March 11, 2015

2015 NCUA Examinations Focus on Small Credit Union Examination Program

The National Credit Union Administration (NCUA) issues an annual letter to credit unions explaining the supervisory priorities for the upcoming year. This year’s letter is designed to assist credit unions in preparing for their 2015 examination by identifying NCUA’s specific areas of focus.

Letter 15-CU-01 highlights the following areas of concern for examiners in 2015:

  • Cybersecurity
  • Interest Rate Risk (IRR)
  • Bank Secrecy Act Compliance
  • Liquidity and Contingency Funding Plans
  • TILA-RESPA Integrated Disclosure Rule
  • Ability-to-Repay and Qualified Mortgage Standards Rule
  • Small Credit Union Examination Program
  • Lending Programs

A key item addressed in this year’s letter is the Small Credit Union Examination Program (SCUEP). SCUEP streamlines the examination process for small credit unions. NCUA identifies small credit unions as those that have $50 million and below in assets. NCUA has created a three-tiered examination approach that is expected to be fully implemented by the second quarter of 2015. NCUA will examine a credit union based on asset size and CAMEL Rating. The three tiers divide credit unions into those that have assets: less than $30 million, $30-$50 million and more than $50 million.

The 2015 letter addresses the overall risk identified in the small credit union sector. The letter states: “In 2015, NCUA’s Small Credit Union Examination Program (SCUEP) will employ a defined–scope approach that focuses staff attention on the primary areas of risk for small credit unions: internal controls, recordkeeping, and lending.” It appears that the new SCUEP examination will focus more on internal controls and will require the credit union to substantiate its internal control policies and procedures, specifically in the areas of recordkeeping and lending.

The key to reducing transactional risks for credit unions is an active and effective internal control structure. As is typical in the small credit union industry, most levels of management are required to wear multiple hats. A supervisory committee is tasked with the responsibility of oversight for the internal control structure; however, it may not know where to start or may not have the time to build an internal audit function.

One of the key testing guidelines used by the examiners is the Supervisory Committee Guide—a good starting point for anyone involved with a credit union’s internal audit function.   One thing to keep in mind is that the guide is exactly that: a guide. It is not designed to offer a “cookie cutter” approach. When credit unions develop an internal audit program, a common weakness is that they limit their program to only what is identified in the Supervisory Committee Guide.   The guide was last updated by NCUA in November 1999, and there have been many changes in the credit union industry since that time. If a credit union only focuses on the items in the Supervisory Committee Guide, it could miss certain high-risk areas.

A robust and properly designed internal audit function can accomplish the requirements tasked to a supervisory committee, as well as mitigate additional risks faced by a credit union.

PYA has experience in working with supervisory committees to design and implement effective and robust internal audit functions.

If you would like assistance developing and or implementing your internal audit program, please contact the expert listed below at PYA, (800) 270-9629.