Links in “Credit Unions”

NAFCU's recap of last week's FFIEC alert on the "Heartbleed" vulnerability. [4/14]

Senator Dan Coats has introduced a bill that would change the manner in which the CFPB obtains information from financial institutions with less than $10 billion in assets. The CFPB would be required to use publicly available information or seek the information from the banking regulators, rather than placing additional reporting burdens on the financial institutions. [4/11]

The “Stop Errors in Credit Use and Reporting Act” (“SECURE Act”) would provide consumers with free access to their credit scores, if an unfavorable decision is based on that score, along with making the credit score available with the consumer’s annual free credit report. The bill would also require the CFPB to develop procedures to ensure that credit reporting agencies report accurate information. [4/11]

According to a statement from the FFIEC, credit unions and other financial institutions need to be in contact with their third party vendors to ensure that they are progressing towards addressing this latest risk to websites protected by OpenSSL encryption. The FFIEC statement recommends four steps that financial institutions should take , including requiring users and administrators to change their passwords after applying the OpenSSL patch, if applicable. CUNA Mutual has also issued a Risk Alert to its bond policy holders that provides further recommendations about communications with members. See also. [4/11]

In an effort to clarify a statement he made during a recent Congressional hearing, NCUA General Counsel, Mike McKenna, has issued a letter to the committee chair that explains that while the proposed RBC rule addresses the use of supplemental capital for low-income credit unions, it does not and cannot address the issue of supplemental capital for other credit unions. McKenna explained that the Federal Credit Union limits the use of supplemental capital or secondary capital to only low-income designated credit unions and that Congress would need to amend the Act to authorize NCUA to expand the use of supplemental capital to all credit unions. McKenna added that NCUA supports a legislative change. [4/10]

NCUA has issued Supervisory Letter No. 14.04 to provide guidance to examiners regarding taxi medallion loans. Credit unions that either extend loans of this type and credit unions that purchase participation interests in taxi medallion loans should review this letter in order to be prepared for the extent of the review your examiners will conduct as a result of heightened concerns regarding the risks they feel these loans may represent. [4/10]

The IRS has at last issued an interpretation that excludes most credit union products from being subject to the unrelated business income tax (UBIT). This means that refunds from past tax payments by state-chartered credit unions can now be processed. [4/10]

It turned out to be a long day for NCUA General Counsel, Mike McKenna, who was grilled by the members of the House Financial Services Committee over why the agency’s proposed risk-based capital rule’s risk weights are higher than those set by the FDIC when credit unions have lower delinquency rates than banks.  McKenna responded that NCUA believes their proposed risk weightings are equivalent to those used by the FDIC given the unique nature of credit unions and other factors. [4/9]

In testimony before the Financial Services Committee yesterday, NCUA Attorney General, Mike McKenna, stated that majority of the rules adopted by the agency in 2013 provided regulatory relief to credit unions. Both CUNA and NAFCU disagree, stating that it’s not the number of the rules that’s relevant, but the impact of those rules that is the important consideration. [4/9]

FFIEC's statements last week take a look at cyber-attacks on ATMs and card authorization and DDoS attacks on websites. In one, hackers targeted ATMs by installing malware that allowed for unlimited withdrawals, beyond the available balance, resulting in $40 million in fraud using only 12 stolen debit accounts. [4/9]