Go to:

March 2019
< Feb Apr >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

NCUA's Matz Addresses CU Volunteers as First Line Defenders
Wednesday, January 28, 2015 6:25 AM

Credit union volunteers helped guide their institutions through the financial crisis, and now they should work with management to address future risks, National Credit Union Administration Board Chairman Debbie Matz said last week.

Matz spoke to participants attending the annual Volunteer Leadership Institute. She discussed the looming challenges of interest-rate risk and cybersecurity and posed questions about risk planning for volunteer directors to ask credit union management.

"You are the first line of defense against potential losses," Matz said. "Engaged volunteers have led credit unions diligently, from recession through recovery. You have turned unprecedented challenges into enduring opportunities. With the financial crisis behind us, we need to discuss the challenges ahead, including interest-rate risk, cybersecurity and the need for credit unions to hold adequate capital." 

Interest Rate Risk Warnings
Matz said the interest-rate risk for the credit union system is now higher than it was before the crisis. Net long-term assets have risen from 25 percent of all assets 10 years ago to 35 percent today. With the most recent rise in long-term interest rates, Matz said, credit unions saw a $5 billion negative swing as unrealized gains became unrealized losses, possibly foreshadowing actual losses if future rate hikes compress interest margins.

Matz encouraged volunteer directors to use that information and ask management questions about interest-rate risk exposure, including:

  • How is management measuring a credit union's interest-rate risk exposure?
  • What has management learned from shock testing?
  • Should a credit union change its balance sheet, product pricing or investment strategy to avoid excessive interest rate risk?
  • How should the credit union's interest-rate risk policy be updated to reflect the Fed's new interest rate forecast?
  • What internal controls ensure the credit union will follow the board's interest-rate risk policy?

Cybersecurity Assessments
Cyber threats are likewise growing at an alarming rate, Matz said, as the number, variety and sophistication of fraudsters and terrorists increases. She said hackers could break into and use a vulnerable credit union as an entry point into the larger financial system.

NCUA examiners will expect credit unions to put mitigation controls into place to better detect, protect against, and recover from cyberattacks. Matz encouraged credit union volunteers to tap into NCUA's online cybersecurity resources and to ask management questions like:

  • What are the potential vulnerabilities of hackers using the credit union as an entry point to gain access to larger interconnected systems?
  • Has staff done due diligence to evaluate the cybersecurity of every vendor and every payment system with which the credit union has a digital relationship?
  • How could the national cybersecurity standards in the NIST framework help further protect a credit union and its members?
  • How should the credit union consider changing its cybersecurity protocols, based on guidance from the Federal Financial Institutions Examination Council?

Revised Proposed Rule on Risk-Based Capital
Matz also reviewed changes in NCUA's revised proposed risk-based capital rule. Some of the major changes in the revised proposed rule include exempting more credit unions, extending the implementation timeframe, revising the risk weights, lowering the well-capitalized threshold, and removing interest rate risk.

NCUA has posted more information about the rule on its Proposed Risk-Based Capital Rule Resources webpage.