C-O-M-P-L-I-A-N-C-E By The Letters
Here’s a letter-by-letter lookat 2012’s regulatory challenges.
Google the word “compliance” and you get about 362 million results, which seems like the number of regulations credit unions are expected to comply with today.
Credit unions’ current compliance environment makes us want to define “kәm-pli-әns” this way: “continually changing requirements; piecemeal action; mind-reading required.”
Let’s break down the word “compliance” letter by letter to better understand the regulatory challenges credit unions can expect to face in 2012 and beyond.
The immediate regulatory priorities of the new Consumer Financial Protection Bureau (CFPB), which officially began operations in mid-2011, are:
- A new mortgage disclosure form that combines the Truth in Lending (TIL) Act and Real Estate Settlement Procedures Act (RESPA) rules, required by the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010;
- Yet another revision of credit card disclosures; and
- Better information about student loans.
The bureau has launched “Know Before You Owe” projects on each of these subjects.
Based on public outcry about fees, expect the CFPB this year to also look at account-opening disclosures. This means reviewing Truth in Savings, overdraft, and check-hold rules.
What else? The agency has asked for public input through March on exactly that question: What other consumer financial laws should the bureau focus its attention on this year? Find CUNA’s comment letter at cuna.org under “regulatory advocacy.”
Office of Consumer Protection and consumer complaints
The very first mission of the CFPB listed in the Dodd-Frank Act is “to collect, investigate, and respond to consumer complaints.” The bureau started with complaints about credit cards and has added mortgage loans. Consumers can file complaints via a website, but soon they may have a toll-free number to call. Because only the three largest credit unions are under CFPB’s direct supervision, complaints about all other credit unions will be sent to NCUA.
NCUA has created an Office of Consumer Protection that, among many other duties, handles member complaints. For years, NCUA has asked supervisory committees to investigate and respond to members. Now, NCUA is asking supervisory committees to investigate and respond to NCUA, which in turn will respond to members. This is explained in NCUA’s Letter to Credit Unions No. 11-CU-17.
Financial institutions are understandably concerned that complaints about a particular institution’s financial product could result in burdensome revisions of consumer regulations affecting every financial institution. Bank of America’s short-lived plan to institute monthly debit card fees has undoubtedly moved up a review of account disclosures on the CFPB’s priority list.
Mortgage compliance burden
Ideally, the greatest regulatory relief that credit unions could receive in 2012 would be for the CFPB to look at mortgage lending in its totality and issue a comprehensive package of regulatory revisions that affect consumer mortgages. Although CUNA has asked for exactly that relief, it won’t happen. Credit unions will continue to see revisions in mortgage lending regulations done on a piecemeal basis.
In mid-2009, the Federal Reserve Board proposed a major overhaul of the mortgage lending rules in Regulation Z (which implements TIL). These changes have never been finalized. In 2010, the Fed issued additional proposed Reg Z amendments, but then announced that all the comments it received would be transferred to the new CFPB. In 2011, mortgage lending programs were subject to a head-spinning number of piecemeal compliance changes affecting disclosures, appraisals, escrow, and staff registration.
As mentioned above, the bureau is reconciling the TIL-RESPA disclosures into one form. While it might complete that project this year, compliance won’t be expected until sometime in 2013.
The Dodd-Frank Act also amended TIL to require new “ability to repay” rules for consumer mortgages. These rules are likely to be the first major Reg Z rules the bureau adopts. Other proposals affecting mortgage lending—credit retention, additional escrow rules, and servicing—will be under active consideration this year.
Next: Protection of electronic transactions
Protection of electronic transactions
Electronic access to funds is growing at a rapid pace, as are the potential threats to data security. Many suggest that Reg E, which implements the Electronic Fund Transfer Act enacted in 1978, hasn’t kept pace in protecting consumers. Congress continues to sporadically debate data-security bills, especially in the wake of well-publicized data breaches. NCUA and the federal banking agencies expect financial institutions to review their security programs at least annually and before implementing new electronic services.
In July 2011, NCUA issued Letter to Credit Unions No. 11-CU-09, titled “Online Member Authentication Guidance Compliance,” to address concerns about the increased incidence of online transaction fraud and identity theft, and to highlight some key precautions institutions should take if they offer electronic services. Although the letter mentioned Jan. 1, 2012, that wasn’t a compliance deadline, but rather the date when examiners were to begin asking credit unions if they have:
- Reviewed and updated as appropriate their risk assessment of offering electronic financial services;
- Discussed with their vendors any needed enhancements; and
- Established a reasonable time frame for compliance.
NCUA is clear about its concerns with recent lending trends. “New auto loans continued to decline, while riskier types of loans weighed more heavily on credit union books. Unsecured loans, nonfederally guaranteed student loans, and first mortgages all increased for consecutive quarters,” the agency says in Letter to Credit Unions 12-CU-01. The letter focused on financial results for the first three quarters of 2011.
NCUA is particularly concerned about large, long-term, fixed-rate mortgage loan portfolios, modified loans, indirect lending programs, and loan participations. Although supportive of legislative efforts to increase the member business loan (MBL) cap, NCUA has concerns about the delinquencies and charge-offs credit unions holding MBLs are experiencing.
NCUA issued a proposal at the end of 2011 to amend its loan participation regulation (the comment period closed last month). Credit unions believe the direction NCUA is taking could undermine partnerships they’ve developed to increase lending opportunities and address concentration risks. NCUA is concerned that credit unions purchasing loan participations have failed to perform adequate due diligence at the beginning of the process and failed to monitor the performances of the loans.
Under NCUA’s proposal, all federally insured credit unions would be subject to concentration limits and minimum requirements in loan participation agreements. And state-chartered credit unions would become subject to the requirement already applicable to federal credit unions that the originating lender retains at least a 10% interest in the outstanding balance.
In 2011, the National Credit Union Share Insurance Fund experienced some losses due to loan participations. Seeing the agency respond by proposing an overhaul of its loan participation regulation, rather than seeing more targeted supervisory actions, could portend more lending regulations to address problems found with indirect or business lending programs at some credit unions.
Interchange fee restrictions
The Fed finalized its debit card interchange rule last June. Fee restrictions went into effect Oct. 1, 2011, for banks and credit unions with more than
$10 billion in assets. But the impact of the interchange rules on all credit unions has yet to be determined.
Retailers are suing the Fed for allowing a maximum fee higher than originally proposed, businesses are discouraging the use of debit cards for small transactions, and card issuers and networks are working on the implementation of the so-called “exclusivity provision.” It’s the one specific compliance requirement in the Fed’s new Regulation II that affects all credit unions, regardless of size, that issue debit cards.
This might be more accurately called the “nonexlusivity provision.” By April 1, 2012, all debit card issuers must provide a debit card that can be processed on at least two unaffiliated card networks, such as one signature network and one personal identification number (PIN) network. Alternatively, an issuer can provide a signature-only debit card that can be processed on two or more unaffiliated signature networks, or a PIN-only debit card that can be processed on two or more unaffiliated PIN networks.
Next: Assessment of risks
Assessment of risks
NCUA’s Letter to Credit Unions No. 12-CU-01 succinctly lists the agency’s “Supervisory Focus for 2012.” It’s no secret that the focus is on what credit unions are doing to identify and manage risks. The performance of real estate, business, and participation loans—credit risk—is a major focus, and examiners will look closely at how credit unions are modifying loans and monitoring the performance of those modified loans. Examiners will continue to be concerned about new and outsourced loan programs and will expect to see “suitable limits in relation to net worth and total loans or total assets” for these programs.
NCUA is very concerned about interest-rate risk (IRR), especially since so much of members’ savings are in rate-sensitive accounts, and many credit unions are holding large, fixed-rate mortgage portfolios. In January, NCUA adopted a new regulation requiring federally insured credit unions with $50 million or more in assets to have formal IRR policies and programs. Also federally insured credit unions with between $10 million and $50 million in assets that have a percentage of first mortgages and investments with maturities greater than five years that equals or is greater than 100% of the credit union’s net worth must comply. All credit unions with less than $10 million in assets are exempt from the new IRR rules. The regulation includes an appendix with guidance on how credit unions can structure their IRR programs. The regulation is effective Sept. 30, 2012. The reality is that for some time, examiners have been requesting documentation of how credit unions expect to respond to rising interest rates.
Growing portfolios of long-term, fixed-rate mortgages and longer-term investments pose liquidity and concentration risks that examiners expect credit unions to address. NCUA is currently formulating a proposal to require all federally insured credit unions to have emergency access to backup federal liquidity (such as through the Fed’s discount window or NCUA’s Central Liquidity Facility). And the agency is expected to issue a proposed rule some time in 2012 to establish investment concentration exposure limits.
There’s always going to be what some refer to as a “natural tension” between the regulator and the regulated. And there will always be complaints of unequal treatment by examiners. But in the trying economic times of recent years, tension and complaints have definitely increased. On behalf of credit unions, CUNA regularly discusses problems with NCUA and suggests appropriate actions.
A recent example of hopeful progress involves loan modifications. There seemed to be a disconnect between what NCUA’s central office has said about working with members having problems and what field staff say about credit unions’ handling of troubled debt restructuring (TDR). CUNA talked to NCUA numerous times in 2011 about the need for better guidance on TDRs. In early 2012, the NCUA Board proposed a regulation and Interpretive Ruling and Policy Statement to address loan workouts, nonaccural policy, and reporting of TDRs. A final regulation is expected this spring.
NCUA has announced that later this year it will adopt a “National Supervisory Policy Manual” to replace regional policies, which should help
to address complaints about examiner inconsistencies. CUNA has asked that this manual be made public.
Last summer, NCUA proposed amending its credit union service organization (CUSO) regulation to require all CUSOs to file financial reports directly with NCUA. Federally insured, state-chartered credit unions would be allowed to deal only with CUSOs that agree to follow NCUA accounting rules, allow supervisory access to their books and records, and be subject to additional restrictions.
NCUA has referred to this as the “CUSO risk transparency rule,” which the agency believes will allow state and federal regulators and credit unions to have a better picture of virtually all CUSOs’ financial condition. The agency believes this is essential due to CUSOs’ enormous importance in providing back-office support and affordable member services to many credit unions. CUNA has questioned NCUA’s legal authority to do what it has proposed doing. At the time this article went to press, the agency and the credit union industry continue to have a dialogue about the agency’s proposal. Expect some revised CUSO rule to be adopted during 2012.
Next: Examiners’ expectations
Recently, a senior NCUA official was asked, “What’s the emphasis in NCUA’s current exam process?” He emphasized two points:
- Evaluating that there is a “robust risk management approach at the credit union,” especially relating to IRR, which “is the next big thing that credit unions will be dealing with as we move out of credit risk issues”; and
- Evaluating that the credit union is performing adequate vendor due diligence because credit unions depend on a wide range of services third parties provide, and because the agency has found a number of significant problems in this area.
When you put the letters c-o-m-p-l-i-a-n-c-e all together, it spells another year of regulatory challenges for credit unions.
KATHY THOMPSON is CUNA’s senior vice president for compliance and legislative analysis. Address any compliance questions to firstname.lastname@example.org.