United States

NCUA supervisory priorities for 2016 raise two key focus areas

BSA compliance, new TILA-RESPA rule are key areas of concern


In its January 2016 letter on supervisory priorities for 2016, the National Credit Union Administration (NCUA) identified six areas of focus for the year:

  • Cybersecurity assessment

  • Response programs for unauthorized access to member information

  • Bank Secrecy Act (BSA) compliance

  • Interest rate risk

  • TILA-RESPA integrated disclosure rule

  • Credit Union Service Organization (CUSO) reporting

While all of these are key concerns for every credit union, our experience shows that two of these issues, BSA compliance and dealing with the Consumer Financial Protection Bureau’s new TILA-RESPA integrated disclosure (TRID) rule, bear particular scrutiny.

MSBs, effective risk assessments highlight BSA concerns

Dealing with money service business (MSB) customers and ensuring an effective BSA risk assessment are two BSA areas where credit unions should focus particular attention.

Because of strict BSA compliance surrounding MSBs, many credit unions have opted not to serve these customers. For those that continue to serve them, however, ensuring that those clients are complying with all state and local licensing requirements and that they have registered with the Financial Crimes Enforcement Network (FinCEN) are key steps. Another risk? Watch for clients in retail or other segments that have started offering check cashing services to customers. They could expose your credit union to unintentional MSB exposure.

For all financial institutions, an effective risk assessment is vital to your overall BSA effort. Your risk assessment will not only help identify any potential risk around MSBs, but will help you to better evaluate your overall BSA exposure, allowing you to better align your compliance efforts with your actual risks. Analyzing your risk assessment will be a key focus for NCUA examination focus.

For more on effective BSA risk assessments, read our article Use a risk assessment to clarify your BSA picture.

TRID rule a significant compliance issue

The CFPB’s TRID rule, which affects credit unions that have accepted home mortgage loan applications since Oct. 3, 2015, should be another key compliance focus for credit unions in 2016 and beyond. The rule is designed to better help consumers understand mortgage transactions.

As TRID was set to go into effect, both the CFPB and the Federal Financial Institutions Examination Council recognized that the new rules would require significant procedural and software updates for lenders and would also require complex coordination with third parties. As a result, both promised a period of relaxed enforcement to ease the transition toward TRID compliance. The problem? Neither agency specified how long that period would last, nor is there any regulatory force behind the promise of lax enforcement.

Within the context of loan estimates and closing disclosures under TRID, the follow common issues come up:

  • Information in the general information section not completed or completed incorrectly

  • Fees labeled inconsistently among the loan estimate, revised loan estimate and closing

  • Errors in the closing cost details tables

  • Errors in the calculating cash to close table

  • Incomplete contact information for all parties

  • Inaccurate or incomplete lender credits information

For more information on complying with TRID, see our article Supervisory approach to TRID.

For more information on cybersecurity and data breach concerns, please see our articles Making the most of the FFEIC Cybersecurity Assessment Tool, How banks can increase cybersecurity risk management and How banks can manage vendor cybersecurity risk.  


How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.




Cybersecurity risks for employee benefit plans

  • January 11, 2018


Understanding cybersecurity and operational risks of cryptocurrency

  • November 09, 2017


Cybersecurity best practices and considerations for the public sector

  • October 26, 2017


Learn the real cost of a data breach

  • October 17, 2017


AML and regulatory compliance webcast series—Fall 2017

  • September 28, 2017


Investment Industry Insights
This bi-monthly newsletter focuses on accounting, tax and regulatory news for the asset management industry.

Financial Institution Insights
delivers news and information critical to community banking professionals. The bi-monthly newsletter tackles issues ranging from IT security to regulatory compliance to operational improvement.

Compliance News
Compliance news for the banking and investment industry. Gain insights about the latest compliance news and how it will affect your business.

How can we help you??

To discuss how our team can help your business, contact us by phone 800.274.3978 or

Events / Webcasts