Posted on

NCUA Amends the CUSO Rule

At its November Meeting, the NCUA Board passed a revision to the CUSO Rule. NACUSO is pleased that NCUA was responsive to some of the concerns expressed about this regulation by the credit union and CUSO industry and that they somewhat reduced the scope of the final CUSO rule from the overreach of the proposed rule. While we continue to question the need for such a rule at all, NACUSO has never been opposed to NCUA learning more about CUSOs, the mitigation of risks associated with CUSO investment and the advantages that CUSOs bring to credit unions.

NACUSO continues to recognize that NCUA, even though we maintain and the agency has now recognized in the language of this rule that NCUA has no statutory authority to directly regulate and examine CUSOs, has the authority to request information on their CUSO investments of all credit unions they regulate and insure. Responsible and limited information gathering that enables NCUA examiners to better evaluate the risk of CUSO investments on the balance sheets of the credit unions they regulate and insure is not, within itself, bad public policy. Utilizing data gathering to do an “end around” the lack of statutory regulatory and examination authority over CUSOs would be bad public policy. NACUSO will be watching closely NCUA’s data gathering efforts to ensure that they stay consistent with the stated limitations of this rule and do not evolve into de facto regulation and examination through the data gathering process.

The new direct reporting requirement is unquestionably an additional administrative step and burden that will have to be met going forward by the growing number of credit unions with ownership interests in CUSOs and the CUSOs themselves. If it is handled properly and not expanded into an unwarranted and statutorily unsubstantiated exam process that puts CUSOs at a competitive disadvantage versus their non-CUSO competitors, it could result in NCUA gaining a better understanding of CUSOs and – if they look at the data with an open mind – the significant value they provide it could be a positive step.

Because we continue to see no compelling reason for such a regulation when less than two percent of credit union assets are invested in CUSOs and therefore systemic risk is hardly in play, NACUSO feels the need to remind NCUA that – under the existing regulation – a CUSO agrees to permit NCUA to inspect its books and records as a condition of a credit union’s investment. Therefore, NCUA already has the power to look at the CUSO’s business information under the current rule. This rule has added the affirmative obligation on the CUSO to report certain business information directly to NCUA. This is a substantive expansion of NCUA’s authority over CUSOs.

Again, we are pleased that NCUA has acknowledged that it lacks the statutory authority to directly regulate and examine CUSOs. NACUSO agrees that NCUA lacks statutory authority to regulate and examine vendors, including CUSOs. The agency is correctly basing its authority regarding CUSOs on its credit union regulatory oversight. They seek to gather the data specified in this rule under that authority from the credit union owners themselves. NACUSO will continue to monitor this data gathering process to ensure that it stays within those bounds as we believe that direct regulatory oversight would greatly inhibit the innovative nature of CUSOs and the benefits that brings to credit unions. NACUSO will remain vigilant in its advocacy that NCUA’s role is to review CUSOs to determine the risks CUSOs may pose to its regulated and insured credit unions and not as direct regulators of CUSOs themselves.

Under the new rule, all CUSOs must provide the CUSO name, tax ID number, contact information, the names of all credit union investors, lenders and clients, as well as any CUSO parent and CUSO subsidiaries. So all CUSOs will have to give NCUA a list of all its credit union customers. Financial information is needed if the CUSO is engaged in lending activity, IT services and credit union investment management services. We are pleased that NCUA has stated that it will be sensitive to preventing the public disclosure of sensitive business information such as customer lists and financial information, but we still have serious concerns over the security of the information and the need for it to be protected as confidential trade secret information and not released to competitors under the Freedom of Information Act. We will continue to have ongoing discussions with NCUA on this specific concern.