Editor’s Note: The following op-ed is being published under a pseudonym at the request of the author, whose identify is known to CUToday.info.
By Emmett Brown
The date is December 2, 2035. It has been 15 years since President Kanye West signed the bill to permit NCUA to regulate credit union vendors. That was a wild election in 2020. Who knew that the Russians would be so successful promoting a Kanye write-in campaign?
The Kanye administration loved credit unions and agreed with NCUA that credit union vendors need more regulation. It was partially sold as a full employment for examiners program. How else could you have justified the number of examiners increasing in indirect proportion to the number of credit unions decreasing? With each credit union having over 200 vendor relationships, it is, to quote Maverick in Top Gun, a target rich environment.
In order to fend off Congressional opposition, the NCUA changed its name to the National Credit Union Vendor Administration. It seemed to work. While there are only 1,500 credit unions in 2035, the number of NCUVA examiners has increased by 10% each year. That does not count the army of third party cyber experts NCUVA has hired. While the increase in expenses is a bit costly for credit union members, you cannot have too much oversight of credit unions; an opinion shared by the American Bankers Association in its comment letter to NCUVA’s Vendor Authority Regulation.
How it Began
The vendor examinations started out in 2020 as being cyber security focused. Credit unions thought the examinations would be limited to core IT processors and other vendors principally providing cyber type services. Unfortunately, there were numerous examples of the vulnerability of non-cyber services vendors unwittingly infecting the credit union IT system. So, the cyber security scope soon expanded to any vendor with a computer or mobile phone that could email the credit union. I hear that NCUVA is now requesting vendor authority for the vendors serving the credit union vendors. You have to nip those cyber threats at the place of origin.
Now I am not sure if vendor authority is truly limited to cyber security issues anymore. For example, NCUVA now has expert arborists that approve landscape plans around credit union branches. I guess cyber security threats could literally be hiding in the bushes.
The Innovation Examiners have been particularly busy. Prior to any new technologies or products being introduced in credit unions through CUSOs, a team of NCUVA Examiners review and approve the concepts, business plans, financial products, and performance. Fortunately, the Innovation Team has prevented credit unions from making risky decisions that could have theoretically caused the credit unions losses. The Innovation Examiners are pleased to announce that two new innovative ideas have been approved for CUSOs this year, both involving compliance services. One credit union has appealed the denial of a CUSO’s innovative project to the NCUVA Board. Good luck with that one.
More Examiners Hired
The extra resources must be working as NCUVA has put out an annual report that lists the number of instances that cyber security protection has prevented the theft of millions of dollars of member data in the past 15 years. More details on the instances has not been provided for two reasons: (1) if made public, the information may compromise the cyber defenses NCUVA recommends for credit unions, and (2) there has been cyber security breach at NCUVA and the information has been stolen.
Due to this unfortunate event, NCUVA will be hiring more cyber security expertise. Thank goodness the folks at Huawei are available to help.
About the Author: Emmett Lathrop “Doc” Brown, Ph.D., is the inventor of the first time machine, built out of a DeLorean sports car. He has been a member of a credit union since birth and committed to our survival.