When It Comes to NCUA’s Supervisory Priorities: Houston, We Have a Problem

The order of the NCUA’s supervisory priorities released on Monday will do nothing to assuage the concerns of those of us who believe the NCUA is putting too much emphasis on consumer compliance oversight when there are much more important issues that relate more directly to the safety and soundness of the industry that need to be addressed.

The supervisory priority list is, of course, a key document, especially for small- and medium-sized credit unions that must decide how best to spend limited resources: Investing time and money in legal and compliance issues or offering the products and services their members want. Making these decisions is getting harder and harder as the industry rapidly consolidates, and the size of credit unions continues to diverge.

One of the most frustrating challenges faced by these small credit unions is the cost of compliance. Their concerns will not be mollified once they read this list. While the top two priorities on the list – credit and liquidity risk – make perfect sense, consumer financial protection is astoundingly listed ahead of information security in terms of the agency’s priorities.

We are just recovering from the Ongoing Operations data breach in which 60 credit unions were locked out of their core operating systems for up to a week. If this happens many more times, we won’t have to worry about how well credit unions are complying with consumer protection regulations, because there won’t be all that many credit unions left.

Despite the fact that the need to rapidly assist small credit unions in updating their cybersecurity protection has never been clearer, the NCUA has decided that consumer compliance is an even bigger concern of the industry.

Frankly, it’s a very strange message to be sending boards. It gets even stranger when you look at the specific consumer compliance issues to be emphasized by the examiners this year. Overdraft programs are already subject to the scrutiny of the Bureau. Rumor has it the Bureau even proposed what the American Bankers Association’s compliance journal correctly describes as a “backdoor de facto cap” on overdraft fees for institutions with $10 billion or more in assets.

As for the review of indirect auto lending programs, I hope this doesn’t mean that innovative attempts to utilize the increased flexibility given to credit unions to utilize technology to expand indirect lending opportunities is going to be micromanaged at the very time when credit unions should be encouraged to aggressively experiment with new platforms. That was the whole point of the amendments to the loan participation and eligible obligation regulations just this past Fall.

And it’s not as if there’s a shortage of incentives to encourage even the most cynical of credit union CEOs to comply with fair lending laws. Class-action lawyers have been scrutinizing credit union member service agreements for more than a decade now and are showing absolutely no hesitation to sue when they spot allegedly unlawful overdraft practices. They have also shown a willingness to allege noncompliance with GAP procedures. Last, but certainly not least, state attorneys general and other state level regulators are not exactly hesitant to scrutinize practices. My point is not that these are unimportant initiatives; they are. But when it comes to deciding the areas most in need of supervision by the NCUA, the actions being taken by other regulators should certainly be taken into account.

Of course, fair lending has been, should be and hopefully always will be a primary concern for the industry. After all, the need to ensure that everyone can access a fair financial deal is one of the primary reasons we have a credit union industry in the first place. But everyone has limited resources and time. The question is, what has the NCUA discovered to justify this sudden need for increased scrutiny? In other words, is noncompliance with GAP insurance so systemically rampant within the industry that, without the increased scrutiny of examiners, it poses a greater safety and soundness risk to the industry than interest rate risk or BSA compliance, for that matter, both of which are behind consumer protection on the NCUA’s list of priorities?

Henry Meier is the former General Counsel of the New York Credit Union Association, where he authored the popular New York State of Mind blog. He now provides legal advice to credit unions on a broad range of legal, regulatory and legislative issues. He can be reached at (518) 223-5126 or via email at henrymeieresq@outlook.com.