Credit Union Legal Update – NCUA’s List of Required Policies for Board of Directors of Credit Unions

By , Credit Union

Dozens of new regulations, or amendments to regulations, require new credit union policies. Yet regulators often fail to specify if board action is required regarding a credit union policy. Several years ago, we published an analysis of which policies require action and due to popular demand, Kaufman & Canoles has updated it and brings the new analysis to its readers.

  Required Policy Executive Summary Regulation/Reference
1. Ability-to-Repay and Qualified Mortgage Standards Under the Truth in Lending Act This regulation does not state or imply that a policy must be implemented by a Board of Directors 12 CFR 1026 as amended by 78 FR 35429
2. Application of Regulation Zs Ability-to-Repay Rule to Certain Situations Involving Successors-in-Interest This short rule lacks commentary and merely articulates the Bureaus interpretation of Regulation Z, and the Truth-in-Lending Act. It does not detail requirements for implementing the policy 12 CFR 1026 as amended by 79 FR 41631
3. Bank Bribery Law Adopt internal codes of conduct or written policies to include explanation of general prohibitions of bank bribery law, alert credit union officials about bank bribery statute, as well as establish and enforce written policies on acceptable business practices Interpretative Ruling and Policy Statement 87-1

Bank Secrecy Act Compliance Policy

  • Customer Identification Program (CIP) Policy that is required by 326 of the Patriot Act
  • Anti-Money Laundering Program
CU must establish and maintain written compliance program for the BSA. CIP Policy prevents money laundering and terrorist financing scheme 12 CFR 748.2(b); pt. 751.214 for state-chartered credit unions
5. Chartering and Field of Membership Manual The Chartering and Field of Membership Manual must be implemented by a Board. Associational common bond provisions expanded 12 CFR 701 as amended by 81 FR 88412
6. Childrens Online Privacy Protection ACT (COPPA) Compliance Policy Adopt a policy for implementing COPPA that includes providing a privacy notice on website and a notice to parents 16 C.F.R. pt. 312.4
7. Compliance Policy/Program Each CU should have a compliance officer that is responsible for general compliance. Additionally, officers in different divisions should be responsible for compliance in their divisions See Compliance Manual at 8
8. Consumer Leasing Act Policy (Regulation M) This recent amendment lacks commentary and relates to a change that is technical and applies the calculation method set forth elsewhere 12 CFR 1013 and 12 CFR 213 as amended by 81 FR 86256
9. Contingency Funding Plan Sets out strategies for addressing liquidity shortfalls in emergency situations 12 CFR 741.12; NCUA Supervisory Letter No. 14-03
10. Credit by Banks and Persons Other than Brokers or Dealers for the Purpose of Purchasing or Carrying Margin Stock Adopt comprehensive procedures for implementing Reg. U (if applicable) Reg. U
11. Credit Practices Policy Adopt policy re: credit practices 12 CFR pt. 706
12. Credit Union Service Organizations The Board of Directors must perform the necessary due diligence to ensure each CUSO complies with all regulations. The final rule requires a FICU to obtain a written agreement from a Credit Union before investing in or lending to the CUSO. This written agreement must provide that the CUSO will annually submit, pursuant to NCUA guidance, a report containing general registration information directly to NCUA and the appropriate SSA 12 CFR 712 and 12 CFR 741 as amended by 78 FR 72537
13. Definition of the Term Fiduciary; Conflict of Interest Rule- Retirement Investment Advice Under Footnote 4, it relays some of the commentary regarding the implementation procedures, stating the procedures for implementation include drafting and implementing training for staff, drafting client correspondence and explanations of revised product and service offerings, negotiating changes to agreements with product manufacturers to facilitate compliance, and changing employee and agent compensation structures, among other things. There is no reference to implementation via a Board of Directors 29 CFR 2509, 29 CFR 2510, and 29 CFR 2550 as amended by 82 FR 16902
14. Denial of Services Adopt a policy to limit or restrict member services NCUA Office of General Counsel
15. Derivatives Policy A federal credit union with derivatives authority must operate according to a comprehensive written policy 12 CFR pt. 703, Subpart B, 12 CFR 703.106
16. Disaster Recovery and Business Resumption Contingency Plan Develop contingency plan in preparation of disaster or other event to ensure uninterrupted service to members NCUA Letter 01-CU-21; NCUA Letter 08-CU-07 FFIEC Updated Business Continuity Planning Examination Handbook; NCUA Letter 08-CU-01; Risk Alert 06-Risk-01; 12 CFR pt. 748; 12 CFR pt. 749
17. Disclosure and Delivery Requirements for Copies of Appraisals and Other written Valuations Under the Equal Credit Opportunity Act (Regulation B) This regulation does not state or imply that it must be implemented by a Board of Directors 12 CFR 1002 as amended by 78 FR 7215
18. Dividend Nondiscriminatory Policy To establish dividend periods, dividend credit determination dates, distribution dates, any associated penalties, and the method of dividend computation Appendix C to 12 CFR Part 707
19. Electronic Fund Transfer Act Policy (EFT) Adopt policy implementing Reg. E Reg. E
20. Employee Incentive or Bonus Policy Adopt policy for incentives to an employee in connection with loans made by all except senior management 12 CFR 701.21(c)(8)(iii)(c)
21. Equal Credit Opportunity Act Policy Ensure compliance with ECOA and adopt non-discrimination policy for credit transactions Reg. B; 12 CFR pt. 1002
22. E-Sign Act Policy Adopt policy and procedures regarding use of electronic records NCUA Compliance Manual; E-Sign Act 101(C)(1)
23. Expedited Funds Availability Act Policy

Adopt policies to comply with Regulation CC and all related regulatory requirements. This includes adopting:

  • Funds Availability Policy
  • Notices of Changes in Availability Policy
Reg. CC
24. Fair Credit Reporting Act Policy Ensure procedures are in place for implementing and complying with FCRA FCRA
25. Fair Debt Collection Practices Act Policy Ensure procedures are in place for implementing and complying with FDCPA FDCPA
26. Fair Housing Act Policy Board must ensure that policy for implementing FHA does not tolerate illicit discrimination in any transaction relating to residential real-estate FHA; 24 CFR pt. 100
27. Federal Credit Union Ownership of Fixed Assets The rule requires supervisory guidance and states that such guidance will reflect current supervisory expectations that require an FCU to demonstrate appropriate due diligence, ongoing Board and management oversight, and prudent financial analysis to ensure the FCU can afford any impact on earnings and net worth levels caused by its purchase of fixed assets. Additionally, under Footnote 16 it states, the credit unions Board needs to approve plans for any investment in fixed assets that will materially affect the credit unions earning and that credit union management should only purchase fixed assets in compliance with policy approved by the credit unions Board 12 CFR 701 as amended by 80 FR 45844
28. Fiduciary Duties Policy Adopt policy that specifies the fiduciary duties of the Board of Directors 12 CFR 701.4
29. Financial Education Program for the Board of Directors Implement a policy that makes training available for enhancing the financial knowledge of the directors NCUA Letter to Federal Credit Unions 11-FCU-02 12; 12 CFR 701.4
30. Flood Disaster Protection Act Policy or National Flood Insurance Act Compliance Policy Adopt policy for implementing National Flood Insurance Act FDPA; 12 CFR pt. 760
31. Foreclosure and Repossession Policy Adopt policy to address mortgage foreclosure concerns NCUA Accounting Manual for FCUs; See NCUA Letter to Credit Unions 11-CU-01; NCUA Letter 08-CU-25
32. High-Cost Mortgage and Homeownership Counseling Amendments to the Truth in Lending Act (Regulation Z) and Homeownership Counseling Amendments to the Real Estate Settlement Procedures Act (Regulation X) This regulation does not state or imply that it must be implemented by a Board of Directors 12 CFR 1024 and 12 CFR 1026 as amended by 78 FR 6855
33. Home Mortgage Disclosure (Regulation C) Adjustment to Asset-Size Exemption Threshold The amendment to this final rule is technical and non-discretionary, and it merely applies the formula established by Regulation C for determining any adjustments to the exemption threshold 12 CFR 1003 as amended by 80 FR 79673
34. Home Mortgage Disclosure Act Policy Adopt policy for implementing HMDA when collecting and maintaining accurate of covered loans/applications Reg. C
35. Homeowner’s Protection Act (HOPA) Adopt HOPA compliance policies because NCUA may enforce HOPA HOPA
36. Indirect Lending Policies Adopt comprehensive policies re: indirect lending, including underwriting and monitoring, and clear policies for selecting third party vendors NCUA Letter to Credit Unions, Letter No. 10-CU-15
37. Information Security Program Each CU must institute a written security program to protect CU from robberies, etc., prevent destruction of vital records, layered security, member account authentication, multifactor identification of members, and risk assessment process 12 CFR pt. 748; 12 CFR pt. 749; NCUA Letter to Credit Unions, 11-CU-09, 05-CU-18, 06-CU-13; FFIEC Supplement to Authentication in an Internet Banking Enviroment
38. Interest Rate Risk Policy Adopt policies as part of the asset liability management of the credit union 12 CFR pt. 741
39. Investment and Deposit Activities-Bank Notes The NCUA Board (Board) is finalizing a rule that amends the maturity requirement for bank notes to be permissible investments for federal credit unions (FCUs) by removing the word original from the current requirement that bank notes have “original weighted average maturities of less than 5 years” 12 CFR 703 as amended by 81 FR 17601
40. Investment Policy Adopt policies re: liquidity, investment objectives, cash deposits, etc. Review annually (can be part of a broader ALM policy) 12 CFR 703.3; Supervisory Letter No. 14-03
41. Liquidity and Contingency Funding Policy The final rule requires FICUS with less than $50 million in assets to maintain a basic written policy that provides a credit union board-approved framework for managing liquidity and a list of contingent liquidity sources that can be employed under adverse circumstances. Additionally, the policy establishes a reporting requirement to keep the Board apprised of the institution’s liquidity position 12 CFR Part 741.12
42. Loans Participation Policy Adopt policies re: member loan participation policies and procedures 12 CFR 701.22 (b) and (c)
43. Loan Workout Policy Develop written policy and standards that control the use of loan workouts Appendix C to 12 CFR pt. 741
44. Loans and Lines of Credit Policies/Loan Incentive Practices Written policies for loans and lines of credit consistent with the relevant provisions applicable laws and regulations; to contain real estate leanding policies related to appraisal and evaluation program Interagency Appraisal & Evaluation Guidelines; 12 CFR 701.21 (c)(2); 12 CFR 741.3; 12 CFR 701.21 (c)(8)
45. Management Officials Interlocks Act Compliance Policy Adopt compliance policy for Interlocks Act 12 U.S.C. 1823(k), 3207; 12 CFR pt. 711.4-.6
46. Member Business Loan Policy; Commercial Lending Establish guidelines and overall lending strategy to integrate with overall asset liability management.
There are numerous procedures required of a Board of Directors. First, a credit union’s Board of Directors is ultimately responsible for the credit union’s commercial loan risk, and… the Board must establish adequate controls and provide sound governance for the credit union’s commercial lending program.
A credit union’s Board of Directors can delegate the responsibility to a committee. However, the Board of Directors is ultimately accountable for the safety and soundness of the credit union’s commercial lending activities.
12 CFR pt. 723, NCUA Letter to Credit Unions 10-CU-02; 12 CFR 701, and 12 CFR 741 as amended by 81 FR 13529
47. Military Lending Act – Limitations on Terms of Consumer Credit Extended to Service Members and Dependents There is no discussion regarding board-approved procedures or Board requirements 32 CFR 232 as amended by 80 FR 43559
48. Office of Foreign Asset Control (OFAC) Policy and Procedure Credit Unions must monitor all financial transactions performed by or through in order to detect entities/persons subject to OFAC laws and regulations (see also BSA) Various OFAC laws and regulations
49. Overdraft Policy Develop written policy that sets a cap on th total dollar amount of all overdrafts the CU will honor, establish any applicable fees, establish time limit for repayment, etc. 12 CFR 701.21 (c)(3)
50. Preservation of Consumer Claims and Defense Policy (Holder in Due Course) Board must adopt policy for implementing the Preservation of Consumers’ Claims and Defenses Rule FTC Holder in Due Course Rule – 16 CFR pt. 433.2
51. Privacy Policy Adopt policy re: non-disclosure of nonpublic information, to determine whether nonpublic information will be shared and proper delivery of disclosures 12 CFR pt. 1016
52. Purchase, Sale, and Pledge of Eligible Obligations Policy Written Policies that address the credit union’s purchase, sale, or pledge of all or part of a loan of its members should address incentive or bonus payments to employees if using this practice 12 CFR 701.23
53. Real Estate Settlement Procedures Act policy Adopt policy for implementing RESPA and Reg. X. This includes explaining coverage of regulation, exemption, and disclosure requirements 24 CFR pt. 3500; Reg. X
54. Records Preservation Program and Record Retention Policy Adopt vital records preservation program and document retention policy 12 CFR pt. 749
55. Reimbursement for Providing Financial Records Policy Adopt policy for implementing Reg. S for collecting expenses associated with assembling and copying subpoenaed members’ records Reg. S
56. Reserves on Transaction Accounts Adopt policy for implementing Regulation D Reg. D
57. Risk-Based Lending Policies Policies that define parameters of risks assumed and internal controls; manage risks; implement information systems or monitoring information See NCUA Letter to Credit Unions, Letter No. 99-CU-05
58. Secure and Fair Enforcement for Mortgage Licensing Act (SAFE Act) Compliance Policies Establish written policies providing basic framework for compliance with SAFE Act (if employing one or more mortgage loan originators). Policies appropriate for the size/complexity/scope of mortgage lending activities Reg. G; 12 CFR pt. 1007 and Appendix A; NCUA Letter to Credit Unions, Letter No. 10-CU-13
59. Service-members’ Civil Relief Act Policy Adopt policy for implementing SCRA See Compliance Manual; 50 U.S.C. App. 526
60. Truth in Lending Act Adopt policy for implementing Truth in Lending Act Reg. Z
61. Truth in Lending (Regulation Z) Annual Threshold Adjustments (CARD ACT, HOEPA and ATR/QM) This is a recent technical change in the formula, as the regulation states the amendments in this final rule are technical and nondiscretionary, and they merely apply the method previously established in Regulation Z for determining adjustments to the thresholds 12 CFR 1026 as amended by 29 FR 48015
62. Truth in Lending Act (Regulation Z) Adjustment to Asset-Size Exemption Threshold This also appears to be a technical change in the formula 12 CFR 1026 as amended by 81 FR 93581
63. Truth in Savings Act Compliance Policy Adopt a policy for implementing Truth in Savings Act, this includes adopting proocedures related to activities like: account opening disclosure, dividend calculations, subsequent disclosures, member inquiries, training, record retention, advertising, monitoring 12 CFR pt. 707
64. Unfair or Deceptive Acts or Practices The Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) repealed NCUA’s rulemaking authority under the Federal Trade Commission Act (FTC Act). As a result, the NCUA Board (Board) is now repealing NCUA’s regulations governing unfair or deceptive acts or practices. Additionally, the Board is amending NCUA’s payday alternative loans regulation to replace all references to short-term, small amount loans 12 CFR 701, 12 CFR 706, and 12 CFR 790 as amended by 79 CFR 10/03/2014
65. Unlawful Internet Gambling Enforcement Act (UIGEA) Policy Establish policies and procedures that are reasonably designed to identify and block or otherwise prevent restricted transactions Unlawful Internet Gambling Enforccement Act of 2006
66. Volunteer Reimbursement Policy Board members and other volunteers must abide by approved Board reimbursement policies 12 CFR 701.33
67. Website Policy Written policies or procedures to address implementation and ongoing management of website NCUA Letter to Credit Unions, 02-CU-17; NCUA e-Commerce Guide for Credit Unions


The contents of this publication are intended for general information only and should not be construed as legal advice or a legal opinion on specific facts and circumstances. Copyright 2020.