One of the benefits of your credit union's League membership is access to InfoSight--a valuable online compliance resource. This newsletter contains some timely highlights, and access to InfoSight is a benefit of League affiliation, so it is password-protected. If you have a specific compliance issue or concern, contact our Consulting Department at (800) 285-5300. Replies to this email will be directed to SVP, League Services & Regulatory Analysis Joe Guilfoy .
InfoSight News
Compliance Updates
Expedited Funds Availability Act - Regulation CC  in the Accounts Channel has been updated to include changes that will be effective July 1, 2020, but which can be implemented at any time. Changes include:

  1. Increased the "next day availability" amount from $100 to $225;
  2. Elimination of "non-local" checks;
  3. Threshold amounts for funds availability will be adjusted for inflation every 5 years.
Compliance and Advocacy News and Highlights
As of February 4, 2020, the CDC reported 28 countries have reported confirmed 2019-nCOV (Coronavirus) cases. The worldwide spread of the coronavirus has raised pandemic fears, which credit unions should take as a good time to review their pandemic planning as part of their business continuity plan.

The coronavirus was declared as a public health emergency of international concern by both the CDC and World Health Organization. Reports as of February 7, 2020 that indicate the virus has killed over 630 people and infected over 31,000 people are scary. In perspective, the 2019-2020 flu has infected over 15 million people in the United States, hospitalized over 140,000 people worldwide, and killed over 8,200.

Which leads us back to steps credit unions should be taking to ensure their pandemic preparedness planning can be activated and all them to respond in an effective manner to the incident. The NCUA has issued guidance on several occasions related to pandemic preparedness and planning. Letters to Credit Unions 10-CU-10 , 09-CU-13 ; 08-CU-01 ; and 01-CU-21 .

The NCUA highlights that the credit union’s plan should include:

  • A preventative program to reduce the likelihood the operations will be significantly affected by a pandemic event;
  • A documented strategy which provides for scaling pandemic efforts;
  • A comprehensive framework of facilities, systems, or procedures to continue critical operations if large number of staff are unavailable for prolonged periods;
  • A testing program to ensure the pandemic planning practices and capabilities are effective; and
  • An oversight program to ensure ongoing review and updates are made to the pandemic plan.

Credit unions should review and revise their continuity plans in a timely manner to properly address the management of a pandemic event.

Member credit unions may also wish to leverage their league/association compliance resources.  CU PolicyPro Model Policy 2195: Pandemic Influenza Preparedness & Response provides a general policy that the credit union can tailor to meet their needs. The policy covers:

  • Role of the Board
  • Role of the Management Team
  • Planning for impact to credit union operations
  • Planning for impact to employees and members
  • Allocation of resources to protect employees and members during an outbreak
  •  Educating employees

Additionally, the Business Continuity topic within the Security channel of InfoSight provides links to various pandemic resources that the credit union can utilize for their plans.

Other considerations when it comes to any sickness outbreak.

  • Communicate and educate employees.
  • Emphasize good workplace hygiene and social distance from those with obvious symptoms.
  • Reinforce sick leave policies, and even option to work remotely if applicable.

Source: David Curtis, NWCUA; NCUA
CUNA Experiences “Cyber Incident”
CUNA’s “cyber incident” that knocked the trade group’s system offline recently was caused by ransomware, Vicki Christner, CUNA’s vice president of strategic communications, confirmed Friday.
Ransomware attacks often begin with phishing emails with fake links to install malware to encrypt and hold hostage the target’s files or computers. Hackers then demand a ransom from the affected entity to remove the encryption.

Christner said as soon as CUNA diagnosed the problem, trade group officials informed their members. Earlier this week,  CUNA officials also said they were working with the FBI  on an investigation into the cause of the problem.

In October CUNA hosted a simulated ransomware attack, aimed at helping credit unions defend against ransomware using a simulated ransomware attack at Credit Union House in Washington, D.C., and remotely. CUNA joined with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and ManTech, a provider of cybersecurity solutions, to conduct the session.

Source: CU Times
Kraninger signals CFPB plans regarding Lending Rules
In  oral  and  written  testimony given recently before the House Financial Services Committee, CFPB Director Kathleen Kraninger reported that the Bureau plans to move away from the 43 percent debt-to-income ratio requirement in the qualified mortgage rule, and will propose an alternative such as pricing thresholds to better ensure that responsible, affordable mortgage credit remains available for consumers. The Bureau expects to issue a proposal on changes to the QM rule in May 2020.

Kraninger reported that the Bureau is evaluating comments received on its proposal to rescind the underwriting portions of its Payday Lending rule. She also reported progress on the Bureau's evaluation of comments relating to the EGRRCPA requirement that the Bureau prescribe regulations under the Truth in Lending Act for residential property assessed clean energy (PACE) loans. Also under review are approximately 100 comments received on the Bureau's proposed amendments to the Remittance Rule (subpart B of Regulation E), and comments on the Bureau's proposed rule to implement the requirements applicable to debit collectors under the Fair Debt Collection Practices Act.

Source: CFPB
Pending Comment Calls
CUNA's Advocacy Resources
Weekly Regulatory Advocacy Report
The Weekly Advocacy Report provides links to information about a number of recent League, CUNA and NCUA regulatory and advocacy activities. 
Upcoming Education Sessions
The League has several education sessions coming up. Several focus on compliance issues. They are listed in calendar format on the League website.
League Consulting Department Staff
(800) 285-5300
Compliance Calendar
There's more available from InfoSight
InfoSight content is available anytime to get sample policies, links to federal regulations and summaries of issues that are hot-topics at your credit union. 
Access to InfoSight is a benefit of League affiliation, so it is password-protected. If you don't have a password or if you have forgotten yours, click on the tan "Log In" button in upper right corner of the site; a box will open. Click on the blue wording to get your password.