The National Credit Union Administration (NCUA) published a letter that clarifies certain expectations for federally insured credit unions contemplating the use of new or emerging distributed ledger technologies, or DLT, to transform their traditional financial operations and services.
The letter reiterates the importance of sound governance and planning related to deploying new technologies like distributed ledger technologies. The letter clarified that credit unions may appropriately use distributed ledger technologies as an underlying technology and highlights a variety of relevant issues which credit unions should evaluate prior to deployment in terms of compliance with all applicable laws and regulations, including applicable state laws or state supervisory authority requirements. The NCUA expects credit unions to exercise judgment, apply sound risk-management practices, and conduct necessary due diligence when choosing to offer a new platform, product, or service, including where distributed ledger technology is part of the underlying technology. These assessments include evaluating the permissibility of an activity and the opportunities and risks associated with any underlying technology.
To evaluate whether to use distributed ledger technologies, the letter specifies focus areas such as Governance, Oversight and Planning, and Risk and Risk-Mitigation strategies and ensuring that
- the credit union’s board of directors is notified of advancements in the underlying technology, the purposes of the technology, and how using distributed ledger technology aligns with the credit union’s strategic planning objectives and approved risk tolerances.
- the credit union staff and third parties using and managing the technology are complying with applicable laws and regulations and acting in a safe-and-sound manner.
- effective risk-management practices are followed to identify, assess, and mitigate risks associated with distributed ledger technologies, including cybersecurity risk, legal and compliance risk, strategic and reputational risk, liquidity risk and third-party risk.
- risk assessment and audit functions can validate and attest to the effectiveness of risk-mitigation practices in accordance with internal policy and industry leading practices.
Keywords: Americas, US, Banking, Credit Unions, Distributed Ledger Technology, DLT, Compliance Risk, Reputational Risk, Liquidity Risk, Third-Party Risk, Regtech, NCUA
Previous ArticleEBA Announces Timeline for 2022 Transparency Exercise
The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.
The European Council and the European Parliament (EP) reached a provisional political agreement on the Corporate Sustainability Reporting Directive (CSRD).
The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks.
The European Commission (EC) published the Delegated Regulation 2022/954, which amends regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.
The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures.
Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)
The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.
The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.
The Basel Committee on Banking Supervision (BCBS) issued principles for the effective management and supervision of climate-related financial risks.