Board Action Bulletin
ALEXANDRIA, Va. (Oct. 15, 2020) – Using a live audio webcast, the National Credit Union Administration Board held its eighth open meeting of 2020 and unanimously approved two items:
- A proposed rule that would modernize the NCUA’s derivatives rule and make it more principles-based.
- A final rule that updates and clarifies several provisions in the agency’s corporate credit union regulations.
In addition, the NCUA Board was briefed on cybersecurity considerations for credit union boards of directors during COVID-19.
Proposed Rule Would Create Principles-based Regulations on Derivatives
The NCUA Board approved a proposed rule that amends the agency’s derivatives rule in Subpart B to Part 703 to allow more flexibility for federal credit unions to manage their interest rate risk through these financial instruments.
“I am pleased that we have been able to refine the derivative rule and make it more flexible for federal credit unions,” NCUA Chairman Rodney E. Hood said. “This is indeed an unprecedented and uncertain time for all credit unions as they are facing the economic fallout from the COVID-19 pandemic. I believe that enhancing the ability of federal credit unions to better protect themselves against market risks is critically important at all times. In fact, managing balance sheet risks through a time of disruption and uncertainty underscores how important it is for credit unions to have tools, like financial derivatives, at their disposal to help guard against volatile economic periods that can hurt liquidity, earnings and capital.”
The proposed changes include:
- Eliminating the preapproval process for federal credit unions that are complex with a Management CAMEL component rating of 1or 2;
- Eliminating the specific product permissibility; and
- Eliminating the regulatory limits on the amount of derivatives a federal credit union may purchase.
Comments on the proposed derivatives rule (opens new window) are due 60 days after publication in the Federal Register.
Board Approves Final Corporate Rule
The Board approved a final rule (opens new window) that updates and simplifies several provisions of the NCUA’s corporate credit union regulation, including:
- Permitting a corporate credit union to make a minimal investment in a credit union service organization (CUSO) without the CUSO being classified as a corporate CUSO under the NCUA’s rules;
- Expanding the categories of senior staff positions at member credit unions eligible to serve on a corporate credit union’s board; and
- Amending the minimum experience and independence requirement for a corporate credit union’s enterprise risk-management expert.
The final corporate credit union rule is effective 30 days after publication in the Federal Register.
Cybersecurity Risks Remain Elevated During COVID-19
Throughout the COVID-19 pandemic, the financial services industry, including credit unions, remains a major target for hackers and thieves, and these actors are adapting their techniques to take advantage of the increased use of remote operations.
The Special Advisor to the Chairman for Cybersecurity briefed the Board on emerging and potential cyber threats affecting financial services and other critical infrastructure. His full presentation is available on the NCUA’s website. (opens new window)
Credit union boards of directors play a critical role in strengthening their institution’s cyber preparedness levels. As these directors evaluate their institution’s information security programs, the NCUA encourages them to evaluate their responses to these four questions:
- Have business impact and business process scenarios been reviewed and revised in the continuity plans based on the operating conditions of COVID-19?
- How are policies and procedures related to remote access being strengthened to address the heightened risks created by employees working from home?
- Has the incident management plan been updated for leadership and employees in a remote working environment?
- How is the business changing its strategic priorities in the short, mid, and long term to address the potential change to norms?
The NCUA has a cybersecurity resources webpage to provide credit unions with important information, including regulations and guidance, about protecting themselves and their members from cyber threats.
The NCUA tweets all open Board meetings live. Follow @TheNCUA (opens new window) on Twitter, and access Board Action Memorandums and NCUA rule changes at www.ncua.gov. The NCUA also live streams, archives and posts videos of open Board meetings online.