Is NCUA and, by extension, the credit union industry important enough to have a seat at the table when it comes to deciding issues that impact the financial structure of the Country? Now, even if I didn’t get paid by the industry, I would still say the answer is yes. Credit unions represent more than 90 million account holders and influence the banking industry as a whole by providing needed competition to the for-profit banking model.
Nevertheless, yesterday, the Washington-based Bipartisan Policy Center released a report detailing recommended changes to the financial industry. The report, the outgrowth of a Task Force co-chaired by former New York State Banking Superintendent Richard Neiman, contains some ideas that should be seriously considered. It argues correctly that Dodd-Frank represents a missed opportunity for needed financial reform in this Country. It also argues that the Country should consolidate financial regulations and examiner training. The really good news is that this Task Force, unlike so many others, recognizes that credit unions are unique financial institutions and that NCUA should continue to exist to oversee their regulation.
Now for the part of the report that irks me. In lieu of calling for the creation of a single regulator, Dodd-Frank created a Financial Stability Oversight Council (FSOC). The purpose of the council is to create a framework for financial regulators to identify risk posed not only by large banks but by non-banks as well (think AIG before the meltdown). NCUA was given a seat on the council as a voting member. The Task Force recommends that this power be taken away from NCUA. It explains that “credit unions are an important part of the U.S. financial system, but they generally are small and do not figure into macro-prudential discussions. To the extent they do a credit union voice will still be represented on the FSOC, though without a vote.” This is bureaucratese for patting credit unions on the head and sending them to the corner with crayons while the adults do all the important work.
Since the Bipartisan Policy Center is dedicated to getting knowledgeable people together to come up with serious recommendations about serious problems facing the nation, its ideas have absolutely no chance of getting anywhere in today’s Washington. Nevertheless, this recommendation is irksome for several reasons. First, credit unions may not be as big as the behemoth banks that have the ability to bring the Country to its knees, but they certainly are impacted by the conduct of these institutions. Making credit unions comply with almost all of the Dodd-Frank inspired regulations but not giving them any ability to influence the conduct of the institutions responsible for Dodd-Frank in the first place is a lot like telling a teenager to get a driver’s license but then not letting him drive. More importantly, the proposal reflects the continued arrogance of the banking elite. Even after the masters of the universe engaged in policies and practices that have caused millions of people to lose their jobs and homes, we are still told that only a relative handful of self-proclaimed geniuses truly have the skills and knowledge necessary to oversee the Country’s financial system. What hubris.
Have a good weekend, I will be off Monday enjoying what I hope will be spectacular weather, but back Tuesday.
Good things come to those who wait. . .and wait. . .and wait. Nearly four years after deciding not to appeal federal court rulings holding that the IRS wrongly tried to tax certain state chartered credit union activities, the IRS has finally gotten around to issuing a memorandum to its examiners confirming that state chartered credit unions are exempt from most UBIT taxes.
It’s been a while since UBIT was a big issue, so here’s a quick refresher. The Unrelated Business Income Tax (UBIT) taxes the activities of not-for-profit tax-exempt organizations which are not substantially related to the activities for which an organzation was given tax exempt status. Federal credit unions are explicitly exempt from this tax. In two cases brought in federal district court and decided in 2009 and 2010, credit unions successfully argued that contrary to the IRS’s opinion, most of the products and services commonly offered by state chartered credit unions are exempt from the UBIT tax.including the sale of credit life and credit disability insurance, GAP auto insurance, ATM “per-transaction fees FROM MEMBERS,” interest on loans and the sale of checks from a check printing company to members.
The decisions and the recently released memorandum are not a complete victory for state-chartered credit unions. For instance, the sale of automobile warranties, accidental death and dismemberment insurance, life insurance and ATM “per-transaction fees FROM NON MEMBERS” are subject to UBIT. I’ve included a link to the IRS memorandum so you can take a look at the entire list. All in all, though, this is the biggest victory for credit unions in the last decade.
Credit unions are mainly concerned with the enormous power the CFPB has to promulgate consumer regulations. But to really get a feel for just how powerful the Bureau is, you should keep in mind that it also has the authority to take legal action against financial institutions engaging in deceptive financial practices. The latest institution to run afoul of the CFPB is Bank of America, which has agreed to pay approximately $727 million in refunds and $20 million in fines in relation to allegations that it engaged in deceptive practices when selling 1.4 customers credit cards and so-called “add-on services.” A separate agreement was reached with the OCC.
Among the sins highlighted by the Bureau were the fact that some consumers were led to wrongly believe that the first 30 days of coverage for certain add-on credit card services were free and aggressive enrollment practices which led consumers to believe that they were simply obtaining additional information about a product when in fact they were agreeing to buy it. These enforcement actions provide a pretty good signal of where the CFPB thinks additional regulation is necessary, so even though Bank of America’s misdeeds may not affect you today, they may impact the work load of your compliance officer tomorrow.
Just how bad is it for mortgage lenders out there? According to the Wall Street Journal, mortgage originations in February “fell to their lowest level in 14 years due to the months long plunge in refinancing activity and weak demand for loans to purchase new homes.” The Journal also reports that the share of mortgage applications for refinances hit their lowest level since 2009. Remember, this is all taking place as the FED is winding down its bond buying program and tougher lending regulations are taking effect. Unless we see a huge surge of consumer confidence and economic growth in the near future, this is shaping up as one heck of a depressing year for the mortgage market.
On that happy note, have a nice day!
I’m exaggerating only slightly this morning. In written testimony before the House Financial Services Committee yesterday NCUA General Counsel Michael McKenna stated that 70% of NCUA’s final rules over the last two years have provided regulatory relief or greater clarity without imposing new compliance costs. That’s a relief, here I thought credit unions were being overburdened by excessive regulation. I guess all those credit unions that have hired additional compliance staff over the last few years can rest easy.
As both NAFCU and CUNA were quick to point out, when it comes to assessing the impact of regulations, it’s not so much the quantity but the quality of the regulations that has to be assessed. In truth, the whole premise of yesterday’s hearing was a little silly. Regulators are responsible for regulating and they wouldn’t be doing their job if the industries they oversee reported to Congress that they loved the job they are doing. Instead of holding hearings, Congress should remind itself that regulations are, by definition, the outgrowth of laws it passes. Since that is unlikely to happen, however, NCUA can’t simply point to statistics to get around the fact that credit unions face burdens today that they didn’t have to deal with five years ago. For example, in recent years, NCUA has:
- blurred the distinction between federal and state oversight of credit unions by passing regulations giving it more direct control over state chartered credit unions;
- clamped down on CUSOs by making them report more information directly to the NCUA;
- and, of course, joined other regulators in imposing numerous regulatory requirements, euphemistically referred to as guidance, on credit unions. For example, just last week NCUA joined other regulators in emphasizing the need for small and mid-sized credit unions to take steps to guard against theft of debit card information.
(Incidentally, regulators try to have it both ways when it comes to issuing “Guidance”. On the one hand, they’re never referred to as regulations, but on the other examiners consider them just as binding on an institution as a promulgated rule).
Now, to be fair to NCUA, the agency has taken steps to minimize the regulatory burden by, for example, raising to $50 million the threshold for what is considered a complex credit union. In addition, NCUA’s regulatory streamlining of the Low Income Credit Union designation process was a master stroke in using regulatory powers to benefit the industry. Think about it. Without getting a bill passed, NCUA gave thousands of credit unions the opportunity to seek out secondary capital and take in member business loans without having to be concerned about a cap.
In the end, what is really going on here can’t be quantified. On the one hand, at its best NCUA has demonstrated a recognition that, given the huge divergence in the size and sophistication of credit unions, regulators should strive to avoid one-size fits all requirements. On the other hand, at its worst, NCUA myopically views almost everything through the lens of the Share Insurance Fund with the result that it demonstrates a cavalier disregard of the right of state chartered credit unions to be regulated primarily by state regulators and often seeks to impose safety and soundness requirements that impinge on the right of credit unions to run their credit unions in the way that best benefits their members.
As faithful readers of this blog will know, I occasionally feel the need to remind people that the opinions expressed are mine, and mine alone, although you, of course, are welcome to agree with me.
Both NCUA and credit unions are making serious mistakes in the march toward a more sophisticated risk-based capital scheme for credit unions with at least $50 million in assets. Another time I will talk about NCUA’s mistakes, but today I think it is time to take the industry to task. Most importantly, the industry can’t have it both ways when it comes to risk-based capital. For at least a decade, it has been pushing NCUA to adopt a risk-based capital formula arguing that a capital framework more in line with that of banks will free up capital at well run credit unions and ultimately help more members. This sounds great, but it is flawed for two reasons.
First, NCUA has always said that with any risk-based capital proposal there are not only going to be winners, but losers. If the industry wants capital reform but continues to insist that NCUA’s proposal is fatally flawed, then it has an obligation to come up with a workable alternative. However, my guess is that anything resembling industry consensus on what an alternative proposal would look like is impossible to obtain. For instance, if you think the proposal places too much emphasis on concentration risk, does that mean you’re in favor of increasing risk ratings across the board? And if you don’t think concentration risk should be dealt with by imposing higher risk ratings on mortgages and MBLs, then how else should NCUA account for concerns that too much concentration of any given asset poses a greater systemic risk to the industry? There is no win-win here; there are winners and there are losers.
Which leads us to the second, more fundamental problem with the industry’s position on risk-based capital. The simple truth is that despite the glorification of the BASEL framework, there is absolutely no indication that risk-based capital regimes actually work. remember that some of the largest banks that failed over the past five years were subject to BASEL requirements. In fact, as summarized in a recently released analysis from George Mason University “since 1991 the Federal Reserve has employed a risk-based measure of bank capital as its primary tool for regulating risk. However, RBC regulations are easily exploited and susceptible to regulatory arbitrage. Evidence indicates that such regulations have increased individual bank risk as well as systemic risk in the banking system.” Also, read the excellent quotes in the CU Times provided by Chip Filson, who is doing a great job leading the charge against a risk-based capital regime.
The myth of risk-based capital is underscored by NCUA’s proposal. Risk rating is complicated but at its core it is nothing more than a policy judgement on the part of regulators about which assets pose the greatest relative risk to safety and soundness. The problem is that such policy judgements are inevitably based on preventing the last financial crisis from occurring again. In reality, whether the next financial crisis occurs in five or fifty years, no one knows which assets truly pose the greatest risk to the safety and soundness of this industry.
Against this backdrop of uncertainty, it makes more sense to maintain general capital requirements than it does to provide regulators, financial institutions and the general public with false assurances that institutions are well capitalized. In short, if it was up to me, we would scrap NCUA’s proposal all together not because the proposal is so flawed, but because risk-based capital doesn’t work as advertised.
Yesterday the FFIEC, the regulatory body comprised of all the major federal financial regulators including the NCUA, issued two guidances related to the expected risk-mitigation efforts to be taken by financial institutions regarding automated teller machine (ATM) card authorization schemes and distributed denial of service attacks (DDoS). Don’t toss these statements into the bin on the corner of the desk. Efforts taken by financial institutions to mitigate cyber attacks are a point of emphasis for all examiners, including the NCUA.
The Joint Statement on cyber attacks on ATM card authorization systems is particularly noteworthy. Under an increasingly popular form of cyber theft called “unlimited operations,” crooks use basic phishing techniques to gain access to employee passwords. Over time, hackers are able to infiltrate a financial institution’s debit card authorization system. With this knowledge, they eliminate limits placed on the amount of money that can be taken from debit and pre-paid debit cards. In one scam highlighted by federal prosecutors in New York, cyber criminals distributed debit card information to co-conspirators in several countries who pulled more than $40 million from customer accounts.
Denial of service attacks have gotten a lot of attention lately because of the increasing evidence that they are being used by countries and cyber terrorists to disrupt the online services of major financial institutions. But these attacks designed to disrupt services are also commonly used to mask good, old-fashioned cyber crime. As explained by security analyst Avivah Litan:
“Once the DDoS is underway, this attack involves takeover of the payment switch (e.g. wire application) itself via a privileged user account that has access to it. Now, instead of having to get into one customer account at a time, the criminals can simply control the master payment switch and move as much money from as many accounts as they can get away with until their actions are noticed.”
Yesterday’s statements also underscore the need for all institutions, irrespective of asset size, to take steps to guard against cyber assault. In fact, the guidance on ATM takeovers notes that unlimited operations specifically target web-based controls used by small and medium sized financial institutions.
Also, keep in mind that while these statements are new, the need for credit unions to take appropriate steps consistent with their size and sophistication to guard against cyber crime is not new. You should periodically be taking a look, at 12 CFR 748 to make sure that your credit union is implementing an appropriate program of loss mitigation.
While all institutions should be required to make reasonable, good faith efforts regarding cyber crime, let’s face it, this is a high-tech game of Whack-A-Mole. Any successful efforts to mitigate a certain type of security breach will quickly be circumvented by hackers with the brains and the financial motivation to take other people’s money.
The federal government has to take the lead in developing an appropriate cyber defense scheme in this country. But with Congress unable or unwilling to impose basic security measures on merchants, this is about as likely to happen as the Yankees winning the World Series this year . . .that’s right after just two games I am willing to say that’s an awfully expensive mediocre team. On that note, enjoy your day.
Late Monday, Legislators and sleep-deprived staffers put the finishing touches on the 2014-2015 New York State Budget. For credit unions, the two most important take aways I have deal with title insurance and state tax policy.
As for title insurance, the Legislature agreed to the Governor’s proposal, which I talked about in a previous blog, to establish licensing requirements for title insurers. For those of you who want to take a closer look, you can find the relevant language in Part V in S.6537-D. In addition to establishing title insurer licensing requirements, the legislation imposes new disclosure requirements whenever lenders suggests using a title insurer with whom they are affiliated.
As a result, this bill will have its largest impact on the relative handful of credit unions that have mortgage lending CUSOs that provide title insurance services. The legislation is also significant because it gives the Department of Financial Services the authority it was seeking to more directly regulate title insurers by, for example, establishing minimum standards for the profession.
A second part of the budget that doesn’t directly impact credit unions but could be helpful in seeking needed reforms has to do with corporate tax reform. Specifically, the Legislature agreed to the Governor’s proposal to scrap Article 32 of the Tax Law, which imposed a tax specifically on banks. As a result, banks will be subject to the same tax treatment as other corporations in New York State. The proposal was perhaps the most controversial of the Governor’s Tax Package since some groups argued that it was essentially a tax cut for banks when New York is still suffering the effects of the Great Recession. However, this argument overlooks the fact that New York may be the capital of the banking industry, but is not guaranteed to remain so. The bank tax is a vestige of the time when banks simply didn’t have the ability to shift from state to state the way they do today.
Besides, the tax indirectly benefits credit unions. How’s that, you say? Because credit unions are also seeking authority to help New York’s economy grow by allowing municipalities to invest their funds in credit unions. Frankly, the argument that credit unions are somehow less deserving of these funds because they don’t pay corporate taxes rings all the more hollow now that the banks have successfully argued for their own tax breaks.
One generic point, Governor Cuomo and the Legislature deserve a tremendous amount of credit for four on-time budgets. But the Governor and all future Governors should give a big thank you to former Governor Pataki. It was his administration that laid the groundwork for these on-time budgets by successfully arguing that the Legislature could not amend the Executive’s Budget proposal without the Governor’s consent. On a practical level this means that the Governor has a tremendous amount of leverage since the legislature must ultimately choose between accepting the Governor’s recommendations or shutting down the Goverrnment. Simply put, the legislature doesn’t have as much leverage as they used to have in budget negotiations.