Removing Barriers Blog

NCUA Adopts Rule on Nonmember Deposits, Proposes FOM Rule, and Receives Cybersecurity Briefing
Posted October 24, 2019 by CUNA Advocacy

Today, the NCUA Board adopted a final rule on nonmember deposits, issued a proposal on field of membership, and received a briefing on cybersecurity. Chairman Hood thanked members of the Heartland Credit Union Association for their attendance at today’s meeting.

Final Rule – Public Unit and Nonmember Shares (Part 701)

The Board adopted a final rule amending the public unit and nonmember shares rule to allow credit unions to receive public unit and nonmember shares up to 50% of the credit union’s net amount of paid-in and unimpaired capital and surplus less any public unit and nonmember shares.

In general, the current regulations limit the total amount of public unit and nonmember shares to the greater of 20% of the credit union’s total shares or $3 million. The final rule will allow a credit union to receive public unit and nonmember shares up to 50% of the credit union’s paid-in and unimpaired capital and surplus less any public unit and nonmember shares. In addition, contrary to the proposal, the final rule retains the $3 million alternative limit.

The rule will become effective 90 days after publication in the Federal Register.

Proposed Rule – Chartering and Field of Membership (Part 701, Appendix B)

The Board issued a proposed rule that would amend the Board’s chartering and FOM rules with respect to applicants for a community charter approval, expansion, or conversion. Specifically, the proposed rule would re-adopt a provision to allow an applicant to designate a Combined Statistical Area (CSA) as a well-defined local community (WDLC), provided that the chosen area has a population of 2.5 million or less.

Separately, consistent with the DC Circuit Court of Appeals opinion in August regarding communities based on a Core-Based Statistical Area (CBSA), the proposed rule provides further explanation and support for the elimination of the requirement to serve the CBSA’s core area, as provided for in the 2016 final rule.

NCUA will accept public comments for 30 days following publication in the Federal Register.

Board Briefing – Cybersecurity

NCUA Cybersecurity Advisor, Johnny Davis, briefed the Board on the state of cybersecurity within the credit union industry. While the briefing document includes a lot of information on background and current threats, Davis suggests credit unions begin their review of the material with the Critical Security Controls included on slide 6.

The briefing outlined Chairman Hood’s cybersecurity priorities:

  • Advancing consistency, transparency and accountability within the cybersecurity examination program.
  • Stimulating due diligence for Supply Chain and Third-Party Service Provider management within the credit union subsector.
  • Assisting institutions with resources to improve operational hygiene and resilience.
  • Ensure NCUA’s systems and collected, controlled, unclassified information are secure.

The Board members reiterated their call for the agency to have third-party vendor authority, expressing concern that the current lack of such authority prevents the agency from properly examining vendors, which increases risk to the industry.