Posts tagged ‘CUNA’

Why Member Expulsion Legislation Is a Big Win

Greetings Folks, with a special shout out to those of you who attended our State GAC.  It was nice to be roaming the halls of the Capitol once again! 

Speaking of GAC meetings, it’s been around three weeks now since CUNA held its annual GAC meeting and I wanted to talk about recently passed federal legislation, which credit unions lobbied for, to make it easier to expel abusive members.  It is called the Credit Union Governance Modernization Act of 2022.  I get the sense that the industry as a whole doesn’t appreciate how important the legislation is for federal credit unions. 

As I am sure most readers of this blog know, under 12 USC 1764, members can only be expelled from a federal credit union by a majority vote of the Board of Directors for non-participation.  Otherwise, for a member to be expelled from a federal CU, there must be a 2/3 vote of members present at a special meeting.  In some ways, this statute is a quaint anachronism since it reflects the importance that the founders of the credit union movement placed on membership.  The problem is that the statute makes it extremely difficult and impractical to get rid of members for abusive or fraudulent conduct.  As one of New York’s credit unions pointed out at a virtual meeting in DC, it is easier for airlines to ban someone from flying than it is for credit unions to ban an individual who is abusive toward staff. 

The good news is that legislation included in the recently passed consolidated budget act will change this situation when it takes full effect in approximately 18 months.  Among other things, a federal credit union’s board will now be allowed to expel a member with a 2/3 vote for, for example, substantial or repeated violation of the membership agreement, significantly disruptive or abusive behavior, and a conviction of fraud or illegal activity.  Members may request a hearing before the board and even petition for reinstatement.  But the key point is that once this law takes effect, you will be able to swiftly get rid of bad actors.

NCUA has 18 months to promulgate regulations further defining the statute’s terms.  In the meantime, remember that even in the absence of the statutory change, provided your credit union has a policy in place, it can severely restrict a member’s activities.  For example, I know of at least one FCU that mandates that disruptive members conduct all their banking by mail. 

On that note, enjoy your day!

March 23, 2022 at 9:05 am 2 comments

Key Week for CUs and Congress

This may be the week when we find out if the Democrats’ spending plan will come to fruition or is destined to be the legislative equivalent of Novak Djokovic’s attempt to achieve the Grand Slam: a historic undertaking which crashed and burned.  Either way, the outcome could have important practical implications for your credit union.

For weeks now the Democrats have been touting the benefits of a $3.5 trillion spending plan and a closely related $1.5 trillion package of infrastructure upgrades. Telling people how you plan to spend money is the fun part of legislating; explaining to constituents whom among them is going to pay for the spending spree is quite another matter. Massachusetts Congressman Richard Neal, who chairs the Ways and Means committee was refreshingly honest in explaining over the weekend that he was reluctant to get too specific about paying for the proposals before getting a sense of what legislation could pass. House Democrats only have a three seat majority and he certainly does not want to be the person who makes vulnerable Democrats support controversial legislation which does not become law. This task became even more complicated when Senator Joe Manchin of West Virginia doubled down on his opposition to the size of the Democrat spending plan.

Nevertheless, several papers are reporting this morning that the Congressman has released a four page outline of legislation to pay for the plan so we are likely to see more specifics in the coming days.

According to CUNA, one proposal under consideration would help the IRS collect more taxes by imposing increased reporting requirements on financial institutions. Specifically, the IRS form 1099-INT would be expanded to include a report on the gross inflows and outflows of accounts and increase scrutiny of cash transactions. At this point, nothing has been formally put in writing but the proposal certainly sounds like one that would impose extensive new mandates on credit unions of all shapes and sizes. Imagine how much fun it would be parsing through proposed regulations in this area. Stay tuned.

Another budget issue under review this week involves increased funding for community development financial institutions.

David Baumann is reporting that today the House Financial Services Committee will be marking up legislation that would provide $10 billion to CDFIs to build or preserve more than one hundred and seventy thousand affordable homes.

September 13, 2021 at 9:34 am Leave a comment

Untangling the Mortgage Mess

In the immortal words of William Shakespeare “Oh, what a tangled web we weave when we try to mess up the regulatory agenda of the incoming administration”. 

Over the last few months yours truly has been hesitant to talk too much about changes to the Qualified Mortgage regulations since the rules are as likely to take effect as Joe Biden is to be endorsed by a coal miner union.  But, those of you who originate mortgages for sale to the GSEs are experiencing one of the most confusing periods of regulatory uncertainty in more than a decade.  It is beginning to have some real consequences.  Here is some background. 

Dodd-Frank mandated that the CFPB promulgate regulations defining a Qualified Mortgage. As readers of this blog also know, Dodd-Frank also stipulated that mortgages purchased by Fannie Mae and Freddie Mac would also qualify for Qualified Mortgage protections.  This exemption was only expected to last as long as Congress figured out what to do with the GSEs, or January 10, 2021.  The CFPB finalized regulations late last year eliminating the QM patch and amending the general QM regulations.  Under these new regulations qualified mortgage designation would be determined based on a mortgage’s APOR.  The Bureau issued a final rule to amend the General QM definition in December of 2020. This rule took effect on March 1, 2021 and has a mandatory compliance date of July 1, 2021. 

To the surprise of absolutely no one, the new leadership at the CFPB announced that it was considering making changes to the revised QM definition.  It has proposed extending the compliance deadline until 2022.  In the ensuing months it will undoubtedly be coming up with a new QM definition. 

But here is where the deal gets even more complicated.   Remember back in 2008 when the federal government had to bail out Fannie and Freddie for fear of triggering a Great Depression?  As part of that bailout, a conservatorship was created for the GSEs and since that time the Treasury has imposed contractual obligations on the GSEs in return for the hundreds of billions of dollars they received from the American tax payer.  (We don’t like using this term in America, but Fannie and Freddie have been nationalized.)  This agreement was recently amended.  Under this agreement, as things currently stand, the GSEs are obligated to begin implementing the new APOR standard on July 1st.  This means that even though the CFPB has already signaled its intention to reconsider the new QM definition, lenders that work with the GSEs have to start preparing new policies and procedures for the July 1st deadline.

Against this sordid backdrop, CUNA yesterday issued this letter urging the Treasury to promptly remedy this situation.  As CUNA noted, forcing the GSEs to implement these changes “would be unnecessary, wasteful, and ultimately harmful for consumers as the implementation cost may also increase the cost of credit.”

It is hard to underestimate the man hours involved in preparing for these types of major changes.   

Let’s hope this glitch gets resolved quickly before all of this confusion begins to have practical consequences. 

NCUA Meeting Recap

Here is NCUA’s recap of yesterday’s Board meeting.  Remember that the Board already approved the interim regulations giving credit unions greater PCA flexibility.

On that note, enjoy your weekend.  Let’s hope it gets warmer. 

April 23, 2021 at 10:28 am Leave a comment

New York to LIBOR’s Rescue!

The rulers of the financial world typically frown on the state getting involved with their business. But when it comes to LIBOR, you can hear a huge sigh of relief emanating from Wall Street this morning. As readers of this blog know, LIBOR is a discredited benchmark that has been the gold standard for contracts that use indexes. In the credit union world, LIBOR has been used by some for adjustable rate loans, and in the world of high finance, it has been used for complicated derivatives. 

Despite the fact that readers of this blog have known for years that LIBOR would come to an end, perhaps as early as this year, apparently some of the folks on Wall Street haven’t gotten around to adjusting to this new reality. But they’re in luck, because tucked away in the Governor’s Article VII budget language is a provision which will amend New York State law to ensure the continued validity of contracts that rely on LIBOR adjustments even after it is obsolete. Since so many financial contracts are executed in New York, this news benefits the financial industry at large. 

Has the CU Industry Been Impacted by the Russian Cyber Attacks?

Since at least last March, the Russian government has engaged in the most comprehensive series of cyber attacks in the internet era. The attacks, which may still be ongoing – the scope of which is still being determined – raised the very real prospect that a foreign government hostile to the United States has infiltrated the inner workings not only of corporations, but of financial institutions as well. Unfortunately, despite a letter from CUNA on the potential scale of the problem, the NCUA has done little to inform credit unions about the extent to which NCUA itself may have been victimized and the steps credit unions should take to protect member data.

As Michael Ogden succinctly put it in this CU Times piece

“We do not know if the NCUA has been impacted. We do not know if the NCUA is conducting its own investigation or audit of its network systems. We do know the Treasury Department, the Commerce Department, the State Department, the Pentagon and the Energy Department have all been compromised. We do know from reports that other federal regulatory agencies have also been compromised.”

This is one of those situations where what you don’t know can hurt you. It’s time for some clarification from our regulator.

January 21, 2021 at 9:34 am Leave a comment

The Losing Race Against the Machine

In the waning days of this lousy year, one of the most important battles about the future of the financial services industry is coming to a head. Regulators, judges, Silicon Valley entrepreneurs and industry stakeholders are trying to figure out how federal law with its roots in the 19th Century is to be applied to banking institutions based on technology created in the 21st. However this battle is decided, its outcome will have tremendous implications for the future of credit unions and all but the largest banks. 

In November, a coalition of banks, credit unions – including CUNA and NAFCU – and consumer rights groups wrote letters in opposition to an application by Figure Technologies to obtain a national bank charter from the OCC. On December 7th, BitPay also applied for recognition by the OCC as a nationally chartered trust. What both of these applications have in common is that the entities in question want the benefits of being a national bank – i.e. the possibility of providing services to anyone, anywhere in the country – while picking and choosing the banking services they actually provide. For instance, Figure wants to avoid FDIC oversight by only taking uninsured deposits. It’s not entirely clear how exactly this is going to work, but apparently, the idea is to only take money from large investors. At the same time, Figure will use its existing block-chain technology to offer an ever-larger variety of loans such as HELOCs and mortgage loans to persons around the country. On the one hand, regulators such as the OCC are anxious to offer a home for these FinTechs, but on the other hand, if they don’t have to accept deposits and they aren’t subject to the more rigorous regulations currently imposed on non-banks by states, then banks and credit unions will be at even more of a disadvantage against FinTechs than they already are, and a good chunk of the consumer protection framework will become obsolete. 

This is why New York’s Department of Financial Services is suing the OCC over its attempt to offer non-bank charters. A decision in this case, which is currently pending before the Court of Appeals for the Second Circuit could come any time now, and Figure’s maneuvers to comply with the OCC’s traditional chartering requirements while avoiding the need for FDIC oversight and insurance is clearly an attempt to get around a ruling in favor of the DFS. 

Finally, the FDIC is trying to protect its turf. It just finalized regulations clarifying the ability of non-banks to consolidate with industrial loan banks without becoming holding companies subject to Federal Reserve Board supervision. 

All this is being done against the backdrop of truly amazing technology, which will redefine banking, and vastly improve the consumer experience. For example, Figure’s ultimate goal is to use block-chain technology to streamline the entire mortgage process, from origination to sale to the secondary market. If everything goes according to plan, the certainty of using block-chain technology will reduce the need for most lawyers (dear god!), compliance folks and settlement agents – a process that takes several weeks will be reduced to a matter of days. All this is good for consumers, but only if this innovation takes place in a modernized framework which takes into account not only consumer protections, but safety and soundness concerns, particularly as the distinction between the revenue earned by FinTechs engaging in traditional commerce, and their role as quasi-bankers becomes blurred. There’s only one institution that can fix this mess, and that’s Congress.

December 17, 2020 at 10:00 am 2 comments

Is Your Credit Union Afraid To Call Its Members?

This may seem like a ridiculous question but the ridiculous part is that existing federal law has been so mangled beyond recognition that it is a question that any credit union concerned about complying with the Telephone Consumer Protection Act (TCPA) should be asking itself.

The need to clarify the reach and scope of this statute is underscored in a brief submitted by CUNA on Friday in a case pending before the Supreme Court.  The case, Facebook, Inc. v. Duguid, Noah, involves an appeal by Facebook challenging the scope of the TCPA, an issue which has split courts around the country.  CUNA was one of several prominent organizations which filed briefs to the court explaining how an expansive interpretation of the TCPA does more harm than good to consumers.

As readers of this blog know, the TCPA was well intended legislation passed by Congress in the early 90s to cut down on those obnoxious dinner time conversations you get from telemarketers and those disconcerting pre-recorded pitches that are left on your cell phone in the middle of the most important meeting of your day.  The basic idea is that consumers should not be subject to a deluge of automated marketing pitches without first giving their consent.

Unfortunately, as readers of this blog also know, this well intended concept has transformed into a tripwire of litigation with boundaries that are so unclear that many credit unions simply avoid using any technology which could potentially trigger TCPA compliance concerns.  According to CUNA’s Supreme Court amicus, 76% of credit unions responding to a 2017 survey reported that it is very difficult or somewhat difficult to determine whether or not their communications are TCPA compliant.  The result, according to the survey, is that 75% of responding credit unions have curtailed the use of more efficient technology simply to avoid running afoul of the TCPA and its strict liability for penalties of $500 per violation.  In fact, American Airlines federal credit union has abandoned the use of automatic technology altogether.  This is a remarkable concession from a $5.6 billion credit union with 235,000 members.

The core of the confusion comes down to the answer to that classic School House Rock ditty “Conjunction Junction, what’s your function?”  Under §227 (a) an “automatic telephone dialing system” means equipment which has the capacity (A)to store or produce telephone numbers to be called, using a random or sequential number generator; and (B)to dial such numbers.

As succinctly explained in CUNAs brief, the court is being asked to decide whether the TCPA encompasses any device that can store and automatically dial telephone numbers, even if it does not use a random sequential generator.  If the answer is yes, then virtually any communications device this side of the iPhone triggers TCPA compliance.

September 14, 2020 at 9:32 am Leave a comment

CUNA: Scrap the CFPB and Pick Up the Pieces

Now that the Supreme Court has agreed to rule on the constitutionality of the single-director leadership structure at the Consumer Financial Protection Bureau, CUNA has submitted a provocative friend of the court brief. In this brief, CUNA argues that in the event the leadership structure is found to be unconstitutional, the court should invalidate the entire CFPB, but allow Congress six months to address the identified defects.

Just in case your second cup of coffee hasn’t quite kicked in yet, remember that the CFPB is unique among financial regulators in that it is overseen by a single director who can only be removed for cause by the president. Since the CFPB’s budget is not subject to congressional appropriations, the director exercises enormous power in comparison to any other federal regulator. Opponents of the CFPB have seized on this structure to challenge its constitutionality.

Most prominently, the Court of Appeals for the District of Columbia, in a decision by then-Judge Kavanaugh, ruled that the Bureau was in fact unconstitutional. He also ruled that this defect could be remedied by simply interpreting the statute as making the director subject to removal by the president with or without cause. Even though this decision was eventually reversed by the entire Court of Appeals, Kavanaugh’s decision has provided a template for other plaintiffs challenging the CFPB’s authority.

The Supreme Court will be deciding this issue when it hears Seila Law LLC v. CFPB. In its brief, CUNA argues that while it agrees that the Bureau’s structure is unconstitutional, the Kavanaugh solution is not appropriate, as Congress never intended the Bureau to be an extension of executive power. The solution, CUNA argues, should instead be to send this back to Congress to develop a bipartisan oversight board analogous to that of NCUA and other financial regulators. This argument is consistent with the position that the industry has taken in pushing for legislation in this area.

Of course, this raises the very real possibility that Congress won’t be able to reach a consensus on this issue. Remember, the court’s decision is going to be coming out in June in the midst of the most divisive and important election cycle since the Civil War. Furthermore, if Congress hasn’t come up with a plan on how to restructure the GSEs over the past decade, realistically, it won’t be able to deal with this issue swiftly.

So here is the question I ask my faithful readers to ponder in the coming days. Particularly, if you want to get a good debate going over Christmas dinner – would credit unions be better off with the CFPB and all its regulations done away with, or given the amount of resources that have already been committed to implementing and understanding thousands of pages of mortgage rules, would they be better off if the CFPB, with all its defects, remained intact? I for one believe that, for purely practical reasons, Justice Kavanaugh’s solution is the only feasible one.

CFPB Issues Important Guidance on Disclosure of Construction Loans

The entire framework of the TRID disclosure regime is based on the assumption that Dick and Jane go look for a house, sign a contract, get a mortgage, schedule a closing, and move in surrounded by a white picket fence to live happily ever after. In reality, a sizable number of home buyers want to build their house from the ground up. Although construction loans are covered by TRID disclosure requirements, grafting these requirements onto construction loans is, to put it mildly, perplexing.

Consequently, I am glad to announce that, just in time for the holidays, the CFPB has issued not one but two separate guidance’s to aid those of us who have been asked to advise on how best to disclose construction loans consistent with federal law.

I’ll have more to say on this in a future blog, I’m sure you can’t wait. I know I can’t.

December 19, 2019 at 9:17 am Leave a comment

Ransomware is Getting Worse. What Steps are You Taking?

The use of ransomware is on the rise as a new business model makes it even more likely that your credit union, irrespective of size, will one day have to decide whether or not to pay off hackers who have frozen you and your members out of your computer system. Here’s a look at why I am trying to scare you a little.

Ransomware is the crime of hackers infecting your computer systems with a virus which makes it impossible for users to access the information they need to do their jobs. The hacker offers to unlock the blocked software, but only after the victim agrees to pay a ransom, usually in the form of bitcoins. While the highest profile examples have involved cities such as Baltimore, it is an increasingly common form of attack against businesses of all sizes.

Recently, it has gotten even more attention. On October 2, 2019, the FBI issued an updated public service announcement warning citizens that ransomware attacks “are becoming more targeted, sophisticated and costly, even as the frequency of attacks remains constant.” Troublingly, the FBI informs us that since 2018, the incidence of indiscriminate ransomware attacks has sharply declined, but the cost of such attacks have increased, presumably because hackers are getting more selective and better at targeting their victims.

In addition to the FBI PSA, the bloggersphere has been analyzing the implications of research performed by McAfee Security Firm, which underscores just how lucrative and organized hacking has become. It appears that the people who make really big money in ransomware these days are the entities that create the ransomware viruses, but then essentially license that technology to groups and individuals hoping to make money off ransomware attacks. In other words, computer crime has become so sophisticated and easy to sell on the web that hackers now effectively license their technology in return for a piece of the ransom payments received by the licensee. Just how profitable is this model? Well, when the previous kings of ransomware as a service announced their retirement from the business in late May, they had made an estimated $2 billion in profits. Yes, that’s billion with a b. Not surprisingly, a new criminal enterprise called Sodinokibi is filling the void. What’s more, according to research done by McAfee, the average ransom is $4,000, but estimates as to the average ransomware vary widely.

The point of all of this is that your credit union should be aware of the possibility of a ransomware attack, take appropriate countermeasures and have plans in place should an attack be successful. For instance, a little more than a week ago, CUNA organized a simulated ransomware attack for credit unions. I wish I would’ve thought of this idea first, it’s a great idea as it forces credit unions to game plan for this very real scenario.

Then of course there are the preventative measures you can take. Here is a baseline list of measures outlined by the NCUA.

Finally, from the perspective of someone who loves technology but needs his kids to set up his kindle, it seems to me that one of the most basic steps you could take is to have a rigorous system backing up your data. Then again, this is no panacea. First of all, backing up all of your data on a daily basis is not cheap. In addition, given how interconnected everything is these days; you have to take extra steps to ensure that that ransomware doesn’t infect your backed up data.

The one thing I think we all can agree on is that the ransomware threat, which has actually been around in its earliest form since the 1980s, is here to stay. It is another one of those chronic problems that need to be managed and not ignored. After all, in the immortal words of Woody Allen, crime does pay, and the hours are good.

October 22, 2019 at 9:15 am Leave a comment

Three Things You Need To Know This Wednesday Morning

Surprisingly busy day yesterday. Here are three things that will impact your credit union day.

CUNA Releases Outstanding Tax Exemption Analysis

I have to say I was somewhat skeptical when I spotted the news that CUNA had released a white paper on the credit union tax exemption. Every time the industry takes on the issue I’m concerned it is getting baited into a debate that won’t convince it can’t win. It also distracts the industry from highlighting the important work it does.

So I’m sure my good friends from CUNA are relieved and gratified to know that, for my money, this white paper is the best explanation and defense of the credit union tax exemption yours truly has ever seen. In commonsense, non-defensive terms, it reframes the debate over the tax exemption into a discussion of the value that the credit union tax exemption “investment” brings to the country.

Why do I like this approach so much? Because anyone indoctrinated in the industry quickly learns that credit unions don’t pay corporate taxes “because they are member owned not-for-profit cooperatives which return profits to their members.” In fact, credit unions don’t pay corporate taxes because policy makers decided a long time ago that a not-for-profit banking model for financial institutions was a good way of maximizing consumer choice and access to financial services in this country. They made the right decision almost 100 years ago and we should not shy away from the responsibility of explaining to both policy makers and the American public why their investment in the industry is worth it. The white paper makes this argument while quickly swatting away the usual banker myth that credit unions don’t pay taxes and pointing out that there are plenty of banks out there which don’t pay corporate taxes because of the way they are structured. This white paper is required reading for anyone involved in any policy debate in the industry.

New York Passes Law On Religious Attire In The Workplace

Legislation passed by the New York State Senate yesterday – S 4037 – is making both local and national news. The legislation amends 296 (10) of New York’s Executive Law to make it “an unlawful discriminatory practice for any employer” to prohibit employees from wearing “any attire, clothing or facial hair in accordance with the requirements” of their religion. I’ll leave this up to the HR professionals to decide just how big of a deal this is. I will only point out existing EEOC guidance already explains that under Title 7 of the Civil Rights Act, employers are required to accommodate an employee’s religious attire. The bill has already been passed by the Assembly and is on its way to the Governor so get ready to update those HR policies again.

New York Going To Pot?

The puns were flying yesterday at a State Senate hearing analyzing issues concerning the legalization of recreational marijuana. Going into the legislative session I was convinced that the legislator would legalize recreational cannabis this year; now I am not so sure. The hearing highlighted many of the complicated issues surrounding this discussion so long as federal policy makers continue to have a “don’t ask don’t tell” policy when it comes to state level legalization.

Tim Strong who works on Community Development at Visions FCU participated in a panel discussion in which he explained  that the federal prohibitions on marijuana possession keep the credit union from considering making loans to businesses which want to engage in marijuana sales.


April 10, 2019 at 9:34 am Leave a comment

Cybersecurity: An Even Bigger Deal Than You Think

imagesCASAIPVFIn a recent blog post for CU Insight, former CUNA CEO Dan Mica argued that in addition to credit unions’ tax exempt status and consolidation, cybersecurity ranked as a major threat to credit unions.  As Mica explained “there is certainly a tipping point in safety and soundness where the regulators and public will not allow a credit union to continue to operate if security is a continual problem.”

Not that a highly paid, DC super lobbyist needs my vote of confidence, but amen brother!  Credit unions need to confront cybersecurity on the legislative, legal and regulatory front if they are going to keep costs manageable for all but the largest of our institutions.  On the regulatory front, the National Institute of Standards and Technology (NIST) recently issued a discussion draft laying out a suggested framework for all industries and businesses to follow in assessing threats to their computer systems.  For example, the draft identifies key areas of a business that need to be protected and suggests that every business grade itself on how well it is protecting these core functions.  It reminds me an awful lot of the type of matrix that credit unions have adopted in assessing their BSA vulnerabilities and I wouldn’t be surprised if we see regulators imposing an IT analysis framework on all financial institutions.

One of the reasons why the NIST framework might take on significance is because Congress remains unable to agree on cybersecurity legislation.  For my money, one of the top legislative priorities of credit unions has to be the expansion of liability to major retailers whose mismanagement of credit and debit card information creates so much of the financial costs associated with data theft in the first place.  I know I am preaching to the choir on this one, but we have to be able to place the costs of data theft on the parties most responsible for letting it happen and existing law on both the state and federal level doesn’t allow courts to do that, at least as between card issuers and retailers.

The combined legal, regulatory and reputational risks are particularly acute for smaller credit unions.  Irrespective of the size of your credit union, if you are on a computer network, then your credit union is a potential portal for cyber thieves.  As a result, no credit union — no matter how small — will be exempt from the costs and obligations of cybersecurity requirements.  Now’s the time for Congress and legislators to makes sure that the costs are apportioned reasonably across all business sectors and that regulators balance the need for increased scrutiny against the cost of compliance.

September 3, 2013 at 7:47 am Leave a comment

Older Posts

Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 785 other followers