Risk is the four-letter word on every regulator’s mind, according to the CUNA Environmental Scan Report.
That’s why credit unions must pay attention to new developments in each of the seven “risk factors” NCUA identifies in its Examiner’s Guide, including “strategic risk.”
NCUA broadly defines strategic risk as making adverse business decisions, improperly implementing decisions, or being unresponsive to industry changes.
“This is a good place to discuss NCUA’s November 2013 Supervisory Letter on enterprise risk management [ERM],” says Kathy Thompson, CUNA’s senior vice president of regulatory affairs.
“NCUA makes it clear that [natural person] credit unions aren’t required to implement a formal ERM framework,” she says. “But NCUA believes ERM ‘presents potential benefits to larger [not defined by the agency], more complex credit unions,’ and that examiners ‘should ensure the credit union employs a comprehensive risk management approach, which may or may not include a formal ERM program.’ ”
NCUA’s 2013 letter briefly discusses eight ERM components, and addresses only generally what examiners should look for when evaluating risk, such as the credit union’s risk appetite, potential exposures, risk concentration, management performance, and so on, Thompson says.
“Expect examiners to see if larger credit unions have risk management frameworks that manage risks across the credit union’s entire operations, rather than having a ‘silo’ departmental approach,” she says, “regardless of whether it’s a formal ERM program.”
As examiners receive more training about ERM concepts, Thompson adds, expect them to discuss ERM program components with credit union management, such as the desirability of establishing a “risk culture” throughout the credit union.