.png)
.png)
.png)
.png)
Table of contents
Agency monthly board meeting also sees cybersecurity and regional supervisory rules approved.
Federal credit union operating fees may be reduced next year as a result of the Nation Credit Union Administration running a budget surplus of about $18 million, NCUA CFO Eugene Schied told the agency board Thursday at its monthly meeting.
Schied said that pandemic remote work rules have resulted in a surplus of about $9 million in travel expenses, adding that the agency’s pay and benefits budget also is running a surplus due to higher-than-forecast vacancies at the organization.
Board members said they were pleased with the news.
“Fiscal restraint on our part should translate into savings for credit union members, in the form of higher interest on share deposits, lower interest on their mortgages and other loans, and lower fees, among other benefits,” stated board Chairman Todd Harper. He added the NCUA will continue to place a high priority on “cybersecurity, consumer financial protection, equitable financial innovation, and support for small credit unions and minority depository institutions.”
Board member Rodney Hood said that the agency had received a letter from B. Dan Berger, president of the National Association of Federally-Insured Credit Unions, noting that the agency has been running a large cash balance.
“We need to make sure that the agency has enough cash to pay the bills,” Schied said, while also adding credit unions are likely to pay a reduced operating fee next year.
Cybersecurity Rule Approved
In other business, the NCUA board approved a proposed rule that would require credit unions to notify the agency within 72 hours after they reasonably believe that a cyber incident has occurred.
Credit unions would be required to report cyber incidents in cases involving:
–A substantial loss of confidentiality, integrity or the availability of a network or member information system that results from the unauthorized access of sensitive data.
–A disruption of business operations, vital member services or a member information system resulting from a cyberattack.
–A disruption of business operations or unauthorized access to sensitive data as a result of the compromise of a credit union service organization, cloud service provider, managed service provider or other third-party data.
NCUA staff said the 72-hour deadline is sufficient time, even though other banking regulators have adopted a 36-hour deadline.
“Federally insured credit unions are not only the system’s first line of defense, but they are also the NCUA’s eyes and ears,” Harper said.
Regional Supervisory Rule Approved
The board also approved a final rule that would give regional offices supervisory powers over credit unions with between $10 billion and $15 billion in assets. Those credit unions currently are supervised by the agency’s Office of National Examinations and Supervision.
As the meeting started, Harper announced that, barring unforeseen circumstances, NCUA board meetings will return to an in-person format in September. The meetings have been held virtually ever since the pandemic began.
Industry News
