Compliance Update with Amy K
FREE Webinar – Litigation Trends
Please join us on October 20 at 11:30 AM (Central) for our next Lunch & Learn regarding litigation risks that credit unions are facing.
Class action lawsuits and litigation can present significant risks to credit union. Credit unions need to exercise caution as it relates to strategy and risk. Keeping ahead of the complex array of ever-changing risks and litigation challenges is critical. This session will cover topics such as:
We are pleased to have Brianda A. Rojas-Levering, Risk Consultant with Cuna Mutual Group, share her knowledge on this important topic. Please register for this free webinar here.
Updated Cybersecurity Resources for Financial Institutions
The Federal Financial Institutions Examination Council (FFIEC) recently released an update to the October 2018 Cybersecurity Resource Guide for Financial Institutions. As discussed in the updated guide, “In recent years, ransomware incidents have become increasingly prevalent. These incidents continue to evolve in severity and complexity impacting the financial sector and other critical infrastructure organizations. To address this evolving threat, the resource guide now includes ransomware-specific resources to address this ongoing threat.”
Find this updated guide here.
Additional FFIEC resources concerning cybersecurity can be found here.
NCUA DEI & Access Summit
The National Credit Union Administration (NCUA) is hosting its third DEI Summit on November 2-4 themed - All-In on DEI & ACCESS.
The Summit will include panel discussions with experts in diversity, equity, and inclusion along with fireside chats, roundtables, and keynote speakers. Session topics cover a wide range of DEI-related areas like how to build a successful DEI program; including programs for the LGBTQ+ and disability communities; cryptocurrency and the unbanked; digital access; and inclusive lending. Speakers include NCUA Chairman Todd M. Harper, Vice Chairman Kyle Hauptman, and Board Member Rodney E. Hood. Find the agenda and registration information here.
Federal Reserve Final Rule – Debit Card Transactions
Earlier this week the Federal Reserve Board issued a final rule amending Regulation II to specify that the requirement that each debit card transaction must be able to be processed on at least two unaffiliated payment card networks applies to card-not-present transactions, clarify the requirement that debit card issuers ensure that at least two unaffiliated networks have been enabled to process a debit card transaction, and standardize and clarify the use of certain terminology.
The final rule can be found here and is effective July 1, 2023.
The final rule does not affect other parts of Regulation II that directly address interchange fees for certain debit card transactions.
Under the final rule, a debit card issuer must configure each of its debit cards so that card-not-present transactions performed with such cards can be processed on at least two unaffiliated networks. As a practical matter, an issuer will first need to determine whether card-not-present transactions performed with its debit cards can already be processed on at least two unaffiliated networks; if the issuer is not already compliant with the final rule, the issuer will need to adjust its debit card processing arrangements to meet the final rule’s requirements.
As explained in the Board memo, the final rule retains the approach in current Regulation II that allows issuers to rely on network rules or policies in determining whether the networks enabled by an issuer may be used to satisfy the prohibition on network exclusivity. In addition, the final rule adds language to emphasize that, contrary to the broad reading of the proposal put forward by many commenters, the prohibition on network exclusivity does not require an issuer to ensure that two or more unaffiliated networks will actually be available to the merchant to process every debit card transaction.
The final rule also adopted a modified version of proposed comment 235.7(a)-7 (now renumbered as comment 235.7(a)-8) that states that the prohibition on network exclusivity applies to electronic debit transactions performed with any debit card as defined in § 235.2 of Regulation II, regardless of the form of such debit card. The final rule further states that the requirement applies to electronic debit transactions performed using, for example, a plastic card, a supplemental device such as a fob, information stored inside an e-wallet on a mobile phone or other device, or any other form of debit card, as defined in § 235.2, that may be developed in the future.
NCUA Proposed Budget – Open for Comment
The NCUA has announced its 2023-2024 proposed budget which can be found here and is open for comment until October 28, 2022.
As summarized in the announcement, “The proposed combined 2023 staff draft budget is $367.0 million, or 8.1 percent higher than the 2022 budget. The proposed operating budget is $350.8 million, which is 9.6 percent higher than in 2022. The proposed 2023 capital budget is $11.2 million, or 14.1 percent lower than in 2022. The proposed Share Insurance Fund administrative budget is $4.9 million, or 21.5 percent lower than in 2022.”
The budget includes a proposed net increase of 25 positions in permanent agency staffing. This would include 10 net new positions added to NCUA regional staff to increase the number of specialist examiners and supervisory specialists, four positions for the Office of Examination and Insurance to strengthen its credit and bank secrecy programs, two new positions for the Office of Consumer and Financial Protection to expand its consumer financial protection function, and two positions for the Office of Credit Union Resources and Expansion to support credit unions by providing technical advice about chartering and field of membership matters.
Increase in travel funding compared to 2022, however, the NCUA anticipates that travel will occur at a lower overall level than in previous years due to lessons learned during the pandemic about remote work and offsite examination and supervision procedures.
FinCEN Final Rule
The Financial Crimes Enforcement Network (FinCEN) has issued a final rule concerning beneficial ownership information (BOI) which will be effective January 1, 2024.
The announcement, final rule and fact sheet can be found here.
Please note – this rule does not change any requirements for credit unions to collect beneficial ownership information from your business members as required in FinCEN’s 2016 rulemaking. As discussed in the final rule, FinCEN intends to revise the 2016 CDD Rule through a future rulemaking process that will provide the public with an opportunity to comment on the effect of the final provisions of the BOI reporting rule on financial institutions' customer due diligence obligations.
Briefly, this final rule identifies two types of reporting companies: domestic and foreign. A domestic reporting company is a corporation, limited liability company (LLC), or any entity created by the filing of a document with a secretary of state or any similar office under the law of a state or Indian tribe. A foreign reporting company is a corporation, LLC, or other entity formed under the law of a foreign country that is registered to do business in any state or tribal jurisdiction by the filing of a document with a secretary of state or any similar office. Under the rule, and in keeping with the CTA, twenty-three types of entities are exempt from the definition of “reporting company.”
Reporting companies created or registered before January 1, 2024 will have one year (until January 1, 2025) to file their initial reports, while reporting companies created or registered after January 1, 2024, will have 30 days after receiving notice of their creation or registration to file their initial reports.
Furthermore, reporting companies have 30 days to report changes to the information in their previously filed reports and must correct inaccurate information in previously filed reports within 30 days of when the reporting company becomes aware or has reason to know of the inaccuracy of information in earlier reports.
As always, DakCU members may contact Amy Kleinschmit with any compliance related questions.
Comments are closed.
The Memo is DakCU's newsletter that keeps
Want the Memo delivered straight to your inbox?