Risk isn’t one-size-fits-all – but everyone can prepare

Risks for credit unions can take many forms, and it’s hard to know which risks to prioritize in one’s training schedule. Our Regulatory Compliance team talks to credit union professionals all day – and we know how varied their circumstances are. That’s why no one – not us, not the NCUA, nor anyone else – can give you a pre-fab risk management program that will solve all your risk problems.

However, we can help you figure out how to develop a program that will work for your unique situation.

I’ve learned that credit unions must take into account their special circumstances. Who are your members? What products and services do you offer? Have you updated your technology recently? What are your future plans – and how might those alter your existing risk level?

One thing every credit union can expect in this area is a risk-focused exam from the NCUA. During these exams, the examiners focus on seven risk factors: credit risk, interest-rate risk, liquidity risk, transaction risk, compliance risk, strategic risk and reputation risk. Some of these can be measured objectively, like interest-rate and liquidity risks, and others are more subjective, like compliance and reputation risks.

Something you can do to stay ahead of the game is pay very close attention to the agency’s yearly list of supervisory priorities. This past January, the agency said it would focus on fraud prevention, cybersecurity risk management, commercial lending and consumer compliance issues, among other things, in 2017.

It is paramount that credit union professionals consider these priorities in their risk management efforts. It’s like getting the answers to a test ahead of time. When the priorities come out, make sure the heads of the appropriate departments are made aware of them – you don’t have to be in compliance to benefit from knowing what the NCUA is focusing on.

Once you have that heads up, prepare like you would for any test. For instance, to prepare for the NCUA’s focus on cybersecurity, check out NAFCU’s interactive workbook tool that helps credit unions do self-assessments of their cybersecurity risk management strategies with the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool (CAT). The workbook is a self-tallying version of the CAT, which saves valuable time in the assessment process.

Another option is to attend NAFCU’s Risk Management Seminar, set for July 24-26 in Denver. The Risk Management Seminar takes a broad look at risk. The conference will offer sessions on digital threats, the latest in cyber security and how to integrate data security and cyber security with an institution’s enterprise risk management (ERM) system. It will also cover fraud analytics, regulatory ERM expectations, creating an ERM charter and working with third parties. At the end, attendees will have the opportunity to earn NAFCU Certified Risk Manager designations.

Risk is an ever-changing element of running a credit union – you can’t just “set it and forget it.” That’s why we at NAFCU want to offer you the best-specialized training available for all your risk needs, so you can find the solutions and strategies that fit your credit union best. I hope you’ll take a look at what our conference has to offer, and I look forward to seeing you in Denver.

Devon Lyon

Devon Lyon

Devon Lyon, a NAFCU Certified Compliance Officer (NCCO), was named director of education in August 2015. In this newly created position, Lyon oversees the development and administration of content for ... Web: www.nafcu.org Details