PRA Publishes Findings of the 2019 Assessment of Credit Unions

The key findings of the assessment include the following:

• Operational risk and resilience and cyber security—Before undertaking strategic initiatives to expand and develop new activities, especially online activities, it is essential to conduct a comprehensive operational risk assessment, ensuring that appropriate and adequate robust systems and controls are in place. There has been an increase in the number of operational and cyber incidents in credit unions over the last year. Credit unions should think about their business services, how their services could be disrupted, and how they might need to adapt to ensure that critical services can continue to be delivered through disruptions.
• Outsourcing—All credit unions using or considering the use of outsourcing should review their arrangements in light of the requirements listed in Section 14 (Outsourcing) of the Credit Union Rulebook Part. This includes, among other things, demonstrating that the credit union is able to terminate the arrangement, where necessary, without detriment to the continuity and quality of its provision of services to members. There have been instances where this has not been the case and this poses a risk to credit unions and their members.
• Management and monitoring of liquidity—Many credit unions with total assets above GBP 15 million and/or with more than 10,000 members have been successful in increasing lending over the last twelve months. However, PRA has noted instances where either an increase in lending and/or an illiquid investment, deposit, or reinvestment led to a significant reduction in the liquidity of a credit union, with some credit unions falling below the minimum required level. In some cases, credit unions could only rectify their position by taking out short-term loans from other credit unions. All credit unions are expected to maintain an up-to-date liquidity management policy statement approved by the Board.
• Provisioning—All credit unions with total assets below GBP 15 million and fewer than 10,000 members are required to make adequate provision for bad debts. PRA has seen instances where credit unions have treated their bad debt incorrectly and miscalculated their provisions. This has led to instances of financial difficulty and, in some cases, failure. Directors must ensure that they regularly review management information on bad debt and provisions and take steps for the assurance that the information reported to them is being correctly and properly calculated.

Related Links

• Assessment of Group 1 (PDF)
• Assessment of Group 2 (PDF)
• PRA Supervision of Credit Unions

Keywords: Europe, UK, Banking, Credit Unions, Operational Risk, Governance, Outsourcing, Provision for Bad Debts, Liquidity Risk, Cyber Risk, PRA