ALEXANDRIA, Va.—NCUA is being urged to evaluate data security measures "at every step" as it reviews the electronic collection of information during credit union examinations.
The agency is currently reviewing the loan, deposit and investment information that is collected electronically during examinations in an attempt to modernize, formalize and standardize data formats. NCUA has said it hopes to identify considerations and challenges that could arise in the adoption of a new standardized data format for loan, deposit and investment data.
In a letter to the agency, NAFCU Regulatory Affairs Counsel Ann Kossachev stressed the importance of data security and the use of proper encryption and storage procedures by the NCUA. Relatedly, NAFCU asked the NCUA to provide specific details regarding the data security standards to which its third providers will be held.
The letter also requested that the NCUA conduct a cost-benefit analysis of all potential data fields and that NAFCU and its member credit unions be included on any potential stakeholder calls and workgroups to provide additional information and feedback about this initiative.
To curb the potential regulatory burden that could result from this revamp effort, Kossachev's suggestions to the agency included:
- Providing a brief description or example of the type of information requested in a given data field since not all credit unions use the same names for their various data
- Giving credit unions a flexible timeline to work with their various third-party vendors to meet to provide the requested data to examiners
- Establishing a secure portal for credit unions that contain a list of the NCUA-requested documents and allow for the uploading of those documents
- Incorporating the AIRES Exam Questionnaires into the portal so that credit unions may see examiner comments, questions and results all in one location
- Reviewing the scope of data collected by other federal banking regulators and their methods of data collection, storage, retention and disposition