ALEXANDRIA, Va. (11/13/13/)--The National Credit Union Administration took action Tuesday to clarify its supervisory expectations regarding credit unions' risk management systems.
In a Letter to Federally Insured Credit Union (13-CU-12), the agency noted that sound enterprise risk management (ERM) is crucial to the success of any credit union, but effective management can take different approaches at different organizations.
Natural person credit unions are not required to implement a formal ERM, said the letter signed by Director Larry Fazio of NCUA's Office of Examination and Insurance, and that is because most do not "possess the size, depth of resources, or range and level of risk exposure to warrant the significant investment necessary" to implement such a program.
However, these credit unions are expected to have processes "sufficient to manage the risk associated with their business model and strategies," the letter reminded.
In large and complex natural person credit unions, however, examiners "should ensure the credit union employs a comprehensive risk management approach, which may or may not include a formal ERM program."
In all cases, the letter continued, examiners are expected to evaluate a credit union by considering:
The credit union's risk exposure, risk appetite, and risk-management strategies;
The depth and breadth of potential exposures, including the types of products and services offered by the credit union;
The strategic objectives and operational policies, procedures, and controls in relation to potential exposures;
Capability and resources of management;
Current and historical performance of management; and,
The financial strength of the credit union in relation to assets and activities.
When the letter is posted to the NCUA website, it can be accessed using the resource link below.