increases. She said hackers could break into and use a vulnerable credit union as an entry point into the larger financial system.
NCUA examiners will expect credit unions to put mitigation controls into place to better detect, protect against and recover from cyberattacks. Matz encouraged credit union volunteers to tap into NCUA’s online cybersecurity resources and to ask management questions like:
- What are the potential vulnerabilities of hackers using the credit union as an entry point to gain access to larger interconnected systems?
- Has staff done due diligence to evaluate the cybersecurity of every vendor and every payment system with which the credit union has a digital relationship?
- How could the national cybersecurity standards in the NIST framework help further protect a credit union and its members?
- How should the credit union consider changing its cybersecurity protocols, based on guidance from the Federal Financial Institutions Examination Council?
Revised Proposed Rule on Risk-Based Capital
Matz also reviewed changes in NCUA’s revised proposed risk-based capital rule. She said updating the rule was driven by two factors.
“First, it’s required by law,” Matz said. “Second, it’s good public policy. The Federal Credit Union Act requires NCUA to update its risk-based capital standards to be comparable with federal banking agencies. We also need to fix the problem of inadequate capital in high-risk outliers in the credit union system. A modern rule would have helped more credit unions avoid failure and reduced losses to the Share Insurance Fund, which your credit unions all had to pay.”
In designing the revised proposed rule, Matz said, NCUA listened carefully to credit unions’ concerns in reviewing the 2,056 comment letters the agency received after initially proposing a rule change in January 2014. Some of the major changes in the revised proposed rule include exempting more credit unions, extending the implementation timeframe, significantly revising the risk weights, lowering the well-capitalized threshold and removing interest rate risk.
NCUA estimates that the revised proposed rule would require only 27 credit unions to hold more capital based on their higher risks. NCUA has posted more information about the rule on its Proposed Risk-Based Capital Rule Resources
NCUA is the independent federal agency created by the U.S. Congress to regulate, charter and supervise federal credit unions. With the backing of the full faith and credit of the United States, NCUA operates and manages the National Credit Union Share
Insurance Fund, insuring the deposits of account holders in all federal credit unions and the overwhelming majority of
state-chartered credit unions. At MyCreditUnion.gov, NCUA also educates the public on consumer protection and financial literacy issues.