Compliance Update with Amy K

​CFPB answers question on credit decisions and the ECOA; NCUA issues Letter on topic of distributed ledger technologies; and some NEW InfoSight content. 

CFPB – ECOA and Reg B compliance
The Consumer Financial Protection Bureau (CFPB) recently issued a Consumer Financial Protection Circular 2022-03 that answers the question “When creditors make credit decisions based on complex algorithms that prevent creditors from accurately identifying the specific reasons for denying credit or taking other adverse actions, do these creditors need to comply with the Equal Credit Opportunity Act’s requirement to provide a statement of specific reasons to applicants against whom adverse action is taken?”

The short answer is “Yes,” however, the circular goes into further analysis of Equal Credit Opportunity Act (ECOA) and Regulation B’s requirements. The ultimate conclusion of the CFPB is that “Creditors who use complex algorithms, including artificial intelligence or machine learning, in any aspect of their credit decisions must still provide a notice that discloses the specific principal reasons for taking an adverse action. Whether a creditor is using a sophisticated machine learning algorithm or more conventional methods to evaluate an application, the legal requirement is the same: Creditors must be able to provide applicants against whom adverse action is taken with an accurate statement of reasons.”
 
NCUA Letter to Credit Unions 22-CU-07
The National Credit Union Administration (NCUA) recently issued Letter to Credit Union 22-CU-07 on the topic of distributed ledger technologies. This letter clarifies certain expectations from the NCUA for credit unions contemplating the use of new or emerging distributed ledger technologies (DLT).

The Letter provides that “DLT used as an underlying technology by credit unions is not prohibited if it is deployed for permissible activities and in compliance with all applicable laws and regulations, including applicable state laws or state supervisory authority requirements.”

The NCUA reminds credit unions of the importance of effective risk management – including proper management of third-party vendors. The letter lists a number of questions credit unions should contemplate when assessing risks associated with DLT.

“The NCUA expects credit unions to exercise good judgment and apply sound risk-management practices when choosing to offer a new platform, product, or service, including where DLT is part of the underlying technology. These reviews include evaluating the permissibility of the activity itself and the opportunities and risks associated with any underlying technology, such as DLT. Examiners will evaluate the rigor with which credit unions exercised good judgement, applied sound risk management, and executed compliance and risk oversight of acquisition or development and deployment of new systems and technology.”
 
New InfoSight Content!
As an example of how your suggestions help improve the InfoSight products, be sure to check out the new topic:  US Savings Bonds has been added to the Accounts Channel in InfoSight!
 
Remember - InfoSight provides immediate access to current compliance topics​ which explain: What is the issue (in laymen’s terms)​; How it affects credit unions​; What credit unions need to do — the action steps needed​. InfoSight also provides helpful tools, such as frequently asked questions and checklists.

This is NOT just for the Compliance Officer! Compliance touches every area of the credit union and InfoSight can provide information for front line staff, HR, Loan Officer, Board & Volunteers, Executive Staff, Marketing, Collections, and more. InfoSight is provided as a FREE benefit of membership for DakCU affiliated credit unions.
 
As always, DakCU members may contact Amy Kleinschmit with any compliance related questions. 

---