Board Meeting: PCA Relief Measures and Cybersecurity Briefing

Logo for the National Credit Union Administration

During Thursday's National Credit Union Administration (NCUA) Board meeting, the board was briefed on an interim final rule on prompt corrective action (PCA) adopted last week by notation vote, at which time the rule became effective.

This interim final rule is substantially similar to the interim final rule the NCUA previously issued in May 2020 that expired at the end of that year, which makes two temporary changes to the NCUA’s PCA requirements in order to help credit unions remain operational and liquid during the COVID-19 pandemic:

  • Reduces the earnings retention requirement for federally insured credit unions classified as “adequately capitalized.” The NCUA indicates that those credit unions unable to meet the earnings retention requirement will not have to submit a written application requesting approval to decrease their earnings retention amount. However, if a credit union either poses an undue risk to the National Credit Union Share Insurance Fund (NCUSIF) or exhibits material safety and soundness concerns, the appropriate NCUA regional director may require the credit union to submit an earnings transfer waiver request.
  • Permits an undercapitalized credit union to submit a streamlined net worth restoration plan if it becomes undercapitalized predominantly because of share growth. If a credit union becomes less than adequately capitalized for reasons other than share growth, it must still submit a net worth restoration plan under the current requirements in NCUA’s regulations.

These temporary measures will remain in place until March 31, 2022.

Separate from the agenda item, the board made comments pertaining to the NCUSIF, including remarks from Board Member Rodney Hood on considering temporarily decreasing the fund’s normal operating level to 1.30 percent if losses are greater than (or projected to be greater than) anticipated.

NCUA Board Briefing on Cybersecurity Update
During the same meeting, the NCUA Board was also provided a cybersecurity update briefing. According to the briefing, the top threats to credit unions are:

  • Historical threats that are still relevant (some with new variants): ransomware, malware/phishing, identity theft, denial of service, ATM skimming, pandemic themed attacks, and supply chain attacks.
  • The briefing also noted top mitigation trends: organizational awareness and training, dynamic asset and access awareness, effective security controls, security product/service consolidation, enhanced remote user security emphasis, reach and attack simulation, and continuous monitoring (rapid detection and response).

Board Chairman Todd Harper reminded credit unions that as part of the NCUA’s 2021 Community Development Revolving Loan Fund grant initiative, between May 3 and June 26 low income credit unions (LICUs) can apply for up to $7,000 in grants to strengthen their cybersecurity defenses.

Cyber information for credit unions, including regulations and guidance (along with information about protecting themselves and their members from cyber threats), is available on the NCUA’s cybersecurity resources webpage.

Pin It