Amy K: News from the NCUA
by Amy Kleinschmit, Director of Compliance
At the National Credit Union Administration’s February board meeting, the NCUA approved two final rules, namely the Board amended its investment regulations, 12 CFR 703.14 Permissible investments, to allow FCUs to purchase Treasury Inflation Protected Securities (TIPS). The NCUA also adopted an expanded definition of “rural district” in the NCUA’s Chartering and Field of Membership Manual. Chapter 2, V.A.2 – Definition of Well-Defined Local Community and Rural District is now provides, “The rural district requirement is met if:
• The district has well-defined, contiguous geographic boundaries;
• More than 50% of the district’s population resides in census blocks or other geographic areas that are designated as rural by the United State Census Bureau; and
• The total population of the district does not exceed the greater of 250,000 people or three percent of the population of the state in which the majority of the district is located; or
• The district has well-defined, contiguous geographic boundaries;
• The district does not have a population density in excess of 100 people per square mile; and
• The total population of the district does not exceed the greater of 250,000 people or three percent of the population of the state in which the majority of the district is located.”
FREE Webinar. In case you missed it, the NCUA’s Home Mortgage Disclosure Act webinar is now available online. This 90 minute webinar featured staff from NCUA’s Office of Consumer Protection, the Federal Reserve Board and other federal financial regulators. The webinar addresses common errors identified in HMDA/LAR data and submissions; provides tips for preparing and submitting accurate and timely HMDA LARs; and discusses financial institution management responsibilities in the HMDA process. Find the webinar along with other presentation material at this link: http://www.ncua.gov/News/Videos/Pages/default.aspx.
MBL Guidance. The NCUA recently issued Letter No. 13-CU-02 to Federally Insured Credit Unions regarding Member Business Loan Waivers. The letter and its enclosure can be found here: http://www.ncua.gov/Resources/Pages/LCU2013-02.aspx. The letter and its attachments discuss one-time waivers and blanket waivers. It also discusses how to request a waiver and how the request is evaluated by the NCUA. The Supervisory Letter, which is an attachment to the Letter to Credit unions, discusses obtaining waivers for loan participations. This is important information for credit unions to read if you do MBLs or are considering MBLs.
Risk Alert.
Also in February, the NCUA issued a risk alert on mitigating distributed denial-of-service (DDoS) attacks, which can be found here: http://www.ncua.gov/Resources/Pages/RSK2013-01.aspx.
This alert identifies the appropriate policies and procedures that credit unions who offer Internet-based financial services should implement to guard against DDoS attacks, including filing a voluntary SAR. The alert discusses the key strategies for mitigating DDoS risk which include:
• Performing risk assessments to identify risks associated with DDoS attacks.
• Ensuring incident response programs include a DDoS attack scenario during testing and address activities before, during, and after an attack.
• Performing ongoing third-party due diligence, in particular on Internet and web-hosting service providers, to identify risks and implement appropriate traffic management policies and controls.
Should you have any questions or concerns on these or any other compliance issue, please do not hesitate to contact Amy Kleinschmit at akleinschmit@cuad.coop or 701.214.9721.