Editor’s Note: This opinion piece by Joy Peterson, CEO of the $44.2-million Bessemer System FCU in Greenville, Penn. was first published on ChipFilson.com. It is reprinted here with permission.
By Joy Peterson
As a lifelong accountant, my dad had a sign hanging in his office that said, “Auditors are the ones who come in after the war to bayonet the wounded.” His clients would all chuckle at the sign and nod in agreement.
As a child, I didn’t quite understand the meaning. As the CEO of a small credit union, I understand completely. Our regulator, NCUA, can be thought of as the auditor in the equation.
Membership Growing, Credit Unions Declining
At the end of 2013, there were 6,554 federally insured credit unions in the U.S., according to ncua.gov statistics. By the end of 2021 the number had declined by an astounding 1,612 to 4,942. During that same time period, the number of credit union members actually increased from 96.3 million in 2013 to 129.6 million in 2021. Since the membership numbers grew, it seems evident that the decline in the number of credit unions is not due to consumer dissatisfaction.
What then, does explain the loss of so many credit unions at a time when Americans are searching for value and safety in financial services? Even with fewer credit unions to choose from, 129.6 million Americans still seem to find solace in member-owned financial services. Evidently, they still believe in the prospect of pooling their money for the good of all of the members that make up their charter. Based on results, our regulator doesn’t hold that same high opinion of federally insured credit unions and their mission of service.
Serving NCUA, Not Members
I’ve been a lifelong member of my credit union and an employee since 2001. In that time I’ve seen substantial regulatory changes in my credit union as well as the industry as a whole, but none as significant and harmful as the ones I’ve noted from 2013-2022. Our members are not being served by their credit unions. Instead, our credit unions are serving NCUA.
Based on the numbers, many have been unable to continue to do so successfully. Some have been dissolved involuntarily and many others have been “encouraged” to merge in order to fulfill NCUA’s crushing requirements for what is deemed to be “safety and soundness.”
It seems NCUA would much rather provide oversight to a few giant credit unions than have to provide guidance and oversight to thousands of us little guys. Is that really what the millions of members of both small and large credit unions want? Do our members really understand that there will come a time when belonging to a credit union is no different than being an account-holder with Bank of America or Wells Fargo as their individual control over their financial institution is being diluted at a record pace?
The Compliance Burden: Boards as Scapegoats
Today, trying to comply with NCUA’s ever growing list of compliance requirements is like trying to herd cats. Are those requirements making credit unions safer and more productive and efficient? Based on the numbers, the answer is a very clear and unequivocal NO.
Each NCUA audit results in additional requirements for volunteer board members and supervisory committee members. These completely uncompensated volunteers are now expected to review employees’ accounts, verify the vault, balance the checking account, review corporate accounts, attend meetings and training on Bank Secrecy and on and on and on.
When volunteers resign in frustration, NCUA demands they be replaced. Replacing volunteers encumbered with such overwhelming responsibility is becoming nearly impossible. Not only are they not compensated, they frequently aren’t even able to receive some of the benefits the rest of the membership are granted, like the waiving of fees for an incidental overdraft or a request for a stop payment.
They are reminded with every NCUA contact of their culpability for any insider fraud or failure to mitigate risk appropriately. Rather than volunteers, they are becoming potential scapegoats for NCUA. In order to rope in replacements, we have to overstate the “service to your community” aspect and seriously understate the actual responsibility of it all.
The Big Three DP Monopoly
Beginning around 2014, NCUA started a nearly constant drumbeat regarding “Vendor Due Diligence.” We are cautioned on the growing threat of losses caused by the numerous outside vendors we use for everything from data processing to corporate account services to network security.
We chase our tails trying to verify these vendors are properly insured and sustainable and are abiding by regulatory requirements in terms of security. We make lists and check boxes and retrieve SOC I and II reports. We even hire other vendors to help us keep track of how we are monitoring our vendors. We spend thousands upon thousands of dollars and hundreds and hundreds of hours trying to make sure our vendors are safe.
In reality, small credit unions have very little choice of vendors and almost no control over their behavior, particularly in regard to information security. The Big Three data processors have become so big and so powerful. They have not only access to but also control over every bit of our members’ financial information.
A Hostage Negotiation
They refuse to provide security audit information on the pretense that doing so would compromise their own security. They refuse to return our data without hundreds of thousands of our members’ hard-earned dollars in “de-conversion fees” if we attempt to cut ties with them. They hold our data hostage and simply refuse to allow our exit until we meet their demands. Rather than a contract termination, our dissatisfaction is relegated to a hostage negotiation scenario.
Does NCUA intervene on our behalf as we attempt to comply with their demands surrounding vendors? Absolutely not. In whispers. they admit that they have no oversight of these giants, either.
Yet small and large credit unions alike are expected to demonstrate that we are overseeing these bullies. The really large credit unions at least have the benefit of the substantial sums they pay to these vendors to use as leverage to obtain Service Level Agreements when signing contracts.
They Don’t Care
Small credit unions like mine have no such advantage. The Big Three don’t care what I demand in terms of service on behalf of my members. When their shoddy security practices put my members’ information at risk, they shrug their shoulders and basically dare me to find an alternative.
Rather than contrition and embarrassment regarding their failure to maintain adequate security against current threats, these Fortune 500 companies threaten legal action for disclosing their rookie mistakes. They aren’t sorry they failed to use their superior security resources to provide superior security. They are only sorry we found out about it and demanded that we deserve better.
Pivoting from COVID to DEI
The pandemic saw record sums of COVID-inspired money pouring into banks and credit unions. Global fear and confusion were rampant. Businesses were shuttered-some temporarily and some forever. The global economy began a free fall.
There were reports of billions lost to PPP and unemployment fraud. Where was NCUA? One would expect nearly daily guidance regarding concentration risk and fraud prevention and best practices regarding NACHA rules.
Instead, the talking heads at NCUA started scolding credit unions about diversity, equity and inclusion. Rather than real concern for our members--the salt-of-the-earth member/owners of our financial institutions who feel a common bond to a financial institution with their co-workers or their community--NCUA decided we are evidently racist and somehow elitist.
Our color chart no longer satisfies their hunger for diversity. They alone are responsible for how our charters read but, in hindsight, they have decided we are perhaps too white or not serving enough underserved?!
In reality it doesn’t matter what color or gender our members are. It doesn’t matter whether they are rich or poor or anywhere in between. If we spend all of our time and most of our income trying to satisfy NCUA’s constantly changing view of what makes credit unions valuable to our members, we are no longer serving our members at all.
If we aren’t provided with the leverage to protect their money and their identity and their financial privacy, we are no longer good stewards of the faith 129.6 million people have placed in us.
The Most Needed Change: Respect for Credit Unions
Small credit unions are wounded and struggling to maintain our relevance and profitability in today’s economy. From one CEO to the CEOs of the thousands of smaller, federally insured credit unions, the next time you are notified that your examiner is due to arrive, make sure you look carefully behind their back as you usher them in. There could be a bayonet that will be driven firmly into your back as they write up yet another list of tail-chasing requirements to be deemed “safe and sound.”
I think it’s time all of us ask our regulators to be more constructive in their approach to the industry.
Here’s how NCUA can demonstrate respect for our efforts to serve members, the reason why we exist:
- Recognize that small credit unions are, in fact, different from large ones. Their capabilities are not the same, but our service to members can still be extraordinary, needed and valued.
- NCUA should support credit unions instead of fighting them. Statements by NCUA spokespersons often include comments critical of credit unions. Our members decide whether we are “good enough.”
- Stop labeling our members. NCUA likes to call them marginalized, disadvantaged, underserved and low-income. They refer to “minority communities” and recently “Other Targeted Populations,” or OTPs. While we happily serve ALL members of our community, these terms give the impression that only people who are “less than” or “other than” belong to credit unions. They are just people.
- There needs to be more transparency from NCUA regarding its own management. Losses to the Share Insurance fund caused by thefts went on for years without raising any red flags to NCUA examiners. Were there any adjustments to NCUA examinations to address these limitations? NCUA should also be expected to manage their own investments at least as well as they expect us to manage ours. Our credit union members pay for NCUA’s management failures.
- NCUA shouldn’t expect more of small credit unions than they expect of themselves. NCUA “recommended” that credit unions allow no-cost loan payment deferments and the waiving of overdraft fees during the pandemic. My credit union gave up more than $15,000 in income to help our members. What did NCUA do?
- So many mixed messages. Don’t tell credit unions we need to do more lending to people with lower credit scores and then criticize us because our delinquency goes up. Don’t take away our ability to earn non-interest income from overdraft fees and interchange income and then wonder why we aren’t more profitable. Part of the reason for all the mergers is the demanding, overbearing NCUA requirements as well as the utter lack of support from our regulators.
Respect for members is what makes us different. That is also what makes us sound. It doesn’t work the same, the other way around.
Joy Peterson is CEO of the $44.2-million Bessemer System FCU in Greenville, Penn. CUToday.info invites your feedback at any time.