ALEXANDRIA, Va.–The types of strategies credit unions can use to work with borrowers who are experiencing financial hardship are outlined in a new Letter to Credit Unions from NCUA.
Letter 20-CU-13 said those strategies can include additional funding to making temporary or permanent loan modifications, and further offers direction on how credit unions should be monitoring and reporting loan modifications.
“The financial hardships experienced by borrowers during the COVID 19 pandemic will vary,” the letter reads. “When evaluating available strategies to work with borrowers, credit unions should use a strategy appropriate for a borrower’s needs and the degree of hardship. Borrowers may benefit from new funds, temporary loan modifications, or permanent loan modifications. However, a credit union’s strategies for working with borrowers should also take into account the financial effects these actions will have on the credit union and its ability to serve all members.”
In addition, the new NCUA letter includes numerous strategies for addressing new funds to borrowers, temporary loan modifications and permanent loan modifications. The letter also outlines policies for monitoring and reporting loan modifications.
The letter is here: NCUA LTCU 20-CU-13: Working with Borrowers Affected by the COVID-19 Pandemic
FFIEC Issues Statement on Using Cloud Computing, Risk Management
Separately, the Federal Financial Institutions Examination Council (FFIEC), of which NCUA is a member, has issued a statement to address the use of cloud computing services and security risk management principles in the financial services sector.
“Security breaches involving cloud computing services highlight the importance of sound security controls and management’s understanding of the shared responsibilities between cloud service providers and their financial institution clients,” the FFIEC said in a statement. “The statement does not contain new regulatory expectations, though it highlights that management should not assume that effective security and resilience controls exist simply because the technology systems are operating in a cloud computing environment.”
According to the FFIEC, the statement highlights examples of risk management practices for a financial institution’s safe and sound use of cloud computing services and safeguards to protect customers’ sensitive information from risks that pose potential consumer harm. The statement also provides a list of government and industry resources and references to assist financial institutions using cloud computing services.
Additional Info
Additional information on general risk management and outsourcing practices is available in the FFIEC Information Technology Examination Handbook’s “Outsourcing Technology Services” booklet and other documents published by FFIEC members.