NCUA Chairman Todd Harper testifies before the House Financial Services Committee on Nov. 20, 2024.
Members of the U.S. House of Representatives Financial Services Committee met for the final time this year with the leaders of the four federal banking regulatory agencies. The hearing titled “Oversight of Prudential Regulators” was more of a farewell to the Biden Administration and the Committee’s Chairman, Rep. Patrick McHenry (R-N.C.), who is retiring at the end of this congressional term.
Testimony from the four banking regulators included Vice Chairman for Supervision, Board of Governors of the Federal Reserve Michael Barr, outgoing FDIC Chairman Martin Gruenberg, NCUA Chairman Todd Harper and Acting Comptroller, Office of the Comptroller of the Currency Michael Hsu.
Rep. McHenry spent his opening remarks berating Barr, Gruenberg and Hsu for their “backwards looking approach” to regulation and how they’ve “destroyed their credibility with Congress.” He then jokingly turned to Harper and said, “Thank you for being here.” Harper replied, “You’re welcome.”
During the hearing, Rep. Brad Sherman (D-Calif.) pointed out that under the incoming Trump Administration, Harper can be removed as chair and moved to the board member position. Harper assured Rep. Sherman that he would remain on the NCUA Board until his term expired in 2027.
In his opening statements to the Committee, Harper addressed his concerns over cybersecurity threats to the credit union system and how these threats have revealed the need for the NCUA’s regulatory authority over third-party vendors.
“Overall, 442 credit unions with more than $1 billion in assets hold 77.2% of industry assets,” Harper said. “As a result of this concentration, a cybersecurity vulnerability at a large credit union may threaten the safety and soundness of the entire system. Moreover, cybersecurity threats within the interconnected financial services industry remain high and show no signs of abating. The NCUA, therefore, is fully committed to enhancing its cybersecurity examination program and related activities.”
Harper said the NCUA’s cyber incident reporting rule that went into effect in September 2023 has helped shine a light on the vulnerabilities facing credit unions.
“After one year, the NCUA has received more than 1,000 reportable cyber incidents,” Harper said. “The data also shows that seven out of 10 reportable cyber incidents are related to credit union vendors, further underscoring the need for Congress to reinstate the NCUA’s third-party vendor examination authority,” which has been an ongoing push by Harper as leader of the NCUA Board.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.