Five things to understand about NCUA’s ERM guidance
by. Anthony Demangone
Everything is risk management. Everything.
Do you invest in new software? Expand your branch network? Expand training?
Every decision involves some variation of a cost-benefit analysis.
That’s why I believe NCUA’s recently-issued guidance on Enterprise Risk Management (ERM) is a must read for all credit union leaders. The guidance shares a Supervisory Letter that went to all NCUA field staff. This is what an examiner will read before he or she judges your risk management efforts.
I hope that got your attention.
Here are five key take-aways.
- Your credit union does not have to implement a formal ERM framework. That being said, NCUA will expect you to have processes sufficient to manage your risk. Also, the guidance says that NCUA does not view any approach as preferable. So, if an examiner says that you should use a specific risk management system, this guidance says otherwise.
- Be smart – read their guidance and weave it into your system. NCUA does expect you to include certain ERM components into whatever risk-management system you use. They use certain words, phrases, and descriptions. Show how your risk management system hits each of the components they seek. You can find them on pages 2 and 3 of the Supervisory Letter.