Compliance Calendar/Newsletter Archive

Compliance Calendar (Updated Monthly) 👆

‘The Update’ Compliance Newsletter Archive 👇

This Aux newsletter not only informs but also assists credit union professionals in navigating the practical aspects of compliance in their daily operations. These Q&A segments are instrumental in providing targeted, actionable advice, enhancing the newsletter’s value as a go-to resource for your compliance-related queries.

📚 Free Downloadable Content Below: Dive into our extensive collection of past newsletters, available at no cost. Each edition is a blend of technical compliance details and engaging, human-interest stories, crafted to not only inform but also to inspire. Whether you’re looking for specific guidelines or just keen to stay abreast of industry trends, our archives are your go-to resource.

💌 Exclusive Delivery for Clients: While our past newsletters are yours to explore and download freely, the privilege of receiving our latest editions directly in your inbox is exclusively reserved for our clients. As a client of Aux Compliance, you don’t just get unparalleled service; you also get real-time, up-to-date information that keeps you ahead in the compliance landscape.

👋 Become a Part of Our Community: Join Aux Compliance for exclusive access to our expert services, enriched by over 185 years of collective credit union compliance experience. With 10 team members we’re sure to make compliance a breeze for your credit union. Enjoy direct inbox delivery of our insightful newsletters to stay informed, compliant, and ahead with Aux Compliance. Let us do the hard work for you.

Select a date below to see a summary of that month’s newsletter.

  • FFIEC Guidance on Valuation/Appraisal Bias and Discrimination:
    • Emphasizes the importance of fair appraisal practices to avoid discrimination and ensure safety and soundness in mortgage lending.
  • OFAC – It’s Not Just Another 4-Letter Word:
    • Highlights the critical role of OFAC in enforcing economic sanctions and outlines the requirements for compliance, including sanctions screening and reporting.
  • Lights! Camera! Adverse Action!
    • Discusses the necessity of timely adverse action notices to applicants as per Equal Credit Opportunity/Regulation B and Fair Credit Reporting Act, and updates on regulatory addresses.
  • NCUA Explains More about 2024 Supervisory Priorities:
    • The NCUA outlines supervisory priorities similar to 2023, focusing on Credit Risk, Liquidity Risk, and risk-focused examination procedures. Key areas of examiner focus for compliance include Overdraft programs, Fair lending, Auto lending, Flood insurance policies, BSA Compliance, Cybersecurity, and Interest Rate Risk.
  • Yeah, but where does it say that in the reg?
    • Stresses the importance of consulting CFPB regulations and their commentary for clarity on complex rules, using the example of HELOCs to demonstrate how commentary can provide additional requirements not explicitly stated in the regulation itself.
  • Beyond Compliance:
    • The “Beyond Compliance” section of the newsletter introduces a monthly compilation aimed at addressing compliance-related but tangentially related issues. It covers topics such as the requirements for credit unions considered as government contractors to have written affirmative action plans if they have 50 or more employees. This section suggests consulting an HR attorney for guidance, highlighting the importance of staying informed about compliance matters that indirectly affect credit unions’ operations.
  • Ask Codee to Fetch:
    • Codee addresses queries on promotional incentives, clarifying IRS reporting requirements for rewards exceeding $600 annually and the tax implications for both referring and referred members.
  • Codee’s Marketing Corner:
    • Highlights advertising guidelines for referral promotions, specifying the need for additional disclosures if the value of the incentive exceeds $10, including terms like “annual percentage yield” and details on obtaining bonuses.
  • Upcoming Events:
    • Virtual Compliance Meetings are scheduled for April 9, July 9, and October 8, 2024.
  • NCUA Supervisory Priorities for 2024:
    • The NCUA outlines supervisory priorities similar to 2023, focusing on Credit Risk, Liquidity Risk, and risk-focused examination procedures.
    • Key areas of examiner focus for compliance include Overdraft programs, Fair lending, Auto lending, Flood insurance policies, BSA Compliance, Cybersecurity, and Interest Rate Risk.
  • Combatting Elder Financial Exploitation:
    • Credit unions are urged to understand laws regarding elder financial exploitation and develop internal protocols to prevent it.
    • Training for staff, reporting protocols, and collaboration with authorities are emphasized.
    • Aux Compliance offers a program on this subject and can provide live training on request.
  • Home Mortgage Disclosure Act (HMDA) and Regulation C Reporting:
    • The deadline for submitting 2023 HMDA data is March 1, 2024.
    • CFPB provides resources and assistance for 2023 HMDA filing.
  • New Courses in Compliance College:
    • Five new courses added, with a total of 17 credit union-specific compliance courses now available.
  • Client Feedback and Growth:
    • Aux has achieved a 94% satisfaction rating and added a new compliance specialist to its team.
  • Beyond Compliance:
    • A monthly compilation of compliance-related issues will be provided, including vendor management and tax-time questions.
  • Ask Codee to Fetch:
    • FinCEN’s final rule on Beneficial Ownership Information (BOI) registry is discussed, effective February 20, 2024.
    • Credit unions can request BOI with reporting company’s consent and must protect this information according to privacy laws.
  • Codee’s Marketing Corner:
    • Advises careful wording of advertisements for debt consolidation loan products to avoid UDAAP issues.
  • Upcoming Events:
    • Virtual Compliance Meetings are scheduled for April 9, July 9, and October 8, 2024.
  • Happy Holidays from Aux Compliance
    • In a heartfelt holiday greeting, Aux Compliance expresses deep gratitude for the trust and collaboration of their clients throughout the year, extending warm wishes for the holiday season and emphasizing the value of their partnership.
  • A Compliance Christmas Carol – An Ingenious Approach to Compliance Lessons
    • This section creatively draws parallels between “A Christmas Carol” and the evolving world of compliance, highlighting the importance of learning from compliance’s past, present, and future in an engaging manner.
  • Lessons of Compliance Past – A Historical Perspective
    • Delving into the history of significant compliance regulations, the newsletter stresses the need for vigilance and regular updates to policies and procedures, using examples like ECOA and BSA.
  • Reality of Compliance Present – Navigating Current Challenges
    • Focusing on current compliance concerns, this section underscores the importance of proactive management and staff involvement, highlighting the benefits of compliance committees.
  • Possibility of Compliance Yet to Come – Preparing for Future Changes
    • Discussing uncertainties in the regulatory landscape, the newsletter advises on staying informed and proactive, especially in areas like BSA and Fair Lending.
  • Best Practices for a Happy Ending – A Proactive Compliance Strategy
    • Recommending a proactive approach, this part emphasizes the importance of regular reviews, internal audits, and comprehensive training, concluding with an inspirational quote.
  • What’s New in Fair Lending? – Latest Developments and Risks
    • This section reports on recent DOJ resolutions and concerns about redlining, warning about risks of algorithmic bias in lending and emphasizing compliance with existing laws.
  • Unraveling the Gray Areas – Addressing Complex Compliance Queries
    • Providing insights into less-discussed areas of compliance, this part offers resources and guidance for staying updated on these crucial but often overlooked topics.
  • Ask Codee to Fetch – Clarifying Check Handling Policies
    • A Q&A addressing the term “stale-dated check,” outlining standard practices and regulatory guidelines for handling such checks in banking operations.
  • Codee’s Marketing Corner – Compliance in Marketing Promotions
    • Discussing the compliance aspects of marketing a spring Home Equity Line of Credit (HELOC) promotion, focusing on the importance of transparent and accurate disclosures.
  • Compliance Decoded: Episode 4 – A Mini-Masterclass in Compliance Leadership
    • The Aux Compliance Team discusses challenges faced by compliance officers, emphasizing the need for adaptability, continuous education, and the development of soft skills like diplomacy. The importance of building internal and external networks is also highlighted.
  • New York Law on Credit Card Rewards Points
    • Effective December 10, 2023, this law mandates specific protocols for credit unions offering credit card rewards points in New York. It includes requirements for notifying cardholders about changes to rewards programs and providing a 90-day grace period for using existing points.
  • Beyond Compliance: Unraveling the Gray Areas Updates from the National Credit Union Administration (NCUA)
    • Civil Money Penalties: NCUA will reinstate penalties for late submission of NCUA Form 5300 Call Report, effective January 1, 2024.
    • Amendments in Charitable Donation Accounts: The NCUA’s incidental powers regulation now includes 501(c)(19) veteran organizations.
    • Observation of Increased Risks: The NCUA Board noted rising liquidity, interest rate, and credit risks, particularly in larger credit unions.
  • Ask Codee to Fetch: Beneficial Ownership Information (BOI) Reporting Requirements
    • The newsletter clarifies the impact of new BOI reporting requirements on credit unions, emphasizing that there are no new obligations for credit unions in this regard.
  • Codee’s Marketing Corner: Why is it important for credit unions to be careful when using stock photos?
    • The importance of using authentic and inclusive imagery in credit union communications is stressed, in line with regulations like Regulation B, the Fair Housing Act, and the NCUA’s Nondiscrimination Rule.
  • Compliance Training Opportunities
    • Aux Compliance College and OnCourse Learning offer webinars tailored for credit union professionals, focusing on topics like professional growth, compliance, and regulatory insights. These resources are valuable for staying updated and ensuring effective compliance management.
  • 🎉 Celebrating Compliance Professionals on National Financial Crime Fighter Day
    • On October 26th, we honored compliance and A.M.L. professionals for their pivotal role in safeguarding our financial systems and members’ funds against financial crimes. 🧡
  • BSA Training Courses
    • BSA Training for:
      • Credit Union Volunteers
      • Credit Union Staff
      • Credit Union Back Office Staff
      • Credit Union Frontline Staff
      • Credit Union Lending and Collections Staff
    • Writing Effective SAR Narratives
  • Accessibility and Registration
    • Included in most “full service” compliance contracts.
    • For contract updates, contact details provided.
    • Registration process for Compliance College.
  • Additional Courses in Compliance College
    • Fair Lending for Frontline Staff
    • Fair Lending Regulations and Examinations
    • Diversity and Preventing Workplace Harassment
    • Understanding Share Insurance Coverage
    • Upcoming Courses:
      • UDAAP
      • Elder Financial Exploitation
      • Fiduciary Duties
      • Vendor Due Diligence
  • FinCEN Alert
    • Alert details and purpose.
    • Red Flag indicators to identify Hamas-related activities.
    • Guidance on analyzing red flags.
    • Reporting using specific key terms.
  • Beyond Compliance
    • Addressing questions related to borderline compliance issues.
    • Notable mentions:
      • 2024 ACH Rules and Guidelines update.
      • Handling of Representative Payee accounts.
  • Ask Codee: Regulatory Dive
    • Codee’s expertise.
    • Q&A: Compliance for Skip-A-Pay campaign.
  • Codee’s Marketing Corner
    • Marketing regulations for Credit Unions.
    • Advertisement tips for virtual platforms and printed materials.
    • Tips on advertisement audience targeting.
  • List of Upcoming Training and Events
    • Dates for upcoming virtual compliance meetings
  • Compliance Decoded: Episode 2 – Other Duties as Assigned is now live!
  • Pig Butchering Scam Alert: Our May 2023 Compliance Update highlighted the emerging virtual currency scam known as “pig butchering.” FinCEN’s latest alert (FIN-2023-Alert005) delves into the mechanics of this scam, signaling 15 unique indicators. These are categorized into:
    • Behavioral Red Flags
    • Financial Red Flags
    • Technical Red Flags
  • CFPB’s Stance on AI in Lending
  • 2024 HMDA Filing Guide: The Filing Instructions Guide for HMDA data (2024) is available for consultation. For queries, reach out to HMDAHelp@cfpb.gov.
  • Potential Government Shutdown: A federal government shutdown seems imminent as of October 1. To aid members during potential financial disruptions, Aux Compliance is set to offer expedited compliance reviews.
  • Beyond Compliance: Some topics often blur the lines with compliance, but they’re significant nonetheless:
    • The Simplified CECL Tool is designed mainly for credit unions (under $100 million assets). Ensure you’re using NCUA’s latest version.
    • NCUA Board’s latest rule pertains to loan participations and eligible obligations. Though they provide more flexibility, the changes are not considered major.
  • Ask Codee: Codee has a knack for decoding federal regulations, answers: Q: Corporate Transparency Act (CTA) compliance – What is it?
  • Codee’s Marketing Tips Q: Are special ad categories on social media platforms essential for ads not directly related to financial services? A: It’s advisable to categorize ads under special ad categories like ‘Credit Opportunities.’ This prevents potential disruptions from automated flags, ensuring your ad reaches the target audience without hiccups.
    • For a comprehensive social media strategy, consider Aux’s Marketing Services.
  • Upcoming Training & Events:
    • Redboard Credit Union Audit Software Case Study
    • Compliance Training: Compliance College and OCL
  • Virtual Compliance Meetings:
    • October 10, 2023
    • January 9, 2024
    • April 9, 2024
    • July 9, 2024
    • October 8, 2024
  • For an in-depth understanding of the above, delve into our detailed September 2023 Compliance Update…
  • Compliance Decoded for Credit Unions: Short, Digestible Podcasts
    • No time to sift through all the details? We’ve been in your shoes. Let Aux navigate the intricate world of compliance for you in our concise podcast episodes. We’ll cut through the noise and deliver only what you need.
  • NCUA’s Cyber Incident Reporting Rule: What You Need to Know
    • Effective from September 1, 2023, all FICUs are mandated to report significant cyber incidents within 72 hours. This includes threats that jeopardize information systems. A comprehensive breakdown, including reporting details and next steps, can be found [here].
  • NCUA Bylaws: The Green Light on Member Expulsion
    • As of August 25, 2023, Federal credit unions can modify their bylaws to include the new expulsion procedure. Remember to revise your policies, keep members informed, and train your staff. Dive deeper into the July 2023 Aux Compliance Update and mark your calendar for the October Virtual Client Meeting.
  • Bank Secrecy Act/Anti-Money Laundering Manual: What’s New?
    • The FFIEC has restructured some sections of the BSA/AML Manual for more clarity. These changes are about transparency and ensuring risk-focused examination work. [Find detailed updates here.]
  • Beyond Compliance: Keeping an Eye on the Peripheral
    • Every month, we’ll shed light on topics that are related but not directly within the compliance realm:
  • Contingency Funding Plans:
    • NCUA and other financial bodies stress the importance of actionable contingency funding plans. [Details in NCUA’s Letter to Credit Unions 23-CU-06].
  • CFPB on Digital Marketing Providers:
    • Digital marketers now come under federal consumer financial protection law. [Read more here].
  • Ask Codee to Fetch: Your Compliance Questions Answered
    • Wondering about the cyber incident reporting criteria? Err on the side of caution and reach out to NCUA. They’ll guide you on the right path.
  • Codee’s Marketing Corner: Share Certificate Promotions
    • Promoting share certificates? Here are the essential disclosures for both in-branch and external advertisements. For billboard advertisement guidelines, refer to the July 2023 Compliance Update.
  • Success with Redboard: A Case Study
    • Explore how Credit Union of the Rockies revamped its audit and compliance process using Redboard. Witness their journey from manual challenges to automated efficiency [in this success story].
  • Celebrate National Compliance Officers Day on September 26
    • Celebrate the unsung heroes – Compliance Officers! Use #ComplianceOfficerDay to honor their dedication and diligence.
  • Ongoing Compliance Training Opportunities
    • Dive deep into BSA with Kristen and GoWest
    • Enhance your knowledge at the Compliance College
    • Explore courses at OCL
  • Podcast Announcement:
    • Aux’s new podcast, “Compliance Decoded for Credit Unions,” is set to help credit union executives navigate the complicated world of credit union compliance. Tune in for bite-sized, digestible conversations presented by compliance experts.
  • Compliance Calendar July 2023:
    • Remember to download the compliance calendar to get access to all hyperlinks.
  • Final Rule on Member Expulsion:
    • NCUA Board has adopted a new rule implementing the Credit Union Governance Modernization Act of 2021, changing how federal credit unions can expel members. More details will be provided at the next Virtual Client Meeting on October 10.
  • Annual Report of Blocked Property:
    • Deadline for filing the 2023 Annual Report of Blocked Property is September 30, 2023. All holders of blocked property need to submit a comprehensive list.
  • Compliance Training with Codee, the Compliance Corgi:
    • A set of 10 compliance training programs have been made available, with topics ranging from BSA training to diversity and harassment prevention in the workplace.
  • Beyond Compliance:
    • This feature brings attention to compliance-related issues and news outside the core area. This month, be aware of the launch of FedNow® Service for instant payments and resources available to combat ransomware.
  • Ask Codee:
    • The monthly compliance Q&A is now handled by Codee. This month’s question focuses on the closure of membership due to fraud.
  • Advertising on Billboards:
    • Clarity provided on requirements for advertising on billboards for both share and loan accounts.
  • Webinars for Credit Unions:
    • Stay informed with live and OnDemand webinars on essential compliance, regulatory, and professional development topics. Our partner, OnCourse Learning, helps manage the complexity of these topics.
  • 2023 Virtual Compliance Meetings:
    • Next meeting is scheduled for October 10.
  • Client Portal Reminder:
    • Keep the client portal access up-to-date. If an employee with portal access leaves, please reach out to remove their access.

Topics Preview:

  • Navigating the Challenges of Compliance
    • Aux aims to simplify back-office processes for credit unions, allowing clients to focus more on serving their members. We’re opening the floor for clients to share their biggest hurdles in compliance and ways we can better assist them in our upcoming Virtual Client Meeting…
  • Meet Our New Compliance Specialist:
    • Sara Lindsey We’re delighted to announce the transition of Sara Lindsey from Office Manager to our Compliance Team. Bringing a wealth of knowledge from her diverse background in various support roles, she’s a fantastic addition to our team…
  • Chatbots in Consumer Finance:
    • Balancing Efficiency and Risk The Consumer Financial Protection Bureau (CFPB) has recently highlighted the potential legal, compliance, and reputation risks associated with the use of chatbots in consumer financial services. We delve into these challenges and what they mean for credit unions…
  • Cyber Incident Reporting:
    • New NCUA Requirements From September 1, 2023, credit unions will need to alert the National Credit Union Administration (NCUA) within 72 hours of a potentially disruptive cyberattack. We explore what this means and how to prepare for the changes…
  • Navigating Post-COVID Compliance
    • With the federal government’s COVID-19 public health emergency officially over, the National Credit Union Administration (NCUA) has rescinded most of its pandemic-related guidance. We are working on compiling a comprehensive list to keep you updated…
  • Beyond Compliance:
    • Unraveling the Gray Areas Just as in previous months, we’re here to keep you updated on compliance-adjacent topics that may not directly fall under our purview but are crucial for you to be aware of…
  • Ask Maddaux
    • One of our clients recently expressed concerns over the Office of Foreign Assets Control (OFAC) retiring their FTP server, which they use to automate Specially Designated Nationals (SDN) list data downloads. What does this change mean for them?
  • Penny’s Marketing Corner:
    • Navigating Regulation Z In a recent website review, we were informed of the need to include payment examples in some lending disclosures. When are payment examples mandatory under Regulation Z, 12 CFR 1026.24(d)(1)?

Topics Preview:

  • Electronic Signatures
    • Electronic transaction processing is practically a requirement for credit unions of all sizes and levels of complexity. In our modern fast-paced financial services environment, consumers expect instant answers, immediate availability, and same day processing of even detailed and complex lending transactions. Whether your credit union is a seasoned electronic services veteran or just now considering accepting electronic signatures, here are some things to consider and review…
  • A Fresh Look at Elder Financial Abuse
    • As Older Americans Month (May) draws to a close and World Elder Abuse Awareness Day (June 15) approaches, we want to draw your attention to the many helpful resources available to you and your members through AARP® and the Consumer Financial Protection Bureau (CFPB)…
  • Pig Butchering – As devastating as it sounds
    • Pig butchering is a relatively new scam that highlights the need for heightened fraud awareness. It includes a sophisticated new twist that combines a romance scam with an investment spin. There is also an element of people trafficking and modern slavery. According to the Federal Bureau of Investigation (FBI), the term “pig butchering” refers to a contact intensive process to fatten up the prey before slaughter…
  • Small business lending collection and reporting requirements
    • As reported in the April Update newsletter, the Consumer Financial Protection Bureau (CFPB) has amended Regulation B to implement changes to the Equal Credit Opportunity Act (ECOA) made by section 1071 of the Dodd-Frank Act. The small business lending rule requires financial institutions, including credit unions, to collect and report data about credit applications for small businesses…
  • Beyond Compliance: Unraveling the Gray Areas
    • We often get questions or see news about topics that are related to compliance, but not quite in our wheelhouse. While we can’t always help with those tangentially related issues, we can help you keep track of them and find the answers you’re looking for. Each month, we’ll compile a list of items you may need to be aware of…
  • Ask Maddaux
    • Recently, a member called and was pressuring us to honor a rate that appeared in an older blog on our website but is no longer available. We need to add a disclosure at the bottom of all our blog posts to make it clear to readers that rates shown may no longer apply. Any thoughts?
  • Penny’s Marketing Corner: Shared Branching Awareness Week 2023
    • We would like to send a letter to our current credit card holders to encourage them to use their card on their summer vacation. What disclosures are required?

Topics Preview:

  • Consumer Financial Protection Bureau (CFPB) issues two Final Rules
    • On March 30, 2023, the CFPB issued the long-awaited small business lending rule, which implements the small business lending data collection requirements set forth in section 1071 of the Dodd-Frank Act (Section 1071) of 2010. The new rule amends Regulation B but the electronic code of federal regulations had not been updated as of this writing…
  • Contact Information Updated in Multiple Regulations
    • A Final Rule issued by the CFPB in March corrects and updates the contact information of multiple Federal agencies found in Regulations B, E, F, J, V, X, Z, and DD (not applicable to credit unions). A full version of the rule can be found here. Most notably, this update applies to Federal agency contact information that must be provided with Equal Credit Opportunity Act (ECOA) adverse action notices and the Fair Credit Reporting Act (FCRA) Summary of Consumer Rights…
  • 2020 Bylaw Amendments
    • During a website compliance review you may be asked whether your federal credit union has adopted the NCUA 2020 Bylaw Amendments. The Amended Bylaws require credit unions to post their bylaws on their websites, although they can be posted on a “members only” section of the site, such as Online Banking.  If you have not adopted the Amended Bylaws, or opted not to adopt the relevant section, you are not required to post your Bylaws online. We know that every Compliance Officer loves a good citation, so here is a link to the Amended Bylaws.  See Article XVI, General, Section 6, “Availability of Credit Union Records” on page 25 of the linked PDF…
  • HMDA: Getting It Right!
    • The updated 2023 A Guide to HMDA Reporting: Getting It Right! is now available on the FFIEC HMDA website . This Guide is a valuable resource for assisting all institutions in their HMDA reporting. It includes a summary of responsibilities and requirements, directions for assembling the necessary tools, and instructions for reporting HMDA data.
  • Ask Maddaux
    • We’ve been asked by a local citizens group to consider accepting privately minted fine-silver coin rounds for deposit to “help [our] members have dollars that are based in REAL-VALUE and offer an excellent hedge against the current wave of rising prices caused by the inflation of the U.S. dollar by the Federal Reserve System and the U.S. Congress.” Can we decline the acceptance of privately minted coins based on our federally insured status?
  • Penny’s Marketing Corner: Shared Branching Awareness Week 2023
    • Today, there are over 4,700 credit unions, each with a unique member base, services, branding, and origin story. Each of these credit unions is different, but in one key aspect, they are the same. The original idea of providing working-class people with a savings haven allowed members to better prepare for the future. This idea is at the core of shared branching, as the service helps expand the credit union footprint and, most importantly, eases member account access. To highlight this collaborative advantage, InNetwork (Aux’s sister CUSO) will be participating in Shared Branching Awareness Week (May 22–26), which is fast approaching. If you’re not familiar with the week, the purpose is simple: Shared Branching Awareness Week is a nationwide initiative for credit unions to easily promote the service of cooperative branching to their members.

Topics Preview:

  • Share Insurance Coverage Review
    • The collapse of Silicon Valley Bank and others in March 2023 has led to concern about share insurance coverage of accounts in credit unions. Aux clients are sharing that members with more than $250,000 in deposits are worried about whether their funds are fully insured. So, we thought it was a good idea to provide a share insurance coverage overview…
  • CFPB examiners target “junk fees”
    • Earlier this month, the Consumer Financial Protection Bureau (CFPB, Bureau) released a special edition of its Supervisory Highlights focusing on what the Bureau calls “junk fees.” Such unlawful fees can be seen in all areas of banking: deposit accounts, lending and servicing of mortgages, student loans, and other loans.
      Following are the CFPB examiners’ findings regarding deposit accounts…
  • Relief for reporting RMD distributions in 2023
    • The IRS has made some changes to the reporting of required minimum distributions (RMDs) for Individual Retirement Accounts (IRAs) in 2023. The changes are pursuant to enactment of the SECURE 2.0 Act of 2022, which delayed the required beginning date for RMDs. IRS Notice 2023-23 provides guidance to financial institutions for the 2023 RMD change…
  • Relief for reporting RMD distributions in 2023
    • In late February, the Financial Crimes Enforcement network (FinCEN) issued FIN-2023-Alert003 notifying financial institutions of the rise of check fraud schemes perpetrated via regular mail.
      Fraud, including check fraud, is the largest source of illicit proceeds in the United States and is one of the most significant money laundering threats. According to the alert, credit unions should
      be vigilant and report fraudulent activity.
  • Ask Maddaux
    • Question: Dear Maddaux, how can I see our credit union’s HMDA LAR information for 2022?
  • Penny’s Marketing Corner: Fairness in Marketing – Staying alert to the Potentially Unfair or Deceptive – Part 2
    • Reduce UDAAP risk by using clear, understandable marketing language. Statements should not be untrue or misleading. Let’s look at some common advertising pitfalls and examples of why they’re risky…

Topics Preview:

  • CFPB: Reportable HMDA Data
    • The annual filing period for Home Mortgage Disclosure Act (HMDA) data collected in 2022 is now open. Submissions of 2022 HMDA data will be considered timely if received on or before March 1, 2023. Information on preparing the HMDA Loan Application Register (LAR), can be found…
  • Cyber Incident Reporting Requirements
    • On February 16, 2023, the National Credit Union Administration (NCUA) Board approved a final rule on cyber incident reporting requirements. The rule provides for high-level early warning
      notification that will enable the NCUA to “work with other agencies and the private sector to respond to cyber threats before they become systemic and threaten the broader financial services
      sector,” according to…
  • Monday.com Tips and Tricks
    • The Monday.com platform has really streamlined the work we do together on compliance reviews and assessments. This month’s tip is about getting started in the platform: Prior to the scheduled start date of your first review, you will receive (or have received) an email invitation to join the Compliance Document Center board in Monday.com…
  • Penny’s Marketing Corner: Fairness in Marketing – Staying alert to the Potentially Unfair or Deceptive
    • While technical compliance with laws and regulations for financial services advertising is fairly straightforward, “fairness compliance” is not always so clear. What is fair? What is misleading? Although the CFPB has rule-making authority for the Unfair, Deceptive, or Abusive Acts or Practices Act (UDAAP), they have chosen not to issue any implementing regulations. In determining whether the message is likely to mislead, marketing and compliance
      professionals should consider the following…
  • Ask Maddaux
    • Question: When we deny a loan application because the applicant isn’t a member of the credit union or even eligible for membership, do we have to send an Adverse Action Notice (AAN)?
  • What’s on your quality control wish list?
    • Imagine there’s a program that could optimize your quality control responsibilities. Thankfully, our partner Redboard is working to do just that—solve quality control issues, whether you’re in compliance, accounting, marketing, or a different department. We’d like to hear what your biggest struggles are when it comes to quality control.

Topics Preview:

  • NCUA Supervisory Priorities for 2023
    • The National Credit Union Administration (NCUA) has issued Letter 23-CU-01 to federally-insured credit unions, outlining the agency’s supervisory priorities for the new year. It includes bits about Interest Rate and Liquidity Risk, as well as CECL and a few other things that only accountants understand. Of interest to compliance professionals…
  • We Are Growing! Meet Barbara Silva
  • Client Satisfaction Surveys Complete—Thanks for Your Feedback!
    • Thank you to everyone who completed our 2022 Compliance Client Survey! Our goal continues to be superior regulatory compliance services at competitive pricing, and your comments show we are succeeding. We are pleased to announce our overall satisfaction rating for 2022 was 92%! In 2022 we welcomed 13 new compliance clients…
  • Monday.com Tips and Tricks
    • Thank you all for your cooperation and participation in our shift to Monday.com as our secure platform for conducting compliance reviews and responding to your questions. NOTE: The old CUSN Portal has been disabled. If you need a document related to a past compliance review, please reach out to Jason Clarke or Imani Najee-Ullah.
    • We have received some questions related to the compliance review workflow in the Compliance Document Center. We’ve put together some tips and tricks to help you get the most out of Monday.com…
  • Penny’s Marketing Corner:
    • Your compliance team focuses a lot on Unfair, Deceptive, and Abusive Acts and Practices (UDAAP). This is because of the risk of significant fines and penalties which can be levied against a credit union found to be engaging in these practices. We know credit unions are mindful of this and most have internal procedures meant to identify and correct UDAAP issues. One way of monitoring potential UDAAP violations is via the credit union’s social media accounts…
  • Ask Maddaux
    • Question: Our member’s property is in a flood zone. They have a barn and several smaller storage sheds behind their house. Do they have to maintain flood insurance on those detached structures?
  • Penny’s Marketing Corner
    • “accessiBe,” a leading website accessibility solution for ADA compliance, is now offered to Aux Compliance clients at a discount from our partner, Ironistic. This AI-powered web accessibility solution allows users to adjust their personal experience with your website on their own screens, based on specific needs (for example, visual impairment, cognitive disability, etc.) and is compliant with WCAG, ADA, and other accessibility legislation. Find out how to redeem your trial and discount.

Topics Preview:

  • Happy New Year From Aux Compliance
  • HMDA Reporting Threshold – Closed-end Mortgages
    • The CFPB has issued what they are calling a “technical amendment” to address the US District Court’s ruling that vacated the 2020 HMDA rule increase in the loan volume reporting threshold for closed-end mortgages. The loan volume threshold for determining if a credit union must report closed-end mortgage loans, assuming the CU meets all of the other criteria, for data collection in 2023 reverts to the 2015 threshold…
  • California Auto Lending Regulations May Affect Your Credit Union!(Even if you’re not in California)
    • As recently reported in the Credit Union Times, regulatory changes in California could affect your auto lending programs – particularly the sale and financing of Guaranteed Asset Protection
      (GAP) waivers…
  • Ask Maddaux:
    • Question: We have a new loan origination system, and when we onboard a new account that is requesting a loan the potential member is sending over their ID. Is this an issue to have the ID
      potentially in the lending system?
  • Penny’s Marketing Corner:
    • Your compliance team focuses a lot on Unfair, Deceptive, and Abusive Acts and Practices (UDAAP). This is because of the risk of significant fines and penalties which can be levied against a credit union found to be engaging in these practices. We know credit unions are mindful of this and most have internal procedures meant to identify and correct UDAAP issues. One way of monitoring potential UDAAP violations is via the credit union’s social media accounts…

Topics Preview:

  • Happy Holidays From Aux Compliance
  • A New Secure Portal: Monday.com Tips and Tricks
    • Do I have to use the Compliance Support Request Form?
    • Will I be able to use Monday.com to access the questions I submit and the answers or revised documents from Aux?
    • I’m working with Aux to complete a compliance review. What is the process for downloading and uploading documents?
    • Will Aux keep the documents I submit and the reports produced for each review in Monday.com?
  • CFPB Guidance on Unanticipated Overdraft Fee Assessment Practices
    • In October, the CFPB issued Consumer Financial Protection Circular 2022-06, detailing why the Bureau considers some overdraft fees as potentially “unfair” under Unfair, Deceptive, or Abusive Acts or Practices (UDAAP). The fees noted in the circular are what the Bureau calls “surprise fees,” including overdraft fees charged when a consumer had enough money in their account to cover a debit charge at the time the financial institution authorized but there was not enough money in the account to cover the debit when it actually hit the account…
  • Ask Maddaux: Negative Information Notice Under FACT Act
    • Question: A member was delinquent two months ago on their loan with our credit union. We sent the member a notice advising that we had reported the delinquency to a Consumer Reporting Agency (CRA). The loan is delinquent again. Do we need to notify the member each month that we are reporting negative information or is one time sufficient?
  • Penny’s Marketing Corner:
    • Credit Union Compliance Officer (shaking fist at the sky): What is it with credit unions and postcards?!? I get prescreened offers from banks all the time and they’re always in sealed envelopes!
    • postcards are also a compliance nightmare. Much like social
      media, they are visible to the public and there is limited space for disclosures. Consider these messages that we’ve seen on postcards…
  • Webinar Archive Now Open!
    • Do you have a hard time fitting webinars into your schedule? Not to worry, you can now watch select webinars in our online archive. We’ll continuously add new webinar recordings, so make sure to check back in from time to time
  • Redboard Case Study (Spectra Credit Union):
    • Spectra Credit Union controls more than $500m in assets and is growing quickly. Yet despite their small team size, the credit union is now addressing risks and regulatory issues like an institution twice their size…

Topics Preview:

  • Celebrating Financial Crime Fighters
    • Aux Compliance is giving away a free copy of Financial Crime Fighter – Book of Mentors by Tadeo (Jun) Claravall. 
  • OFAC Sanctions Compliance Guidance for Instant Payment Systems
    • The Office of Foreign Assets Control (OFAC) has issued
      guidance
      on how financial institutions can approach OFAC compliance related to transactions processed by instant payment systems. The high velocity of instant payments, along with increasing values and volumes of such payments, have led to questions about how best to implement sanctions compliance measures. The guidance provides an overview of the types of instant payment systems, some of the risks inherent in those systems, and this piece of advice…
  • FFIEC Announcement 2022-01: Update to Cybersecurity Resource Guide forFinancial Institutions
    • The Federal Financial Institutions Examination Council, on behalf of its members, released an update to the October 2018 Cybersecurity Resource Guide for Financial Institutions. The updated resource guide now includes ransomware-specific resources to address the ongoing threat of ransomware incident and outlines resources to assist financial institutions in strengthening their resilience to cyber threats.
    • The new ransomware resources are…
  • A New Secure Portal: Monday.com
    • The Aux Compliance Team is excited to announce that we are moving to Monday.com forsupport requests, as well as all communications and documentation related to compliancereviews and tests.
    • We are contacting all current clients with access and use instructions for our ComplianceDocument Center, where we will conduct secure file sharing related to compliance reviews.
  • Ask Maddaux: Did the HMDA rules just change again?!?
  • Penny’s Marketing Corner:
    • Compliance Officer: You need to add these disclosures to your event flyer.
    • Marketing Officer: But it isn’t an advertisement! It’s just an invitation to attend.
    • Compliance Officer: I know, but… 😐
  • Webinar Archive Coming Soon!
    • We’ll be adding a webinar archive to our website so you can view past webinars on your own time.

Topics Preview:

  • Celebrating Compliance Officers
    • September 26, was National Compliance Officer Day. We asked our social media followers how they would describe compliance officers.
  • SAR Narrative Tips from Law Enforcement (blog)
    • If you struggle with how to strike the right balance in writing a SAR narrative, you’re clearly not alone. So how do you go from Zero to Hero? Easy! Read tips that the Aux Compliance Team has gleaned from meetings with regulators and law enforcement officials over the years…
  • Qualified Mortgage Rule Change effective October 1
    • In December 2020, the CFPB issued a rule to change the definition of a General Qualified Mortgage from a debt to income (DTI) ratio-based determination to a loan pricing determination. APR must not exceed the Average Prime Offer Rate (APOR) for a comparable transaction by more than 2.25 – 6.5 percentage points (depending on the amount of the loan) as of the date the rate is set.
    • The new rule is effective October 1, 2022. If you’ve not done so already, consider taking the following steps as soon as possible…
  • Additional resources
    • QM definition change compliance date
    • Ability to Repay/Qualified Mortgage Rule text
    • QM definition change final rule
  • COMING SOON! A NEW SECURE PORTAL
    • In the coming months, we will be transitioning from our current proprietary portal to a portal hosted by Monday.com. The new portal will allow easier access for all your team members while
      still protecting your credit union data.
  • Upcoming Webinars: Redboard—Oct. 14 & 28, Hawk:AI—Oct. 20
    • Register for this webinar to learn how using Redboard®️ and Aux®️ together to take your compliance operations to the next level.
  • Ask Maddaux: People don’t understand what “share accounts” and “share certificates” are. Why can’t we call them deposit accounts and certificates of deposit?
  • Penny’s Marketing Corner:
    • Serving Members with Limited English Proficiency (LEP)
    • In order to reach and help members who do not speak English as their primary language, many credit unions are considering or are already providing foreign language advertisements and disclosures. While we applaud this effort to include all eligible members, we want to remind you that there are regulatory requirements to consider and that, if you’re not careful, using foreign language may do more harm than good.
    • Some requirements to keep in mind…

Topics Preview:

  • Two Cautionary Tales – Take Heed! Redlining – Trimark Mortgage Company ordered to pay $22 million
    • Distributing racist language and messages about certain neighborhoods…
    • Avoiding sending its loan officers to market to majority-minority neighborhoods…
    • Developing marketing campaigns and advertisements that discouraged and ignored minority mortgage loan applicants
  • False Accounts – U.S. Bank ordered to pay $37.5 million
  • ESIGN Computer Requirements
    • When was the last time you reviewed the hardware and software minimum requirements in your ESIGN disclosure?
  • Aux and HAWK:AI form partnership to bring compliance services to U.S. credit union market.
  • Ask Maddaux Question: We have system generated checks such as Accounts Payable checks to pay our vendors, etc. There are also IRA distribution checks that are auto-generated and not manually input by a staff member. Do these checks need to be included on our Monetary Instrument Log?
  • Penny’s Marketing Corner: Appearance of discrimination, a credit union’s marketing and advertising…

Topics Preview:

  • FOMO vs Safety and Soundness
    • Digital Assets Providers – NCUA Letter 21-CU-16
    • Customer Due Diligence – Joint Agency Statement
    • Key Takeaway
  • Cyber Incident Notification Requirements – Proposed Rule
  • Tricks of the Trade—Post-Exam Actions
  • A Free Masterclass for Credit Union Audit Professionals
  • Ask Maddaux: Can a mortgage loan be granted to a trust account?
  • Penny’s Marketing Corner: Most credit union marketers have experienced the heartache of having their perfectly crafted
    messages “ruined“ by their legal or compliance teams. Those pesky disclosures are a real buzz kill…
  • Free Whitepaper Download: Marketing Compliance and Social Media Best Practices

Topics Preview:

  • “No surprises” is a great motto for a Compliance Department (blog)
  • FinCEN Advisory on Elder Financial Exploitation
    • On June 15, World Elder Abuse Awareness Day, the Financial Crimes Enforcement Network (FinCEN) issued Advisory FIN-2022-A002…
  • CFPB Guide to Home Mortgage Disclosure Act (HMDA) Analysis
    • A Beginner’s Guide to Accessing and Using Home Mortgage Disclosure Act Data
  • Ability to Repay (ATR) Safe Harbor
    • As a reminder, the mandatory compliance date for the new qualified mortgage rules is October 1, 2022.
    • The Regulation Z definition of a qualified mortgage (QM) has been amended
  • 💡 New to compliance? Need a refresher? Coaching for BSA and Compliance Officers
    • Job-specific compliance training for new managers and other noncompliance positions with compliance responsibilities. We will work with you one-on-one to provide an overview of regulations applicable to the position or in-depth training on one specific
      aspect such as error resolution processes…
  • Website Accessibility Special Offer for Aux Compliance Clients
  • You can receive a free 30-day free trial of accessiBe, so you can see first-hand how it works, and receive 5% off the list price through our partnership with Ironistic.
  • Ask Maddaux: A member of ours has a 16-year-old daughter who recently inherited a significant amount of money but is not allowed to access the funds for five years. What type of account is best for handling this?
  • Penny’s Marketing Corner: A few cautionary notes about sponsorships

Topics Preview:

  • June is Elder Abuse Awareness Month
    • World Elder Abuse Awareness Day is quickly approaching. Each year on June 15, international and government agencies as well as private organizations bring awareness to the exploitation that many elderly and at-risk people experience…
  • OFAC Website – Updating SSL Certificates – IMMEDIATE ACTION NEEDED
    • The Office of Foreign Assets Control has published this technical notice for users of its website and sanctions list data files
    • Failure to act on the advice provided in this notice may prevent
      SDN (and other list) screening systems from properly updating.
  • Fair Lending Update
    • Continues to protect borrowers after they have applied for and received credit…
    • Requires lenders to provide “adverse action notices” to borrowers with existing credit…
    • The CFPB also recently issued its annual fair lending report covering its fair lending activity in 2021…
  • Flood Insurance Q&As Updated
    • On May 11, 2022, five federal regulatory agencies including the NCUA released revised Interagency Questions and Answers Regarding Flood Insurance. The document supersedes previously published Q&As and reflects significant changes to the flood insurance requirements
      made by federal law in recent years.
  • Satisfy Credit Union Compliance Needs Despite Limited Resources
    • As your credit union grows, so do your risks. To keep up, your audit and compliance operations must do more. Hear from three credit unions that optimized their audit processes to be more disciplined and efficient.
  • Ask Maddaux: Dear Maddaux, we have an accountholder wishing to send a wire to a recipient in a foreign country. We only send wires through the Fedwire Service. Are we exempt from following the CFPB’s Remittance Transfer Rule?
  • Penny’s Marketing Corner: We are often asked if we can provide a checklist or ‘cheat sheet’ for marketers to look up the disclosures that are needed for each different advertisement. Learn about the importance of sharing your marketing materials with your compliance department…

Topics Preview:

  • The Fine Art of the Regulatory Compliance Review (blog)
    • The Japanese art of kintsugi repairs broken items by fusing the pieces back together with gold. The process restores the strength of the original, with added beauty. The “new” piece shines with the pride of conquered adversity.
  • Medical Debts to be Dropped from Credit Reports
    • The “Big 3” credit bureaus – Equifax, Experian, and Transunion – have announced they will be removing a significant amount of medical collection debt from consumer credit reports, beginning July 1, 2022. According to a recent report from the CFPB, medical debt is the most common collection type reported to credit bureaus but is of questionable value for underwriting purposes…
  • Home Mortgage Disclosure Act (HMDA)
    • Credit unions that are subject to HMDA filing requirements take note: The FFIEC has announced that the 2021 HMDA Modified Loan Application Registers (LARs) have been released by the CFPB and are available on the HMDA Platform.
  • Ask Maddaux: Dear Maddaux, We have a credit applicant who is currently on maternity leave. She says she’ll be going back to work soon, but how can we be sure? I learned in fair lending training that we shouldn’t ask about it, but my manager says it’s too risky. What can we do?
  • Penny’s Marketing Corner:
    • The Department of Justice has released additional Guidance on Web Accessibility and the ADA that describes how state and local governments and businesses open to the public can make sure that their websites are accessible to people with disabilities as required by the Americans with Disabilities Act (ADA)
    • The guidelines are clear that Web Content Accessibility Guidelines (WCAG) apply only to the agencies of the federal government. Credit unions are not required to meet those standards. However, you still must ensure that the programs, services, and goods that you provide to the public—including those provided online—are accessible to people with disabilities.

Topics Preview:

  • War in Ukraine
    • Russian Sanctions
    • Cyber Security
    • OFAC is constantly updating their sanctions lists. You should make sure your sanctions filters/monitoring software is updating in real time and review your screening processes. You may need to increase the frequency of OFAC scans against your member database…
    • Access the NCUA’s Automated Cybersecurity Evaluation Toolbox and other Cybersecurity Resources…
  • Credit Union Governance Modernization Act (CUGMA)
    • CUGMA amends the Federal Credit Union Act (FCU Act) to allow greater flexibility for FCUs to expel problematic members. Currently, credit unions dealing with members that commit fraud or who engage in violent, disruptive, or belligerent behavior can only expel those members following a 2/3 vote of the membership at a special meeting. CUGMA will allow FCUs to expel problematic members “for cause” by just a 2/3 vote of a quorum of the FCU’s board of directors.
    • Although CUGMA became law on March 15, 2022, FCUs cannot begin to use its new expulsion procedures until NCUA has adopted certain rules and policies required under CUGMA.
  • Fair Lending Violations
    • NCUA recently issued Letter to Credit Unions 22-CU-04 to remind credit union Boards and CEOs of the Equal Credit Opportunity Act’s (ECOA) nondiscrimination requirements. The letter highlights five fair lending risk areas of ongoing concern: marital status, age, income consideration, redlining, and indirect lending…
  • Unfair Discrimination – Not Just a Fair Lending Issue
    • The Consumer Financial Protection Bureau (CFPB) recently announced their position that unfair discrimination can occur in any area of business, including in situations where fair lending laws may not apply.
    • Accordingly, the CFPB has updated their exam manual for evaluating UDAAPs and will closely examine financial institutions’ decision-making in advertising, pricing, and other areas to ensure
      that companies are appropriately testing for and eliminating illegal discrimination across the board.
  • CAMELS Rating System Effective April 1, 2022
    • NCUA Letter to Credit Unions 22-CU-05 includes attachments that explain each component of CAMELS in detail and address common questions regarding the CAMELS Rating System.
  • Ask Maddaux: Dear Maddaux, I’m confused. Does Reg CC apply to Remote Deposit Capture? My vendor says it does, but I went to training where they said it doesn’t.
  • Penny’s Marketing Corner:
    • If your multiple common-bond federal credit union plans to add groups or underserved areas, you’ll be happy to know that the NCUA has amended the definition of “service facility” to include shared locations, regardless of whether the federal credit union has an ownership interest.
    • The requirements for a shared location to qualify as a “service facility” are different depending on the group or area you wish to add.
    • Read more about the Final Rule on Definition of Service Facility in NCUA’s Letter to Credit Unions 22-FCU-02…

Topics Preview:

  • CFPB Updates Regulation E Frequently Asked Questions
    • A full list of FAQs is provided
    • The new FAQs clarify, in the “Transactions” section, that P2P
      payments can be considered Electronic Funds Transfer (EFT) transactions under Regulation E, and states that “any P2P payment that meets the definition of EFT is covered by the Electronic
      Fund Transfer Act (EFTA) and Regulation E.”
    • FAQs address credit unions’ obligations relating to unauthorized EFTs when those transactions have been identified as P2Ps.
  • Military Lending Act Anticipated Update
    • The Military Lending Act (MLA) provides special protections for active duty servicemembers like capping interest rates on many loan products.
    • A frequent question that comes up is which lending products are covered by the MLA. The consumer credit products covered when offered to active-duty servicemembers and their covered dependents include, but are not limited to…
  • Ask Maddaux: Why should we remind members that their cell phone carrier might charge them if they use our mobile app or text messaging service, if our app is free and we are not the ones charging them?
  • Penny’s Marketing Corner:
    • CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for commercial messages, and gives recipients the right to ask that you stop emailing them. It also
      has tough penalties for violations. This law has a few components you can follow in order to remain in compliance (see #5 for opt-out information)…

Topics Preview:

  • Thanks for participating in our Compliance Client Survey!
    • Aux scored an overall satisfaction rating of 93%
  • NCUA Supervisory Priorities for 2022
    • This month, the National Credit Union Administration (NCUA) issued Letter 22-CU-02 to federally-insured credit unions, outlining the agency’s supervisory priorities for the new year.
    • Credit Risk Management
    • Information Security (Cybersecurity)
    • Bank Secrecy Act Compliance and Anti-Money Laundering/Countering the Financing of Terrorism
    • Capital Adequacy and Risk-Based Capital Rule Implementation
    • Loan Loss Reserving: NCUA examiners will be evaluating the adequacy of credit unions’ Allowance for Loan and Lease Losses (ALLL) accounts by reviewing…
    • Consumer Financial Protection: The NCUA will continue to examine compliance efforts as they relate to risk, each credit union’s
      compliance record, products and services provided, and any concerns. The agency will prioritize trends in violations it has identified during the course of examinations and member
      complaints. Focus areas will include…
    • Loan Participations
    • Fraud
    • London Inter-Bank Offered Rate (LIBOR) Transition
    • Interest Rate Risk
    • NCUA Connect & MERIT: In 2022, NCUA examiners will use the Modern Examination and Risk Identification Tool (MERIT) which was introduced in 2021. The NCUA has allocated time for examiners to work with credit unions on how to use these new tools.
    • CAMELS Update: In October 2021, the NCUA Board added the “S” component (Market Sensitivity) to the rating system Capital Adequacy, Asset Quality, Management, Earnings, and Liquidity/Asset-Liability Management (CAMEL), thus making it CAMELS…
  •  Ask Maddaux: We are a community charter. If one of our existing members moves to another state which is not within our field of membership, can we open a mortgage loan for her?
  • Penny’s Marketing Corner:
    • If you have ever sent us an ad for a home loan, it is likely that you have received a recommendation to include an Equal Housing Opportunity or Equal Housing Lender statement
      or logo on the ad itself. Furthermore, it is likely that we have said that if the logotype is used, it must be large enough to be clear and easily readable. But what does that mean and how large should it be?

Topics Preview:

  • Happy Holidays from Our Families to Yours!
    • Wondering what the Aux Compliance Team looks like? See photos of our staff with their families!

Topics Preview:

  • How to Satisfy Your CU’s Compliance Needs Despite Limited Resources (Webinar)
  • Newest FinCEN Update on Ransomware Payments
    • Ransomware payments have been a priority for the Department of the Treasury over the past year. Last month, we reported on the Office of Foreign Assets Control’s updated advisory.
      regarding sanctions risks related to ransomware payments
    • Crimes Enforcement Network (FinCEN) also issued an updated advisory identifying new trends of ransomware payments. Most importantly, we would like to share with you the role that
      financial institutions play in facilitating ransomware payments and what you can do to avoid being a part of them.
    • Learn more about recent attacks and new typologies of ransomware payments…
  • NCUA Allows Flexibility for Meetings in 2022
    • On November 15, the National Credit Union Administration (NCUA) issued Letter 21-FCU-06 advising of the administration’s flexibility for meetings in 2022. With the continuation of the COVID-19 pandemic, the NCUA has extended the flexibility for federal credit unions to conduct meetings virtually in 2022.
    • Credit unions who have adopted this bylaw amendment may invoke its provisions at any point in 2022 with the credit union Board’s approval. General quorum requirements must still be met for all-virtual meetings.
  • Regulation Z Annual Threshold Adjustments – Final Rule Effective January 1, 2022
    • The Consumer Financial Protection Bureau (CFPB) has issued a final rule amending the official interpretations for Regulation Z, the implementing regulation of the Truth in Lending Act (TILA).
      This final rule reviews the dollar amounts for several provisions implementing TILA, including provisions under the Credit Card Accountability Responsibility and Disclosure Act (CARD Act),
      the Home Ownership and Equity Protection Act (HOEPA), and the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act)
    • Following are the threshold amounts for 2022…
  • Ask Maddaux: Dear Maddaux, can you please explain cross-collateralization in easy-to-understand terms?
  • Penny’s Marketing Corner:
    • Regulation B prohibits lending discrimination on the basis of religion. Using terms related to specific religious holidays could imply that the credit union has a preference for certain religions.
    • To avoid the appearance of such religious preference, we encourage inclusivity, which can be portrayed by using more generic terms, such as “holidays” and “winter promotions.”

Topics Preview:

  • OFAC Updates Advisory on Ransomware Payments
    • An updated advisory has been issued by the Department of the Treasury’s Office of Foreign Assets Control (OFAC) to highlight sanctions risks related to ransomware payments. The advisory discusses proactive steps financial institutions can take to mitigate risks, including actions OFAC would consider to be “mitigating factors” in enforcement action.
    • According to OFAC’s Enforcement Guidelines, having a well-developed sanctions compliance program can be seen as a mitigating factor that OFAC may consider when determining enforcement action in response to a violation of U.S. Sanctions laws and regulations.
  • Updated IRS Reporting Proposal
    • The proposed legislation would require financial institutions to report annual inflows and outflows from accounts with at least $600 in balances or at least $600 worth of transactions.
    • Due to strong opposition, a revised version has increased this transaction amount and would require financial institutions to provide the IRS with additional information on accounts with annual cash flow (deposits and withdrawals) totaling more than $10,000.
  • Cryptocurrency Today
    • Credit unions have been wondering how to
      approach the subject in order to protect their institutions while continuing to serve their members and the National Credit Union Administration (NCUA) has not been quick in providing
      guidance. According to industry chatter, it is still too early for credit unions to be involved with cryptocurrency.
  • Ask Maddaux: Would a QR code in an electronic advertisement be sufficient as a “one-click” that allows required advertising disclosures to appear one-click away instead of on the ad itself?
  • Penny’s Marketing Corner
    • If you have wondered when a National Credit Union Administration (NCUA) insurance statement or logo is not needed in advertisements, you are not alone.
    • Requirements for the official advertising statement, state that the official advertising statement is not needed in the following advertisements: credit union supplies such asstationery, envelopes, deposit slips…

Topics Preview:

  • National Compliance Officer Day
    • Each year on September 26, National Compliance Officer Day celebrates the dedicated professionals whose hard work is the cornerstone of a financial institution that runs on integrity. They are the people who ensure that business is conducted ethically; they review and create policies, procedures, and processes; and they evaluate risk in order to minimize it.
  • New FinCEN Announcement Calls Attention to Online Child Sexual
    Exploitation Crimes

    • On September 16, 2021, the Financial Crimes Enforcement Network (FinCEN) issued a notice to financial institutions with a warning that there has been an increase in online child sexual exploitation (OCSE). The notice provides details regarding OCSE and as well as instructions on Suspicious Activity Report (SAR) filing.
    • FinCEN requests that financial institutions reference this notice in SAR Field 2 using the keyword “OCSE-FIN-2021-NTC3.” The keyword should also be referenced in the narrative. Additional concerns may be addressed by using appropriate keywords in the narrative…
  • HMDA Alerts
    • The Federal Financial Institutions Examination Council (FFIEC) has updated the Home Mortgage Disclosure Act (HMDA) section of its website.
      • 2021 Census Data have been released…
      • Geocoding/Mapping System has been updated to include the 2021 Census demographic data…
      • Filing Instructions Guide for data collected in 2022 has been released and made available.
  • More IRS Information Reporting?
    • Mid-September, Internal Revenue Service (IRS, agency) officials pressed lawmakers to propose
      legislation which provides the agency with additional taxpayer flow-of-funds information. The proposed legislation would require financial institutions to report annual inflows and outflows from accounts with at least $600 in balances or at least $600 worth of transactions.
    • As expected, financial institutions have vehemently opposed the legislation as they believe it is a significant breach of privacy. For now, the proposal has been omitted from House Democrats’ list of tax-policy changes, which is indicative of the party’s lack of support.
  • Debt Collection Final Rules Take Effect on November 30, 2021
    • The Consumer Financial Protection Bureau (CFPB) has confirmed that two final rules issued under the Fair Debt Collection Practices Act (FDCPA) in 2020 will become effective on November 30, 2021. While these rules do not apply to credit unions who collect their own debt, credit unions using a third party for collections should be aware of these requirements…
  • Ask Maddaux: How can we better serve our Hispanic members during Hispanic Heritage Month (September 15 – October 15) and in the future?
  • Penny’s Marketing Corner:
    • Have you ever wanted to advertise your Field of Membership in a way that would attract the largest number of new members? If so, you may have considered saying that anyone is able to join your credit union. Your Aux Compliance team cautions against doing so because that is a potential violation of Common Bond Advertising Requirements. In 2013, the National Credit Union Administration (NCUA) issued a letter to all federal credit unions informing them that such advertising verbiage may be in violation of federal law and regulation…

Topics Preview:

  • Upcoming NCUA Webinar on Modern Examination & Risk Identification Tool (MERIT)
  • CFPB Updates the Mortgage Servicing Small Entity Compliance Guide
    • On August 4, 2021, The Consumer Financial Protection Bureau (CFBP) updated the Mortgage Servicing Small Entity Compliance Guide to incorporate references to the most recent Mortgage
      Servicing Rules. The updated Guide features information on:

      • 2021 Mortgage Servicing COVID-19 Final Rule
      • 2020 Mortgage Servicing COVID-19 Interim Final Rule provisions
      • Areas of the underlying Mortgage Servicing Rules impacted by these Rules
      • Guidance on compliant use of multiple electronic systems
    • The 2021 Mortgage Servicing COVID-19 Final Rule amends Regulation X (Real Estate Settlement Procedures Act, or RESPA), allowing servicers to offer options following the evaluation of an incomplete loss mitigation application. Options include…
  • FFIEC’s Guidance on Authentication and Access to Financial Institution
    Services and Systems

    • On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC) released new guidance on authentication and risk management related to digital banking and information systems.
    • All the usual suspects are here: risk assessments, multi-factor authentication, and controls appropriate to the size and complexity of your institution, but the FFIEC goes out of its way to avoid prescribing a specific method or framework for risk management. A full summary of the guidance (18 pages) would swell our newsletter beyond what our dear readers would find tolerable, but here are some of the topics covered…
  • Ask Maddaux: Can we automatically sign up members for e-statements during the onboarding process for new members?
  • Penny’s Marketing Corner:
    • Postcard marketing is one of the most commonly used ways to reach an audience. But as you can probably imagine, special rules apply to credit unions advertising in this manner. Let’s take a look at what Regulation P, Privacy of Consumer Financial Information, has to say…

Topics Preview:

  • CFPB Issues Valuable Resource for Older Adults
    • The Money Smart for Older Adults guide can be shared with anyone
      you believe would benefit from it.
    • The CFPB also offers Tools for Financial Security in Later Life.
  • NCUA Resumes On-site Operations
    • National Credit Union Administration (NCUA) implemented a phased approach to resuming onsite operations as of July 19, 2021. During Phase I, NCUA staff is allowed to volunteer to work on-site in locations where public health data indicates conditions are acceptable. If NCUA staff visits your credit union, they will be expected to follow credit union policies related to safety and security, to the extent that they do not violate employee rights or conflict with local, state, or federal laws. While the NCUA will respect credit unions’ preference not to have on-site examinations during Phase I, they reserve the right to address serious matters in-person.
    • Read NCUA Chairman Rodney E. Hood’s Letter to Credit Unions (21-CU-06)
  • The Definition of “Business Day” According to Regulation Z
    • A new federal holiday, Juneteenth, has prompted discussion around Regulation Z’s definition of a “business day” and “holiday.” Regulation Z § 1026.2(a)(6) defines “business day” as “a day on which the creditor’s offices are open to the public for carrying on substantially all of its business functions.” The regulation provides an additional definition for the purposes of rescission; the imposition of fees as they relate to mortgage transactions; waiting periods for early disclosures and corrected disclosures; disclosure delivery; revised Loan Estimates and Closing Disclosures; receipt of disclosures; and receipt of mail disclosures: all calendar days except Sundays and the legal public holidays specified in 5 U.S.C. 6103(a), such as New Year’s Day, the Birthday of Martin Luther King, Jr., Washington’s Birthday, Memorial Day, Independence Day, Labor Day, Columbus Day, Veterans Day, Thanksgiving Day, and Christmas Day.
    • The specific definition of “business day” that includes all calendar days except Sundays and legal public holidays applies to many of the timing requirements of the TILA/RESPA integrated disclosures (TRID) rule.
  • Ask Maddaux: Are we required to include all fees when determining the Military Annual Percentage Rate (MAPR) for a credit card?
  • Penny’s Marketing Corner:
    • If you have ever wondered how radio and TV advertisements differ from print ads, this Marketing Corner piece is for you. Regulation Z dictates much of the disclosure language you are required to include in loan ads, whether they appear on social media, on a postcard, or on the radio.
    • Open-end credit vs. closed-end credit regulations
    • In radio and TV ads, these requirements can be met one of two ways…

Topics Preview:

  • Upcoming Free Audit Findings Webinar 🔎
  • CFPB Guidance on Electronic Funds Transfers & Error Resolution
    • In early June 2021, The Consumer Financial Protection Bureau (CFPB) issued a list of Frequently Asked Questions (FAQs) pertaining to compliance with the Electronic Fund Transfer Act (EFTA) and Regulation E. This list covers situations which are frequently encountered by financial institutions. Specifically, they address negligence and fraud in electronic transactions.
  • FFIEC Announces Availability of 2020 Mortgage Lending Data
    • The Federal Financial Institutions Examination Council (FFIEC) has published Home Mortgage Disclosure Act (HMDA) data for 2020 provided by 4,475 financial institutions. This is the most comprehensive publicly available information on mortgage market activity. The Dynamic National Loan-Level Dataset is updated weekly to reflect submissions and resubmissions.
    • See how your credit union compares to other financial
      institutions using the Aggregate and Disclosure Reports…
  • Advance Child Tax Credit Payments Begin July 15, 2021
    • The American Rescue Plan Act was signed into law on March 11, 2021, by President Biden. This stimulus bill was in response to the ongoing COVID-19 pandemic and it expands the Child Tax Credit (CTC) for the 2021 tax year. Credit unions, please note that you may receive additional direct deposits through the end of the year, similarly to when it is tax return season. You may also see an increase in paper checks for deposit, as well as requests for cash advances from the IRS-issued debit cards.
      • What are advance CTC payments?
      • Who is eligible to receive advance CTC payments?
      • What are the amounts of payments people will receive?
      • How will these payments be distributed?
  • Ask Maddaux: Should we de-risk MSBs and MRBs for Bank Secrecy Act purposes?
  • Penny’s Marketing Corner:
    • It is important to remember that diversity extends to more than race: it also includes age, national origin, ethnicity, marital status, sex, religion, gender, disability, and sexual orientation.
    • Credit unions can advertise products and services effectively while
      ensuring that their audience is treated equally by following the rules provided in regulations.
    • Regulation B prohibits discrimination against applicants during any part of a credit transaction including, but not limited to credit applications, standards of creditworthiness, and adverse actions. The Fair Housing Act makes it illegal to discriminate in the sale or rental of housing, or in other housing-related activities. The NCUA also has a nondiscrimination rule which prohibits the denial or discouragement of an application for a real estate-related transaction based on a prohibited basis.

Topics Preview:

  • Watch Kristen Tatlock’s CUBroadcast Interview: How Credit Unions Can Get
    Ready for Compliance in 2021 and Beyond…
  • June is Elder Abuse Awareness Month
    • In the financial services world, elder exploitation can have many different faces: a caregiver who rips out a couple of checks from a checkbook and forges their at-risk client’s signature; a grandson who threatens his grandmother with violence if she refuses to take out a loan for him; a daughter who buys groceries for her elderly father using her debit card tied to his checking account but takes out cash for herself with each trip; and many more.
    • In 2019, the CFPB updated its 2016 recommendations in an effort to help financial institutions and at-risk consumers alike. Credit unions are expected to…
  • Qualified Mortgage Updates – New Mandatory Compliance Date
    • The Consumer Financial Protection Bureau (CFPB) has amended the mandatory compliance date of the new qualified mortgage rules from July 1, 2021 to October 1, 2022.
    • The Regulation Z definition of a qualified mortgage (QM) has been amended: the general QM loan definition’s 43% debt-to-income (DTI) has been removed and replaced with price-based thresholds, which became effective March 1, 2021.
  • How Could Ransomware Affect Your Credit Union?
    • What is ransomware? In its simplest definition, it is extortion software. It is often used by criminals to block access to critical information on a computer, which is not released until a ransom is paid. According to a witness who spoke at the House Committee on Homeland Security’s hearing on cybersecurity in early May, the average ransom in 2020 was more than $300,000 and the highest paid ransom was $10 million.
    • To help mitigate risk, the NCUA has advised credit unions to…
  • The CFPB’s Recent Complaint Bulletin: What Did We Learn?
    • According to a bulletin issued by the Consumer Financial Protection Bureau (CFPB) in late April 2021, in 2019 and 2020, consumers in counties with the highest percentage of minority population submitted complaints at over four times the rate compared to counties with the lowest percentage of minority population. Key findings indicate that…
  • Ask Maddaux: Our Credit Union is assessing what impact the recent cyberattacks on SolarWinds®’ Orion and Microsoft® Exchange may have on our systems and operations, as well as those of our critical vendors. Can you tell me if Aux was affected?
  • Penny’s Marketing Corner:
    • Social media is a great way to reach members, but there are a few compliance considerations to make when creating that fun, catchy Instagram® post! With so much of our communication being online, it’s important not to forget that compliance guidelines apply to social media posts as much as they apply to the paper brochures members can pick up at the branch.
    • More on this topic in our “Marketing Compliance and Social Media Best Practices” whitepaper.

Topics Preview:

  • COVID-19 Suspicious Activity Report Key Terms & Filing Instructions
    • The Financial Crimes Enforcement Network (FinCEN) has issued Notice FIN-2021-NTC1 to provide filing instructions and key terms for financial institutions to use when completing certain Suspicious Activity Reports (SARs), and requested that the tables provided be used. These instructions should be used for reports of suspected fraudulent activities, crimes, and cyber and ransomware attacks related to the COVID-19 pandemic, and will help assist FinCEN, law
      enforcement agencies, and other government agencies.
  • Prepare for Your Next NCUA Exam
    • With many consumer protection flexibilities rolled back, credit unions are feeling the pressure of their upcoming NCUA exams. As of April 1, 2021, the Consumer Financial Protection Bureau (CFPB) has rescinded certain policy statements made in 2020 relating to COVID-19 flexibilities around mortgages, appraisals, credit reporting, credit cards, and prepaid cards. Best efforts are no longer enough, and we are here with advice so you can be proactive and well-prepared for
      your next exam.
  • Ask Maddaux: Can we send marketing emails to our members and non-members?
  • Marketing Corner:
    • Our compliance specialists have recently seen a rise in vehicle loan promotions, so we want to help you advertise them. We want you to drive business and acquire new members, but we also want to protect you! The CFPB is now fully exercising its supervisory and enforcement authority. As many of you know, there is no implementing regulation for the Unfair, Deceptive, or Abusive Acts or Practices Act (UDAAP). You will still receive our recommendations to include disclosures that are not technically required but may help protect the credit union.

Topics Preview:

  • Two New NACHA Rules Effective Immediately
    • The National Automated Clearing House Association (NACHA) has two new rules, effective March 19, 2021, which aim to modernize the ACH Network. As of March 19, 2021, a third Same Day ACH processing window will be available, allowing financial institutions to send ACH transactions to their Operator as late as 1:45PM PT each
      day. Financial institutions can expect to receive their third Same Day ACH file by 2:30PM PT.
  • Additional Information on Most Recent Economic Impact Payments – Fraud Patterns, Red Flags, and Garnishments
    • With a third round of stimulus payments underway, the Financial Crimes Enforcement Network (FinCEN) has issued an advisory to alert financial institutions of potential fraud patterns. Multiple types of fraud can impact the Economic Impact Payments (EIPs), including, but not limited to fraudulent checks, altered checks, counterfeit checks, theft of EIPs, phishing schemes using EIPs as a lure, and inappropriate seizure of EIPs.
  • CFPB Clarifies That Lender Discrimination on the Basis of Sexual Orientation and Gender Identity is Illegal
    • Earlier this month, the Consumer Financial Protection Bureau (CFPB) made it clear that it will not tolerate illegal discrimination against the LGBTQ+ community. The interpretive rule clarified that the prohibition against sex discrimination under the Equal Credit Opportunity Act (ECOA) and Regulation B includes sexual orientation discrimination, gender identity discrimination, actual or perceived nonconformity with traditional sex- or gender-based
      stereotypes, and discrimination based on an applicant’s social or other associations.
  • CFPB Issues Statement on Providing Financial Services to People with
    Limited English Proficiency

    • The CFPB has issued a statement to encourage financial institutions to better serve consumers with Limited English Proficiency (LEP). LEP can hinder consumers’ financial literacy and make it more difficult for them to obtain financial products and services. In an effort to help consumers, financial institutions and trade associations advocated for financial flexibility in serving these consumers, including allowing risk-based approaches to decision making related to support for non-English language speakers…
  • Google® Requires Financial Institutions to Update Privacy Notice
    • If your credit union’s mobile app is available through the Google Play® Store, you may have received a notice from the company stating that you are required to amend your Privacy Notice to include geolocation privacy information. After consulting with our attorney, we recommend you amend your current Privacy Notice by adding a page to it with the required verbiage.
  • Ask Buddy: We understand we have to provide the right of rescission for non-purchase, principal dwelling-secured loans to members. What is the time frame for the rescission period?
  • Marketing Corner:
    • CFPB Rescinds Trump-Era Guidance Regarding Abusive Acts and Practices Standard
    • In an effort to protect consumers from abusive acts and practices, the CFPB has rescinded its policy statement from January 24, 2020. Going forward, the Bureau will exercise its supervisory and enforcement authority under the Dodd-Frank Act.
    • Credit unions often make risk-based business decisions to advertise using certain catch phrases that are sure to grab their members’ attention. However, doing so can sometimes expose the credit union to unnecessary risk under UDAAP. Some prohibited practices include…

Topics Preview:

  • Federal Reserve Board Approves Regulation D Final Rule – Goodbye to the 6
    Transfer Limit!

    • On March 24, 2020, the Board of Governors of the Federal Reserve System (Board) published an interim final rule amending Regulation D to lower the reserve requirement on transaction accounts maintained at depository institutions to zero percent, which, in effect,
      eliminates the reserve requirements for transaction accounts. This rule was adopted as a final rule, without change, on February 10, 2021, and will become effective on March 12, 2021. This means that as of March 12, 2021, credit unions are no longer required to reserve
      on transaction accounts.
  • HMDA Data for 2020 – Submit by March 1
    • In Letter to Credit Unions 21-RA-03, the NCUA reminded credit unions that they expect every credit union required to report 2020 HMDA data to submit its Loan Application Register (LAR) data to the CFPB by March 1, 2021. Credit unions appearing on a delinquent filers list could become subject to civil money penalty assessments.
    • You must use the HMDA Platform to upload LAR data, review edits, certify the accuracy and completeness of data, and submit data for the filing year. Do this BEFORE March 1, if possible, in case there are any problems. Your submission must be approved and accepted
      (not just received) by the CFPB no later than March 1. HMDA reporting errors are common, so here are some helpful general compliance tips…
  • NCUA Board Approves “Joint Ownership Share Accounts” Final Rule for
    Share Insurance

    • On February 18, 2021, the NCUA Board approved a final rule which amends the NCUA’s regulation governing the requirements for a share account to be separately insured as a joint account. The final rule is effective 30 days from the date of publication in the Federal Register (which had not yet happened as of this writing). According to the NCUA, joint accounts will still be…
  • Ask Buddy: Can funds from the second round of stimulus payments be garnished for child support?
  • Marketing Corner:
    • What is “equal prominence” and how does it affect your ads? Regulation Z dictates many rules of advertising. When advertising a promotional credit card rate, say 0% APR on purchases for the first 6 months of owning a new credit card from your credit union, you are required to disclose the rate, or range of rates, that will be in effect when the promotional period ends…

Topics Preview:

  • Thanks for Your Feedback!
    • Our overall satisfaction rating for 2020 is 92%
  • NCUA Supervisory Priorities
    • In a recent letter to credit unions, the NCUA outlined its supervisory priorities for 2021 in an effort to help credit unions prepare for their upcoming exams:
      • Allowance for Loan and Lease Losses (ALLL)
      • Bank Secrecy Act/Anti-Money Laundering Compliance
      • CARES Act
      • Consumer Financial Protection
      • Credit Risk Management
      • Information Systems and Assurance (Cybersecurity)
      • LIBOR Transition
      • Liquidity Risk
      • Serving Hemp-Related Businesses
  • Guidance for the Second Round of PPP Loans
    • On January 17, 2021, the Small Business Administration (SBA), in conjunction with the U.S. Department of the Treasury, released additional Paycheck Protection Program (PPP) guidance and resources for borrowers and lenders.
      • See Procedural Notice 5000-20077 for information on…
      • See Procedural Notice 5000-20078 for information on…
  • Answers to FAQs Regarding SARs and other AML Considerations
    • Federal agencies including FinCEN and NCUA have collectively issued answers to common questions about Suspicious Activity Reports (SARs) and Anti-Money Laundering (AML) requirements. This guidance includes information on the following…
  • Ask Buddy: Our credit union has a community charter and people who worship at a church in the community are eligible for membership. We’ve had someone who doesn’t live in our state, but virtually attends a church in our community, ask to join the credit union. Is that person able to join the credit union if they live in a different state and do not attend the church
    physically?
  • Marketing Corner:
    • As all marketers know, there are so many ways to advertise. Postcards, billboards, social media, and radio ads are among the most common media we see. Let’s take a look at postcards: they are an easy, quick way to reach your members, yes, but they can also be a compliance headache. Not only do they have to include required disclosures, but they also must be presented in a way that does not reveal that the recipient is a member of your credit union…

Topics Preview:

  • Holiday Message
  • COVID-19’s Money Mules & Considerations for Credit Unions
    • What is a money mule? This is an individual who transfers the profits of financial crimes on a fraudster’s behalf. The movement of these illicitly-obtained funds is typically done through financial institution transfers and cash transactions in order to complicate and disguise the money trail. These activities interfere with law enforcement investigations…
  • Your Members Have Moved – What Should You Do?
    • It can be frustrating for members to update their address with every company, website, and service they use when they’ve moved. However, it’s necessary to remind them that doing so protects them from information invasion practices such as identity theft. Section 7 of Article XVI of NCUA’s Model Bylaws for federally-chartered credit unions states: “Members must keep the credit union informed of their current mailing address or, if the member has elected to receive electronic communications, their current email address.” Similar language may appear in the bylaws of state-chartered credit unions and may also exist in your membership agreement.
  • Ask Buddy: Can we have our Annual Meeting Online?
  • Marketing Corner:
    • Marketing to a young member base is an exciting opportunity for credit unions. You want to provide financial education as early as possible, so your younger members have the tools they need to become financially prepared for the future. As with any advertising, there are rules and regulations that protect young people. For example, your members who are under 13 years old are protected by the Children’s Online Privacy Protection Rule (COPPA). Under COPPA, you are required to obtain parental consent prior to collecting any personal information from a member who is under the age of 13…

Topics Preview:

  • Newest Addition to the Compliance Team: Meet Jason Clarke
    • We are growing! We’re thrilled to announce that Jason Clarke will be joining our team in December. Jason is a seasoned compliance and risk professional committed to the cooperative banking model and credit union movement. In his spare time, he plays drums and guitar. He lives in Staunton, Virginia with his wife Sonja and three rescued dogs – Marigold, Magnolia, and Flutter.
  • New Year – New Reviews and Training Opportunities!
    • It is time to plan ahead and schedule your credit union’s 2021 reviews and training. Reach out to our compliance team at compliance@auxteam.com and get your credit union’s 2021 reviews and training on our calendar!
  • NCUA’s Guidance on Hemp Banking
    • The hemp industry continues to grow and with that, so do credit unions’ questions on how to handle their members’ requests for these agricultural accounts. Earlier this year, the NCUA issued a Letter to Credit Unions which provided additional guidance on the subject. While the NCUA did not issue new expectations or requirements, the agency did answer a lot of questions, one of them being whether the NCUA prohibits credit unions from serving hemp-related businesses. The answer is no, and the consideration is for credit unions to ensure
      they can safely and properly serve these agricultural memberships. Additionally, credit unions do not need to file marijuana-related SARs on legally operated hemp-related businesses…
  • FDCPA Final Rule
    • Regulatory updates often do not advance as quickly as technology. On October 30, 2020, the Consumer Financial Protection Bureau (CFPB) released a final rule revising Regulation F, which implements the Fair Debt Collections Practices Act (FDCPA). The nearly-700-page document is up-to-date with new technology and discusses items such as the general prohibition of harassing, oppressive, or abusive conduct applicable to telephone calls, emails, and text messages used in debt collection. It also contains information on disputes, acceptable practices, and what constitutes as false, deceptive, or misleading representation with regard to social media…
  • 2021 CFPB Regulation Z Annual Adjustments
    • With the new year quickly approaching, we wanted to remind you that the CFPB’s final rule on the threshold amounts of the sections of Regulation Z that implement the Credit Card Accountability Responsibility and Disclosure Act (CARD Act), the Home Ownership and Equity Protection Act (HOEPA), and the ability-to-repay/qualified mortgage provisions of the Dodd-Frank Act will be in effect on January 1, 2021.
    • What this means for you: Regulation Z Section 1026.52(b) states that for credit card accounts, your credit union may “impose a fee for violating the terms or other requirements of an account” if the dollar amount does not exceed the safe harbor threshold for open-end
      lines of credit. According to the final rule, in 2021, the penalty fees will remain unchanged.
    • The total points and fees thresholds for determining whether a covered transaction is a qualified mortgage are based on the amount of the loan and will be increasing to…
  • Ask Buddy: One of our members says a check cleared his account but he never authorized it. The image of the check shows the words “Authorization on File” on the signature line. Is this a valid check?
  • Marketing Corner:
    • Home loan advertisements are all around us, especially since rates have been steadily low for a while. For credit unions that offer home loans, navigating the advertising field can sometimes prove to be a daunting task. We are here to help. When advertising real estate secured loans, all credit unions must include the Equal Housing logo or statement to ensure the reader knows that the credit union does not discriminate. Federal credit unions may use either of the following statements: “Equal Housing Lender” or “Equal Housing Opportunity”; however, the use of “Equal Housing Opportunity” is far less common. State-chartered credit unions, on the other hand, must use the verbiage…

Topics Preview:

  • CFPB Highlights Findings Concerning Regulation E Error Disputes
    • The CFPB’s Summer 2020 Supervisory Highlights notes a recurring issue their examiners found at financial institutions. The examiners reported multiple instances of financial institutions requiring consumers to file police reports as part of their Regulation E Error
      Dispute process. This requirement was often included in the financial institution’s account agreement documents…
  • NCUA’s Changes to Chartering and Field of Membership Rules Take Effect
    • This rule change now allows federal credit unions seeking a community charter to use a CSA as a basis for defining their service area without also documenting how the CSA’s residents share a common bond. NCUA released a Letter to Credit Unions detailing these changes and how they impact the process of applying for a community charter, expansion, or conversion.
  • HMDA 2021 Regulatory and Reporting Reference Chart
    • The CFPB’s 2021 reference chart for Home Mortgage Disclosure Act (HMDA) data is now available. The chart is provided as a reference for data required to be collected and reported under Regulation C.
  • FinCEN Releases Two New Advisories Related to COVID-19
    • Unemployment Insurance Fraud—On October 13, 2020, FinCEN issued FIN-2020-A007, an “Advisory on Unemployment Insurance Fraud During the Coronavirus Disease 2019 (COVID-19) Pandemic”. Over the last few months FinCEN has, based on data obtained from Bank Secrecy Act (BSA) data, open source reporting, and law enforcement partners, conducted an analysis of COVID-19 related information. From that analysis, the following illicit activities have been noted, as they relate to unemployment insurance (UI) fraud…
    • Human Trafficking—, FinCEN notes that the strain of the pandemic on local economies and infrastructures will likely exacerbate
      conditions conducive to human trafficking. They recently issued a new Supplemental Advisory on Identifying and Reporting Human Trafficking and Related Activity, FIN-2020-A008, which provides information concerning different types of human trafficking and a list of red flags for financial institution staff to keep in mind.
  • Ask Buddy: Our credit union has seen an uptick in suspicious activity concerning elder financial exploitation. Should the victim’s information be included in the Subject section of a SAR?
  • Marketing Corner:
    • Innovations in technology allow marketers to drill down and target their products to consumers who they feel are most likely to be interested in the product being promoted. While this is a great way to ensure a community is learning about all a credit union has to offer, it’s important to remember Fair Lending rules still apply…

Topics Preview:

  • FinCEN Data Breach – Leak of Over 2,100 SARs Could Have Major Impact on BSA/AML Efforts
    • On September 1, 2020, FinCEN issued a statement regarding unlawfully disclosed Suspicious Activity Reports (SARs) and indicated that it was aware that media outlets intended to publish a series of articles based on those SARs…
  • Disparate Impact Rule Updated by HUD
    • The Fair Housing Act’s disparate impact standard has been updated by HUD with the intent of bringing more clarity to the regulation. The update includes standards for bringing a credible disparate impact lawsuit against the credit union. Disparate impact is a legal doctrine under the Fair Housing Act which states that a policy may be considered discriminatory if it has a disproportionate “adverse impact” against any group based on race, national origin, color, religion, sex, familial status, or disability when there is no legitimate, non-discriminatory business need for the policy.
    • The new standards are as follows…
  • NCUA Board Approves Changes to Real Estate Appraisal Regulations
    • NCUA has finalized an interim rule the Board approved in April 2020 regarding changes to NCUA’s real estate appraisal regulations found in NCUA Regulations Part 722. The rule defers the requirement to obtain an appraisal or written estimate of market value for up to 120 days following the closing of certain residential and commercial real estate transactions, excluding transactions for acquisition, development, and construction of real estate…
  • CFPB Report Highlights Examination Findings
    • The CFPB has released the Summer 2020 edition of its Supervisory Highlights. The report highlights several recurring findings identified by examiners in areas including consumer reporting, debt collection, deposits, fair lending, and mortgage servicing. The report is not
      targeted specifically to credit unions. However, there were a few findings which are of note for credit unions to keep in mind when reviewing their own internal procedures…
  • Ask Buddy: We have traditionally required title companies to provide us with a HUD-1 settlement statement on HELOC transactions. However, many title companies have replied with an ALTA (American Land Title Association) settlement statement instead of the HUD-1. Is the ALTA statement compliant?
  • Marketing Corner:
    • In light of the CFPB releasing highlights of their recent examination findings (see above), it is important to remember Regulation B prohibits advertising that discourages prospective applicants on a prohibited basis. The CFPB cited lenders running ads which feature “almost exclusively white models in marketing materials” and “including headshots of the lenders’ mortgage professionals” all of whom appeared to be white. Additionally, the CFPB cited lenders geographically targeting predominantly white areas for marketing. Practices such as these not only pose regulatory risk, but also risk damaging the reputation of a credit union…

Topics Preview:

  • Learn the BSA & KYM Benefits of MemberPass™ (Webinar)
    • Every interaction that a credit union has with its members starts with identifying who they are. MemberPass™ provides a way for you to quickly and confidently verify your members’ identities – improving member experience, reducing fraud, and increasing operational efficiency. Compliance officers will want to explore the possibilities for enhanced KYC processes and better compliance with privacy rules.
  • On July 22, 2020, the CFPB issued amendments to the Payday, Vehicle Title, and Certain High-Cost Installment Loans Rule. The Safe Harbor provided to PALs I loans offered by credit union remains in place. However, other salary advance products offered by credit unions could be subject to the new provisions…
  • NCUA Joint-Statement on BSA Enforcement
    • The NCUA joined with other federal regulators to release guidance directed toward helping examiners appropriately address BSA findings. While the NCUA continues to defer to the judgment of an examiner in respect to findings, the agency provides alternatives to issuing a Cease and Desist Order…
  • FinCEN Updates FAQ on Customer Due Diligence
    • New FAQs have been added concerning the requirements for Customer Due Diligence for Covered Financial Institutions. The new questions cover whether additional due diligence must be conducted at opening, member risk ratings, and ongoing due diligence…
  • Ask Buddy: When a new member deposits a check, our credit union wants to start placing a 15-day hold. Our understanding is that Regulation CC places no limits on the length of time funds can be held on a new account. Are we correct?
  • Marketing Corner:
    • Providing an Initial Privacy Notice when establishing a “continuing customer relationship” is required by Regulation P. The most common time this happens is when a member first opens a share account with your credit union. However, this is not the only situation when an Initial Privacy Notice must be provided…

Topics Preview:

  • Testing in the Time of Pandemic
    • Here are some lessons we’ve learned and tips to reduce the stress associated with testing. While these are specific to what the Aux compliance team and partners are experiencing during the ongoing pandemic, the information can be applied to supervisory exams and other audits as well.
      • Expect tests to take longer…
      • Start preparing earlier…
      • Some things just won’t be available…
      • Communication is key…
  • COVID-19 Related Suspicious Activity
    • FinCEN recently released guidance on filing a SAR on activity related to the COVID-19
      pandemic. FinCEN requests all SARs related to Covid-19 include “COVID19 MM FIN-2020-A003” in SAR field 2 (Filing Institution Note to FinCEN). Additionally, field 34(z) (Fraud – other) should be selected as the associated activity type along with any other more specific associated activities. It is also important to include how the activity relates to the pandemic in the SAR narrative.
  • July Brings Changes to HMDA
    • On July 1, 2020, the minimum threshold for HMDA reporting increased from 25 to 100 closed-end mortgage loans. Many credit unions which began the year as covered institutions because they made 100 closed-end mortgage loans in 2018 and 2019 now find themselves qualifying for exemption as “newly excluded institutions.” If your credit union falls under this category, you may stop collecting HMDA data as of July 1. However…
  • Changes to Remittance Rule Take Effect
    • The Consumer Financial Protection Bureau has finalized changes to the Remittance Transfer Rule. The major changes include increasing the normal course of business safe harbor threshold from 100 remittance transfers to 500 remittance transfers annually; and allowing insured financial institutions to estimate some fees and exchange rates to their members if the following conditions are met…
  • Ask Buddy: We have a member running for public office. How do we open accounts for their campaign?
  • Marketing Corner: Our credit card department wants to run an introductory rate and balance transfer promotion. How do we advertise that and stay compliant?

Topics Preview:

  • Wait…Who’s Aux?
    • CU Service Network is transforming. Welcome to Aux, doing the hard work for you. The same friendly compliance team you’ve been working with will not change, nor will your services, however our brand, website, and email address will be changing in the coming month…
  • Changes to HMDA reporting begin in July
    • On July 1, 2020, the minimum threshold for HMDA reporting increases from 25 to 100 closed-end mortgage loans. For the many credit unions which now find themselves qualifying for exemption as “newly excluded institutions.” If your credit union falls under this category, you may stop collecting HMDA data as of July 1. However…
  • IRS extends the deadline for filing Form 5498
    • Following the IRS decision to extend the IRA contribution deadline to July 15, 2020, the deadline to provide Form 5498, IRA Contribution Information has been extended to August
      31, 2020…
  • Upcoming regulatory changes reminder
    • Reg CC: The inflation adjustments made to Regulation CC go into effect on July 1, 2020. Hopefully, your credit union has made all necessary changes to processing systems and Funds Availability notices. If you haven’t already sent a Change-in-Terms notice to your
      membership, it must be done no later than July 31, 2020.
    • Remittance Transfer Rule: On July 21, 2020, the safe harbor threshold for remittance transfers increases to 500 annually. Additionally, insured financial institutions will be permitted to estimate some fees and exchange rates to their members provided the following conditions are met…
  • Ask Buddy: Our credit union has the hang of reporting CARES Act compliant information to credit bureaus, but we are concerned about how to report when the CARES Act accommodations expire.
  • Marketing Corner: Thanks to Covid-19, most of us are doing more from home than ever before- including our financial business. The increased online traffic has led many credit unions to start implementing updates, and sometimes complete overhauls, to their website. Remember there are countless compliance issues which must be considered- including disclosures, liability concerns, and even the images used…

Topics Preview:

  • COVID-19 Compliance Q&A: April 17, 2020 Update
    • If a member asks for a loan payment deferment and we deny the request, do we need to provide an Adverse Action Notice?
    • Is there a problem if we allow our loan officers to decide which members will be granted a loan payment deferral?
    • We are offering loan payment deferments for the next 90 days for any loan that isn’t already more than 60 days past due. How should we report these loans to the consumer reporting agencies?
    • Are Regulation D limits still in place?
    • Can we re-open a previously closed account if we get an ACH Economic Impact Payment (EIP or COVID-19 stimulus payment) with that account number?
    • What should we do if we receive an ACH EIP into a joint account where one of the account owners has passed away since the last tax refund was received? Should we return those payments?
    • We understand that actual stimulus checks will be issued to people who don’t have tax refunds deposited electronically. What should we do if a member brings in an EIP check that’s payable jointly, but the member is the only owner on the account?
    • Our collections department has asked if we can use the funds from any EIP to offset money owed by the member (charged off, delinquent or negative balance accounts). Can we?
    • Do we need to notify NCUA if we close one or more branches due to the COVID-19 pandemic?
  • Federal Reserve Board Suspends Six-Transfer Limit
    • Following news in early April that the Fed was no longer requiring financial institutions to reserve against savings deposits, the FRB has announced it has lifted the requirement to limit monthly withdrawals to six. The change is effective immediately. The information released thus far does not specify the changes are permanent, but neither does it state an end date. It is important to note…
  • Secret Service Tips to Spot Counterfeit Stimulus Checks
    • The US Secret Service has created a list meant to assist financial institutions in identifying counterfeit stimulus checks. The following security features will be included on stimulus checks issued by the US Treasury…
  • NCUA Increases Threshold for Residential Appraisals
    • As part of NCUA’s ongoing initiatives to provide relief to Credit Unions during the pandemic, the residential appraisal threshold has been raised from $250,000 to $400,000. The increase is intended to increase flexibility to credit unions struggling with mortgage pipeline delays resulting from difficulties in scheduling appraisals due to COVID-19. The change is effective immediately.
  • Adjustments Made to HDMA Thresholds
    • The CFPB released a final rule permanently adjusting the HMDA thresholds for both closed end and open-end HMDA reporting. The final rule increases the permanent threshold for collecting and reporting data about closed-end mortgage loans from 25 to 100 loans ,effective July 1, 2020. The change will also amend Regulation C to increase the permanent threshold for collecting and reporting data about open-end lines of credit from 100 to 200, effective January 1, 2022, when the current temporary threshold of 500 of open-end lines of credit expires.