)
or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
The NCUA is providing credit unions with guidance on policies required by the Federal Credit Union Act, NCUA regulations, and Federal Credit Union Bylaws, as well as required review timeframes (if any).1 The purpose of this page is to aid credit union management and the board of directors in their policy review processes.
Required Policies with Review Timeframes
Of all the policies required by the Federal Credit Union Act, NCUA regulations, and Federal Credit Union Bylaws, seven have a required review frequency. The table below illustrates the policies credit unions must establish with an outlined required review frequency.
| Subject | Applicability | Citation(s) | Review Frequency |
|---|---|---|---|
| Capital | Federally Insured Credit Unions with Assets of less than $10B | §702.303 | At least annually |
| Charitable Donation Accounts | Federal Credit Unions Engaged in the Activity | §721.3(b)(2)(iv) | Annually |
| Commercial Lending | Federally Insured Credit Unions Engaged in the Activity | 1) §723.3(a)(1); 2) §741.203(a)2 |
Annually |
| Derivatives | Federal Credit Unions Engaged in the Activity | §703.106(c) | At least annually |
| Employee Incentive or Bonus Program | Federally Insured Credit Unions Engaged in the Activity | 1) §701.21(c)(8)(iii)(C); 2) §701.23(g)(2)(iii); 3) §741.203(a)3 |
Annually |
| Identity Theft Prevention | Federal Credit Unions | §717.90(d)(2) | Periodically |
| Investment | Federally Insured Credit Unions | 1) §703.3; 2) §741.3(b)(3) |
At least annually for federal credit unions |
A complete guide of policies or written programs required or recommended by the Federal Credit Union Act, NCUA regulations, and Federal Credit Union Bylaws is found in the two tables below.
Required Policies4
| Subject | Applicability | Other Applicability Criteria | Citation(s) | Review Frequency |
|---|---|---|---|---|
| BSA/AML Compliance Program | Federally Insured Credit Unions | None | 1) Act §1786(q); 2) Act §1772d(b)(2);5 3) §748.2(b)(1) |
Not stated |
| Capital | Federally Insured Credit Unions | Total assets of $10 billion or more | §702.303 | At least annually |
| Cash Management | Federally Insured Credit Unions | Applies for Central Liquidity Facility Access | §725.18(c) | Not stated |
| Change of Address | Federal Credit Unions | Issues Debit or Credit Cards | §717.91(c) | Not stated |
| Charitable Donation Accounts (CDAs) | Federal Credit Unions | Funds a CDA | §721.3(b)(2)(iv) | Annually |
| Commercial Lending | Federally Insured Credit Unions | Engages in commercial lending | 1) §723.3(a)(1); 2) §741.203(a)6 |
Annually |
| Contingency Funding Plan | Federally Insured Credit Unions | Total assets of $50 million or more | §741.12(b) | Not stated |
| Derivatives | Federal Credit Unions | Engages in derivative activities | §703.106(c) | At least annually |
| Eligible Obligations | Federal Credit Unions | Engages in the purchase, sale, or pledge of eligible obligations | 1) §701.23(b)(1); 2) §701.23(c); 3) §701.23(d)(1) |
Not stated |
| Employee Incentive or Bonus Program | Federally Insured Credit Unions | Offers an incentive or bonus to non-senior management employee connected to loan or loans made | 1) §701.21(c)(8)(iii)(C); 2) §701.23(g)(2)(iii); 3) §741.203(a)7 |
Annually |
| Foreign Branching | Federally Insured Credit Unions | Engages in foreign branching | §741.11(c)(5) | Not stated |
| Identity Theft Prevention | Federal Credit Unions | Maintains or offers one or more covered accounts8 | §717.90(d)(2) | Periodically |
| Interest Rate Risk | Federally Insured Credit Unions | Total assets more than $50 million | §741.3(b)(5) | Not required, but Appendix A recommends annually |
| Investment | Federally Insured Credit Unions | None | 1) §703.3; 2) §741.3(b)(3) |
At least annually for Federal Credit Unions |
| Lending – General | Federally Insured Credit Unions | Lends to members | 1) Act §1761b(20); 2) §701.21(c)(2); 3) §741.3(b)(2) 4) Bylaws Article VI, Section 6(c) |
Not stated |
| Lending – Nonaccrual9 | Federally Insured Credit Unions | Accrues interest according to GAAP10 | 1) §741.3(b)(2); 2) Part 741, Appendix B |
Not stated |
| Lending – Overdraft | Federal Credit Unions | Advances money to member without a credit application | §701.21(c)(3) | Not stated |
| Lending – Payday Alternative Loans – Aggregate Dollar Limit Only | Federal Credit Unions | Offers Type I or II Payday Alternative Loans | §701.21(c)(7)(iii)(A)(8) | Not stated |
| Lending – Workout11 | Federally Insured Credit Unions | Offers workout loans to borrowers in financial difficulties including re-agings, extensions, deferrals, renewals, or rewrites | 1) §741.3(b)(2); 2) Part 741, Appendix B |
Not stated |
| Liquidity | Federally Insured Credit Unions | None | §741.12(a) | Not stated |
| Loan Collection Program | Federal Credit Unions | None | Bylaws Article VI, Section 6(c) | Not stated |
| Loans to Credit Unions | Federal Credit Unions | Lends to other credit unions12 | §701.25(b) | Not stated |
| Member Expulsion | Federal Credit Unions | Elects to use this method of member expulsion | 1) Act §1764(b); 2) Bylaws Article II, Section 1(b) |
Not stated |
| Participation Loans | Federally Insured Credit Unions | Engages in participation lending | 1) Act §1757(5)(E); 2) §701.22(b)(5) |
Not stated |
| Records Preservation Program | Federally Insured Credit Unions | None | §749.0 | Not stated |
| Reimbursement, Insurance, and Indemnification of Officials | Federal Credit Unions | Reimburses officials for costs incurred to carry out official credit union business | §701.33(b)(2)(i) | Not stated |
| Security Program | Federally Insured Credit Unions | None | §748.0(a) | Not stated |
| Subordinated Debt | Federally Insured Credit Unions | Issues subordinated debt | §702.408(b)(10) | Not stated |
| Training for Officials | Federal Credit Unions | None | Bylaws Article VI, Section 6(d) | Not stated |
Recommended Policies13
| Subject | Applicability | Other Applicability Criteria | Citation(s) | Review Frequency |
|---|---|---|---|---|
| Information Security Program | Federally Insured Credit Unions | None | Part 748, Appendix A14 | Annually15 |
| Interest Rate Risk | Federally Insured Credit Unions | Total assets of $50 million or less | Part 741, Appendix A | At least annually |
Other Credit Union Policies
Besides the policies required by law, regulation, or the credit union’s Bylaws, a credit union should tailor its policies based on its organizational needs. For any policy not required, the policy adoption and review frequency may depend on various internal and external factors, including changes to the credit union’s current and future product and service offerings, complexity, financial condition, field of membership, location, and the economic environment.
Besides policies with required review frequencies stated above, credit unions may tailor their policy review schedule to their organizational needs. Credit unions may decide their review schedule for certain policies does not requiring an annual review. They may also decide what policies not required by law or regulation may no longer apply to their operations and can be ended, and if any new policies should be established.
Federally insured, state-chartered credit unions should consult with their state supervisory authority regarding any other required policies and their review frequency.
NCUA Guidance and Resources
On its website, the NCUA offers resources to streamline the policy management processes. These resources include the Draft Proposed Policies section of the Federal Credit Union Charter Application for prospective new charters that all credit unions could use for guidance, and a Board Policy and Regulatory Oversight online class through the Office of Credit Union Resources and Expansion’s Learning Management System (LMS). Users must create an LMS account to access training.
Footnotes
1 Sections of the Federal Credit Union Act and NCUA regulations require credit unions to have written programs, which may be in the form of a policy. For example, part 748 requires a written Bank Secrecy Act compliance program.
2 Per §741.203(a), federally insured, state-chartered credit unions are required to adhere to the requirements stated in part 723 concerning commercial lending and member business loans unless the state supervisory authority administers a rule that at least covers all the provisions in part 723 and is no less restrictive, upon determination by NCUA. In nonexempt states, all required NCUA reviews and approvals will be handled in coordination with the state supervisory authority.
3 See footnote #2 above.
4 Other policies may be required by federal or state statute. This list is limited to policies or procedures required by the Federal Credit Union Act, NCUA regulations, or the Federal Credit Union Bylaws. Policies should be established prior to beginning the program. Credit unions are not required to establish standalone policies for each item listed; similar subjects may be combined into a single policy. Other sections of the Federal Credit Union Act and NCUA regulations require credit unions to have written programs, which may be in the form of a policy.
5 FCU Act §1772d(b)(2) states the NCUA Board shall issue a notice of its intention to terminate a federally insured credit unions rights, privileges, and franchises if the credit union is convicted of certain money laundering or cash transaction reporting offenses. In deciding whether the credit union’s franchise should be forfeited, one factor the Board must consider is if the extent to which the offense occurred despite the existence of policies and procedures within the credit union which were designed to prevent the occurrence of any such offense.
6 See footnote #2 above.
7 See footnote #2 above.
8 §717.90(b)(3)(i)&(ii) of the regulations define a covered account as an account offered primarily for personal, family, or household purposes, that involves or is designed to permit multiple payments or transactions, such as a credit card account, mortgage loan, automobile loan, checking account, or share account; (and), any other account for which there is a reasonably foreseeable risk to members or to the safety and soundness of the federal credit union from identity theft, including financial, operational, compliance, reputation, or litigation risk.
9 Part 741, Appendix B includes guidance related to nonaccrual policies and procedures.
10 §741.6(b) does not require a federally insured credit union with total assets less than $10 million to file financial and other reports reflecting GAAP, unless state law requires a federally insured state-chartered credit union to follow GAAP regardless of asset size.
11 Part 741, Appendix B includes guidance related to workout policies and procedures.
12 Per §701.25, “other credit unions” includes corporate credit unions and privately insured credit unions.
13 This list is limited to policies recommended by the Federal Credit Union Act, NCUA regulations, or the Federal Credit Union Bylaws.
14 Part 748, Appendix A provides information security program guidelines, but the Gramm-Leach-Bliley Act and §748.0 incorporate mandatory requirements related to a credit union’s information security program.
15 Each credit union should report to its board or appropriate committee of the board at least annually the overall status of the information security program.