It’s Alive! New York Finalizes Cybersecurity Regulations


There were three developments yesterday afternoon that will make today much more interesting for you.

First, the Cuomo Administration announced in banner headline font that it had finalized its first in the nation Cybersecurity Regulations. Secondly, the fate of CFPB director Richard Cordray and the future structure of the bureau he oversees was thrown into further doubt when the Court of Appeals for the DC Circuit decided to reconsider the circuit’s earlier ruling that, as currently structured the bureau is unconstitutional. The decision means that a larger group of judges will hear the appeal. It also means that the earlier ruling making the director an at-will employee is no longer effective. Last but not least, New York’s Industrial Board of Appeals has invalidated New York State regulations scheduled to take effect March 7th that would have required New York State employers to provide additional disclosures when setting up direct deposit programs and place restrictions on employers who pay their employees with payroll cards. Each of these is worthy of its own blog, but because of time and space I am going to concentrate my efforts on the new cybersecurity regulations. Here goes:

The purpose of NY’s Cybersecurity Regulations is to mandate that all businesses “operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under The Banking law, The Insurance law or The Financial Services Law” of New York State develop comprehensive policies and procedures to protect business related non-public information.

As one of my more astute blog readers pointed out when I previously wrote about this proposal, don’t assume that simply because you are federally chartered you don’t have to comply with this regulation. The state is trying to cast as broad a net as possible. As a result, it is clear that not only state chartered credit unions will have to comply with this regulation, but also credit union affiliates, including mortgage and insurance related CUSOs of federal charters.

Furthermore, the regulation could also apply to your third-party vendors. I would suggest that you forward this information to your existing vendors if their activities involve non-public information.

What remains to be seen is if the regulation is written broadly enough and with the intention to encompass federal charters, which may for one reason or another, need to register with the state. The regulation takes effect in March, but its mandates are phased in between six months and two years. Finally, the final regulation expanded the size and scope of institutions that are partially exempt. Take a look at new Section 500.19 to see if your credit union is one of the lucky ones.

I will be back on Tuesday. Enjoy the long weekend.

February 17, 2017 at 9:59 am Leave a comment

Credit Unions Could Provide Cost-Free Mandate Relief

Tax cap and mandates put counties between a rock and a hard place.

Governor Cuomo traveled to God’s Country yesterday, aka Long Island, to highlight his push to require county executives and local municipal leaders to jointly develop a package of cost-saving measures that would be put before local voters in November. The hope is to spur innovative ideas to reduce property taxes, which in places like Long Island, are making it impossible for the middle class to live and start a family. You won’t find a politician who is against mandate relief in concept.

As luck would have it, I have a simple proposal that would save taxpayer money without decreasing local budgets or making the state Legislature pay more cost: Give localities in NYS the option of placing municipal deposits in credit unions. Doing so has the potential to accomplish real savings for taxpayers while insuring that localities maximize funds available for public services.

Town boards, school districts and other such government entities have an obligation to spend taxpayer money in the most efficient way possible. Unfortunately, these same entities aren’t allowed to deposit public funds in credit unions, even if a credit union could offer a better rate of return on taxpayer funds. That’s right; New York’s law has the effect of prohibiting local leaders from getting the most bang for their buck.

Allowing municipalities to work with credit unions would even help towns that decide to keep their taxpayer funds in a commercial bank. Competition can only help drive down the cost of depositing funds. Currently, the banks have a monopoly on public funds and last I checked, monopolies do not create much of an incentive to provide cost-effective services.

By allowing credit unions to compete for public funds, the Legislature would simply be correcting a historical quirk. Albany insisted that public funds be put in banks before Municipal Credit Union became New York’s first credit union, a little more than 100 years ago. Today, it borders on illogical that New York authorizes teachers and state workers to form credit unions while denying those same credit unions the authority to accept funds from local governments and school districts.

And the prohibition has nothing to do with safety and soundness. Today credit unions have the same share insurance requirements and protections as banks. The only difference is that credit unions are back-stopped by the National Credit Union Share Insurance Fund, while banks are overseen by the FDIC. By giving municipalities the option of placing funds with credit unions, New York would simply be doing what a little more than half the states in the nation already allow.

According to Newsday, the governor’s proposal is intended to spur county and local leaders. He is hopeful, for example, that local leaders will work together and come up with cost-saving ideas, such as shared storage facilities and joint equipment purchases. As someone who proudly believes that government should not be able to take a single dollar out of my pocket unless it has a darn good reason to do so, I think all of these are ideas worth considering.

The problem is one person’s mandate is another person’s cherished government program.

If New York really wants to help taxpayers get more bang for their buck, it is time to end the banking monopoly on municipal deposits.

February 16, 2017 at 9:51 am 1 comment

You want fries with that Data Breach?


I have one good thing to say about hackers. They have provided us with fresh evidence of why state and federal lawmakers  need to impose commonsense requirements on merchants and businesses that don’t adequately protect card information from data breaches, and also don’t bother informing consumers of their mistakes.

Three things happened yesterday that are worth telling your congressman and senators about if you are going to be at CUNA’s Governmental Affairs Conference at the end of the month. First, a Pennsylvania federal magistrate has ruled that a class action lawsuit brought by a group of credit unions and CUNA seeking damages in relation to debit and credit cards compromised by a point of sale data breach at Wendy’s franchises can go forward, First Choice Federal Credit Union, et al v.Wendy’s Co., (U.S. Western District PA). The arguments advanced by Wendy’s in this case underscore precisely why we need clear-cut legal standards making merchants responsible for protecting customer data once and for all. Wendy’s alleges that it has no duty to safeguard sensitive customer information or to provide adequate notification of a data breach.

Fortunately the courts are growing increasingly impatient with arguments such as these. But the fact still remains that, without specific laws in place, merchants will continue to deny that they are in any way responsible for the cost related to data breaches.

Also yesterday I was sitting in on CUNA’s weekly regulatory update call.(for the record I realized after the fact that I was THAT GUY, who chats away not realizing his phone was off mute: sorry about that)    During the call, CUNA discussed news of yet another fast food data breach. This one has occurred at Arby’s restaurants. If you are a New York credit union and you think you may have been victimized give me a call as we would like to get a sense of the scope of the possible theft.

Last but not least, it appears that Yahoo’s data breach maybe even worse than reported. When Yahoo finally got around to disclosing that its data had been compromised, it asserted that no debit or credit card information was stolen. A merchant in Texas has recently started a class action lawsuit alleging that his card information was in fact compromised, by the breach of the embattled tech icon.

Yellen’s testimony indicates interest rate rise coming soon

In the first day of her semi- annual testimony before congress Federal Reserve chairwoman Janet Yellen, warned that waiting too long to remove interest rate accommodation would be “unwise.” The likelihood that the Federal Reserve will once again raise interest rates, perhaps as early as March, is more good news for the banks and credit unions that have struggled with narrow profit margins.

On that note, let’s be careful out there and enjoy your day.

February 15, 2017 at 8:54 am Leave a comment

What’s Next for Melrose?

Late Friday afternoon, New York’s Department of Financial Services (DFS) announced that it was placing $1.78 billion Melrose Credit Union into conservatorship and appointing NCUA as Conservator.  Melrose is the second state-chartered credit union specializing in making taxi medallion loans to be placed into conservatorship.  Montauk Credit Union was taken over by the DFS with NCUA acting as Conservator in 2015.  While the ultimate outcome of Melrose’s situation remains uncertain, here are some key points to keep in mind. 

Melrose is continuing as a functioning credit union.  The regulatory purpose of a conservatorship is to give regulators the authority to take over management of an institution and resolve “immediate problem areas and document[s]. . .prospects for the credit union’s future.”  See Examiner’s Guide Section 29-14.

In making the announcement, neither DFS not NCUA would put a timeframe on how long the conservatorship would last.  But, according to NCUA’s Examiner’s Guide, NCUA aims to have conservatorships completed within two years whenever possible.

NCUA and DFS now have broad powers to address the issues confronting Melrose.  For example, if the best option is a merger, NCUA’s Chartering and Field of Membership Manual stipulates that an emergency merger can be approved without regard to field of membership constraints.  NCUA would be primarily concerned that any merger into a continuing credit union, if possible given Melrose’s size, took into consideration the financial strength and management ability of the continuing credit union.  We saw this approach play out when Bethpage took over Montauk. 

Like Montauk, Melrose is one of the only remaining open charter credit unions in the State.  As explained in this 2002 Legal Opinion Letter, credit unions granted such powers prior to a 1929 revision of state law have the authority to permit membership without regard to common bond requirements.  When Bethpage acquired Montauk, it acquired Montauk’s open charter.

No doubt the banking industry will seize on Melrose’s troubles as an example of problems with the industry writ large.  But Melrose’s problems are nothing more or less than the lightening quick speed with which technology is now making business models obsolete.  As recently as 2014, medallions sold for over $1 million.  Today, the price has fallen dramatically.  The cause of this decline in New York Medallions is a San Francisco based computer company, Uber, which wasn’t even formed until 2009. 


February 13, 2017 at 7:30 am 1 comment

Credit Unions Recover Faster Than Predicted From Mortgage Meltdown

Credit unions have a nice problem on their hands.

As explained in this excellent white paper published by CUNA today, if current projections hold, credit unions will have put more money into the Temporary Corporate Credit Union Stabilization Fund then will ultimately be necessary to cover the costs related to the failure of five corporate credit unions. In a nutshell, the cost of stabilizing the corporate system was originally estimated to be $ 15 billion, but now the estimated cost is between $5.5 billion  and $7 billion. CUNA’s white paper is intended to spur debate within the credit union industry about how to best handle the repayments of these excess funds.

First let’s take a trip down memory lane. When the mortgage crisis hit, the value of mortgage securities purchased by the corporates tumbled in value. The Temporary Corporate Credit Union Stabilization Fund was authorized in May of 2009. Its primary purpose was to spread out the cost of paying for these securities. In return for allowing NCUA to securitized the remaining corporate legacy assets, Credit unions funded the Stabilization Fund with additional assessments. As of 2013 credit unions had already paid approximately $ 4.8 billion into the fund. The low point came in 2010 when credit unions had to pay an amount equal to 25.1 basis points of their total assets into the fund. Fortunately, the securities have performed better than anticipated, and NCUA’s legal efforts have netted more than three billion dollars in recoveries.

I know this may sound like dry stuff but it has a direct impact on your credit union’s balance sheet. For example, one option suggested by CUNA is to merge the Stabilization Fund into the Share Insurance Fund this year. The resulting surplus could mean that your credit union receives rebates for their excess payments sooner than what would have been conceivable just a few years ago.

There are also issues unique to those credit unions that had capital in Members United. Under NCUA’s current projections there is a good chance that your credit union will recover the cost of at least some of the paid in capital you invested in the Corporate. Under current estimates capital holders may see replenishments of between 20 and 36 percent of their Members United capital. In contrast, if you invested in Westcorp. or Constitution Corporate you are out of luck.

I have said it before and I will say it again. Credit Unions should give themselves a pat on the back and hold their heads high, with regard to their performance during the mortgage meltdown. The vast majority of natural person credit unions were prepared to absorb the economic shock, the industry paid its debts without the help of the US tax payer and now it is well positioned to realize a premium for its efforts. Let’s just keep in mind, as both NCUA and CUNA stress that we are still dealing with economic projections, and a lot can happen in the next four years. Anyone who thinks they know precisely where the economy is headed and the impact this will have on mortgage bonds is diluting themselves.

February 10, 2017 at 9:27 am 1 comment

Beware of the Electronic Mule


A recent guilty plea in Federal District court in Brooklyn is the latest example of how a fool and his money are easily separated and how financial institutions are often left paying the bill.

On February 3, 2017, Vyacheslav Khaimov pled guilty for his role in orchestrating an internet cybercrime operation, which successfully stole over $1.2 million from consumer bank accounts by using malware to hack into and transfer money out of them. This case underscores just how vulnerable financial institutions are to their most gullible members.

The scheme, as outlined by the FBI’s Criminal Complaint, is as common as a presidential tweet, which makes me wonder why more can’t be done to prevent these types of crimes from happening in the first place. In this case individuals were told they had been hired for “work from home positions.” The new employee is told to open an account in which they will receive money for expenses; in fact the money they receive is money that has been illegally diverted, via wire transfer. The new hire is also told to transfer the money, yet again, to another account, most commonly one that is overseas. In one of the eight thefts highlighted in this case, for example, $ 37,000 was stolen by wire from a Brooklyn homeowners account and directed to an account opened by an unknowing mule. In the days immediately following, the mule wired all but $3,000 of the money to an account controlled by our criminal.

As early as 2009 , the FDIC issued a warning about this type of activity. As I researched the issue further, what astounds me is that there are so many people duped into participating in these types of schemes. I would be curious to learn how many credit unions victimized by this type of fraud have sent out gentle reminders to their members, not only to protect passwords when participating in online banking, but also to keep in mind that they too could be unknowing mules, particularly if they work at home.

Apparently, some people need a reminder that if something sounds too good to be true, it probably is.

February 8, 2017 at 9:15 am Leave a comment

Is the U.S. Economy Addicted to Financial Methadone?

William Gross, Manager of the world's biggest bond fund at Pacific Investment Management Co. (PIMCO) participates in the Obama administration's Conference on the Future of Housing Finance in the Cash Room of the Treasury Building in Washington, August 17, 2010. The Obama administration will pick the brains of housing finance leaders on how to fix the two government-controlled mortgage finance firms Fannie Mae and Freddie Mac, but made one thing clear on Tuesday: there is no going back to their pre-crisis structure. REUTERS/Jason Reed (UNITED STATES) REUTERS/Jason Reed (UNITED STATES) REUTERS/Jason Reed (UNITED STATES - Tags: BUSINESS POLITICS) - RTR2HCS5

I am back and better than ever, having watched the greatest Super Bowl ever played, at the 41st annual Meier Family Super Bowl party. That is no exaggeration; we take our football seriously.

As I was scouring the internet on the train ride home yesterday afternoon, the most provocative bit of news I found was this analysis by Bill Gross. Get by his new- age gobbledygook about happiness and his comments are a reminder that Quantitative Easing, the buying of mortgage backed securities by central banks to keep bond yields artificially low, is alive and well and having a direct impact on your credit union and its members.

Why should you care about what Bill Gross has to say? Gross is perhaps the nation’s most prolific bond investor, He cofounded PIMCO from which he was either fired or resigned in 2014, depending on whose side of a lawsuit you want to believe. He currently manages the Janus Fund.

QE hasn’t gotten as much attention as it used to since the Federal Reserve stopped buying additional Mortgage Back Securities in 2014. But the Fed is still maintaining its existing portfolio and other central banks have taken up the practice with gusto. According to Gross, central bank balance sheets have risen from approximately $2 trillion in 2003 to a “now gargantuan” $12 trillion at the end of 2016.

This buying binge has had a profound effect on the economy. He argues that it has distorted capitalism by making it more attractive to reinvest cheap money in a company’s shares than investing in economic growth. For example, “$600 billion in the U.S. goes into the repurchase of company stock, whereas before, investment in the real economy might have been a more lucrative choice”.

Furthermore, to critics such as Gross, this cheap money has come at the expense of individual savers, pension funds, and insurance companies which are now “robbed of the ability to earn rates of return necessary to maintain long-term solvency”.

QE was envisioned as a temporary fix to stimulate economic growth. Gross argues that it is now the equivalent of financial methadone, controlling the negative consequences of excessive debt but doing nothing to solve underlying  economic problems. Central Banks must keep bond rates artificially low or they would skyrocket putting an end to expansion.

While it is undoubtedly true that QE has tremendous downsides, the question is, is the world’s economy better off on balance, because of it? Remember, the Fed Reserve only started QE as a result of the unwillingness of legislators to stimulate the economy. While we can point to examples of the harm QE has done, we should not lose sight of just how much worse the post mortgage meltdown economy would have been but for the aggressive actions of central banks.

February 7, 2017 at 9:03 am Leave a comment

Older Posts

Authored By:

Henry Meier, Esq., General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 424 other followers