The FLEX Connexion Blog

Four Best (& Critical) Practices for a Credit Union Compliance Program

Written by Preston Packer | Sep 23, 2020

Credit unions may have once been considered the mom and pop of the financial institution industry, but those days are long gone. Credit unions operate under similar regulatory standards as banks and experience the same threats in regards to fraud and illegal transactions. Credit unions need to have heightened awareness and modern technology to identify and mitigate fraudulent activity and maintain regulatory compliance.

Recently, there has been an increase in BSA and anti-money laundering (AML) scrutiny for larger financial institutions. With more and more attention being paid to regulations on large banks and financial organizations, high-risk clients, such as money services businesses (MSBs), as well as illegal financial operators, are turning to smaller institutions and credit unions. Small institutions are preferred targets due to the fact that they generally have fewer regulatory rules and guidelines, even though banking services fees are at a premium.

While it may seem like an attractive business decision to accept these higher fees from potentially risky members, credit unions are urged to reconsider and hold themselves accountable to the same standards as large financial institutions. Regulatory enforcement actions can come at a great cost to a credit union’s reputation and member sentiment. Implementing a robust compliance program is the answer.

Get a CRO to Manage the Risky Business

Staying up to date on the increasing number of compliance rules and regulations is critical, and managing BSA/AML risk requires extensive planning and governance from a dedicated, experienced resource. A chief risk officer, or compliance officer, identifies and analyzes internal and external business risks, then implements policies and procedures to minimize these threats. A credit union’s chief risk officer develops a compliance operations plan that will prepare for – and stand up to – regulatory audits and reviews. A compliance expert can be essential for performing the required BSA/AML risk assessments that are required by the National Credit Union Administration (NCUA). Additionally, employing a risk or compliance officer can easily offset the financial burdens credit unions can face trying to manage regulatory issues without this expertise on staff.

Create & Enforce Internal Policies

Comprehensive policies, procedures and related controls that reflect the regulatory guidelines from the Consumer Financial Protection Bureau (CFPB), the NCUA and the Financial Crimes Enforcement Network (FinCEN) should be drafted and enforced by a credit union’s compliance department. While current mandates from the CFPB only call for examinations of credit unions with $10 billion or more in deposits, recent regulatory actions that resulted in the demise of two federal credit unions make the case for a unanimous, comprehensive response from all credit unions.

Policies and procedures for vetting accounts, currency and transaction monitoring and tracking, and suspicious activity reporting are all a part of a compliance framework that can keep credit unions operating within regulatory guidelines.

Once created, the Federal Financial Institutions Examination Council’s BSA/AML Risk Assessment is a valuable tool that can be used to quantitatively and qualitatively document a credit union’s compliance program effectiveness.

Be Proactive in Taking Corrective Action

Credit unions are now expected to self-report compliance breaches before regulatory notice is delivered. Falling short of this reporting could lead to extremely unfavorable consequences – including criminal prosecution -- for the financial institution and its risk management employees. An organized, database-driven, digital recordkeeping system is key for identifying compliance lapses, as it allows the compliance team to review each incident’s history and resolution, in addition to assisting regtech applications with identification of suspicious account activity.

A credit union’s leadership could take the approach that ‘this could never happen here,’ choosing complacency over action. This is extremely ill-advised. Implementation of these best practices in creating a robust compliance program is the highly advisable strategy for mitigating risk, protecting employees, preserving reputation, avoiding penalties and disruption of operations, and fulfilling all regulatory requirements. Here are some other ways credit unions can enhance compliance and security.

Partner with the Right Technology

The FLEX Core Processing Solution is designed with compliance top-of-mind. Workflows provide for required information and the system integrates with regulatory organizations for cross-checking and monitoring. Additionally, BSA-required reporting is automatically generated from the system. While it is each credit unions' responsibility to meet regulatory requirements, FLEX is one of the few core processors that has built-in tools to help credit unions stay compliant, at no extra cost. Read more about how FLEX can help you navigate the compliance highway by downloading our Compliance eGuide.