Credit union outlook 2022: Takeaways for the year ahead

4/5/2022
Credit union outlook 2022: Considerations for the year ahead

As you move through 2022, keep up with the latest news in financial reporting, risk, compliance, and more for credit unions.

Staying on top of financial reporting and regulatory updates and trends might seem overwhelming, but understanding the landscape is vital for a credit union’s success. In a recent webinar, Crowe covered a variety of topics, including updates from the Financial Accounting Standards Board (FASB) and the National Credit Union Administration (NCUA), emerging technology, and more. These key points can help credit unions focus their goals for 2022.

Get the latest guidance on credit loss from the “AICPA Audit and Accounting Guide: Credit Losses.”
Accounting topics

FASB update: Troubled debt restructurings (TDRs) and vintage disclosures

Recap: At its Feb. 2, 2022, meeting, the FASB voted to do the following:

  • Eliminate TDR accounting for entities that have adopted the current expected credit losses (CECL) standard
  • Require new disclosures for modifications to borrowers experiencing financial difficulties
  • Allow prospective adoption
  • Make effective for fiscal years beginning after Dec. 15, 2022, with early adoption permitted for those that already have adopted CECL

Keep an eye on: The final Accounting Standards Update (ASU) was issued on March 31. The Crowe article “FASB Tweaks CECL: TDR Accounting and Vintage Disclosures” offers details.

FASB update: Identifiable intangible assets and subsequent accounting for goodwill

Recap: The FASB has a project to revisit the subsequent accounting for goodwill and the separate recognition of identifiable intangible assets for all entities. The board has tentatively decided on a 10-year straight line amortization, which can be shorter or longer, capped at 25 years, with justification. This hybrid approach would be a combination of impairment and amortization.

Keep an eye on: The board continues its deliberations. The next step would be for the FASB to issue a proposed ASU for comment. The FASB does not provide an expected timeline for a proposal on its agenda.

CECL

Recap: CECL will be effective for many credit unions as of Jan. 1, 2023. Credit unions should consider the impact of adoption for GAAP purposes as well as the impact on regulatory capital, which is being phased in over a three-year period.

Keep an eye on: It’s important to focus on implementation. Here are some best practices and observations:

  • Expect an increase in the allowance as a result of CECL adoption; the magnitude of increase will depend on composition of the loan portfolio.
  • Consider using a third-party application or provider to assist with the CECL model – this has been the trend of many adopters to date.
  • Adjust for factors otherwise not captured (that is, qualitative factors).
  • Consider a CECL methodology that is appropriate for the complexity of the credit union’s loan portfolio.
  • Consider advantages of running parallel calculations prior to adoption.
  • Involve external auditors early and often.

Leases

Recap: ASU No. 2016-02, “Leases (Topic 842),” requires leases with a term greater than 12 months (original term) to be recorded on the balance sheet. The effective date is for fiscal years beginning after Dec. 15, 2021, and all credit unions should adopt in the current year (effective Jan. 1, 2022).

Keep an eye on: The impact of the standard varies widely. Here are some best practices and observations:

  • Most entities did not use the comparative transition option of applying the transition requirements.
  • Renewal periods should be included in the lease term only if it is reasonably certain the renewal option will be exercised.
  • Items such as free rent period or tenant allowances will have an impact on the calculation and often result in differing right-of-use asset and lease liability.
  • Estimating the incremental borrowing rate presents challenges.
  • A practical expedient exists to elect the use of a risk-free rate if an incremental borrowing rate is not present.
  • Embedded leases should be identified, and materiality of leases to the credit should be considered.

Collateral assignment split-dollar policies

Recap: In a typical collateral assignment arrangement, a credit union has a nonrecourse loan to an employee, collateralized by cash surrender value (CSV). The employee owns a life insurance policy and endorses death benefits to the credit union equal to the loan amount plus accrued interest. If the CSV is less than the loan amount, the loan is written down to CSV and an expense is recorded through the income statement.

For arrangements when the loan has recourse, the asset (the loan receivable) should be evaluated for the employee’s ability to repay the loan.

Keep an eye on: Loans taken against the policy can affect the loan receivable, whether nonrecourse or recourse.

NCUA supervisory priorities

Cybersecurity risk management

Recap: The NCUA released the Automated Cybersecurity Evaluation Toolbox (ACET) in 2021, which aligns with Federal Financial Institutions Examination Council (FFIEC) self-assessment tool and is used to measure cybersecurity preparedness. Many institutions use this as a starting point to help identify gaps in their cybersecurity and risk management programs. While these assessments aren’t mandatory, they are increasingly important to help combat ransomware – especially as agencies are seeing an uptick in these attacks at institutions of all sizes.

Bank Secrecy Act/anti-money laundering (BSA/AML) and terrorist financing

Recap: The implementation of the AML Act of 2020 and the Corporate Transparency Act (CTA) will prompt updates for BSA/AML policies and procedures. In addition, interagency efforts are underway to improve both Currency Transaction Report (CTR) and Suspicious Activity Report (SAR) filings.

Keep an eye on: Watch for further updates to the FFIEC BSA/AML exam manual. The NCUA has a resource center that highlights current developments.

Third-party risk management

Recap: Many institutions are refining their processes and exam procedures around third-party risk management and vendor risk management, with a heavy emphasis on fintech providers. Credit unions partnering with new technology providers will want to follow the NCUA’s guidance and talk early and often to NCUA examiners.

Keep an eye on: The NCUA has been focused on concentration risk for quite some time, so credit unions should pay close attention and make sure they are thoroughly identifying and managing credit concentrations. They also should watch out for developing climate financial risk supervisory policy.

Consumer compliance

Fair lending programs

Recap: The NCUA continues to examine for compliance with applicable consumer financial protection laws and regulations during every federal credit union examination. As credit unions explore what their fair lending programs look like now and what they should look like, focus should be on the following pillars:

  • Risk assessment
  • Monitoring and analysis
  • Vendor- and model-related risk
  • Complaints
  • Servicing and loss mitigation

Fair Credit Reporting Act (FCRA)

Recap: The FCRA has been affected over the past couple of years by deferrals and by what the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) has allowed in terms of topics like reporting delinquencies.

Keep an eye on: Credit unions should consider these questions when focusing on the FCRA:

  • Has member data been handled according to the CARES Act requirements?
  • Has our reporting over the past couple of years has been timely and accurate?
  • Has the integrity of credit data reporting to the major credit bureaus been tested?
  • Are FCRA-related complaints being monitored?
  • Is the dispute process handled centrally, or is it decentralized? Are disputes handled consistently (for example, following operational procedures and guidance)?

Overdraft programs

Recap: Regulators are focused on overdraft programs throughout the country. If they haven’t already, credit unions should revisit their overdraft program and consider the following topics:

  • Fee amounts and limits, including a de minimis amount and daily limit
  • Comparison with geographic peers
  • Accounts with overdraft privilege
  • Monitoring complaints to be proactive
  • Monitoring refunded fees for disparate impact or treatment

Keep an eye on: Data is available for examination by regulators and consumer groups alike, which means it’s critical to analyze data internally and understand what it reflects. Other topics to keep top of mind include:

  • Servicemembers Civil Relief Act
  • Electronic Fund Transfer Act
  • Risks related to unfair, deceptive, or abusive acts or practices across the enterprise
  • Monitoring of vendors (such as overdraft vendors, mortgage subservicers, and flood vendors)
  • Relationships with fintechs (specifically, confidence in their compliance programs, models, and complaint management)
Cybersecurity

Recap: The financial services industry continues to observe persistent and ever-present cyberthreat actors, especially as banking data continues to hold value to criminals. People are still the primary facilitator of successful cyberattacks, due to many individuals demonstrating a lack of awareness of and attentiveness to ongoing attacks. Digital transformation and remote working have accelerated the possibility of cyberattacks. Based on refreshed guidance, frameworks, and assessments, and as risk transference becomes more costly and difficult, credit unions should ask:

  • Are we targeted?
  • How prepared are we?
  • Are we doing enough?

Keep an eye on: Cybersecurity and cyber risk assessments are organizational needs that require attention. Like other risks, cybersecurity considerations must be incorporated into both operational and strategic decision-making processes and require organizational alignment, cooperation, and appropriate governance. It’s important for credit unions to understand the effects of cybersecurity on specific business objectives and obtain adequate representation and diverse expertise to establish and develop their risk posture and cyber risk appetite.

New, emerging, or changing technology risks

Recap: Here’s an overview of what Crowe is seeing in the market:

  • Targeted, network-based penetration testing. Clients continue to seek new and innovative ways to test and challenge their controls, processes, and employees by performing targeted cyberattacks against their own networks and systems.
  • Continued exploration in robotic process automation. Areas where credit unions are investing include loan applications and servicing, deposit account creation, account closure, customer service, know-your-customer standards, quality assurance processing, and regulatory compliance.
  • Sustained remote worker arrangements. Technology that enables sustained connectivity and access to banking applications have mostly been implemented, yet refinements around usability, security, and access persist.
  • Data. Clients continue to explore meaningful ways to correlate customer data with recognized patterns and trends to drive business decision-making, customer targeting, and increased revenue. Examiners also continue to focus on data governance.
  • Pandemic planning. Adjustments to how systems are accessed and used (due to COVID-19 and weather events) have driven changes in multiple supporting operations and respective documentation, including disaster recovery, business continuity, and third-party risk management.
  • Migration to the cloud. The past two years saw a tremendous acceleration of cloud migrations, mostly due to the need to sustain employee connectivity.

Keep an eye on: More advanced levels of penetration testing might be valuable for organizations looking to dig a bit deeper or evaluate more specific possible weaknesses. These types of tests are referred to as “red team,” “purple team,” or “simulation tests,” where the focus of a test is narrowed and the depth, length of testing, and collaboration with those being tested are increased.

Our specialists dive deeper into these topics in our “Credit Union Outlook 2022” webinar.
Watch the webinar

Contact our specialists

Looking for ways to translate these trends as well as financial reporting and regulatory updates into actionable plans for your credit union? Our team is here to help. Reach out and let us know how we can help you achieve your 2022 goals.
Niall Twomey
Niall Twomey
Principal, Financial Services Consulting
Megan Rangen
Megan Rangen
Partner, Audit & Assurance