PRA issued two letters to Category 5 credit unions with the findings of the 2019 assessment of credit unions. Each credit union received one of the two letters, depending on the peer group it falls into. One peer group (group 1) is made up of credit unions with total assets above GBP 15 million and/or with more than 10,000 members. The other peer group (group 2) is made up of credit unions with total assets below GBP 15 million and fewer than 10,000 members. Both letters addressed key issues such as governance, operational risk and resilience, and cyber security.
The key findings of the assessment include the following:
- Operational risk and resilience and cyber security—Before undertaking strategic initiatives to expand and develop new activities, especially online activities, it is essential to conduct a comprehensive operational risk assessment, ensuring that appropriate and adequate robust systems and controls are in place. There has been an increase in the number of operational and cyber incidents in credit unions over the last year. Credit unions should think about their business services, how their services could be disrupted, and how they might need to adapt to ensure that critical services can continue to be delivered through disruptions.
- Outsourcing—All credit unions using or considering the use of outsourcing should review their arrangements in light of the requirements listed in Section 14 (Outsourcing) of the Credit Union Rulebook Part. This includes, among other things, demonstrating that the credit union is able to terminate the arrangement, where necessary, without detriment to the continuity and quality of its provision of services to members. There have been instances where this has not been the case and this poses a risk to credit unions and their members.
- Management and monitoring of liquidity—Many credit unions with total assets above GBP 15 million and/or with more than 10,000 members have been successful in increasing lending over the last twelve months. However, PRA has noted instances where either an increase in lending and/or an illiquid investment, deposit, or reinvestment led to a significant reduction in the liquidity of a credit union, with some credit unions falling below the minimum required level. In some cases, credit unions could only rectify their position by taking out short-term loans from other credit unions. All credit unions are expected to maintain an up-to-date liquidity management policy statement approved by the Board.
- Provisioning—All credit unions with total assets below GBP 15 million and fewer than 10,000 members are required to make adequate provision for bad debts. PRA has seen instances where credit unions have treated their bad debt incorrectly and miscalculated their provisions. This has led to instances of financial difficulty and, in some cases, failure. Directors must ensure that they regularly review management information on bad debt and provisions and take steps for the assurance that the information reported to them is being correctly and properly calculated.
Keywords: Europe, UK, Banking, Credit Unions, Operational Risk, Governance, Outsourcing, Provision for Bad Debts, Liquidity Risk, Cyber Risk, PRA
Previous ArticleESRB Assesses Vulnerabilities in Residential Real Estate in EEA
EBA issued a revised list of validation rules with respect to the implementing technical standards on supervisory reporting.
EBA published its response to the call for advice of EC on ways to strengthen the EU legal framework on anti-money laundering and countering the financing of terrorism (AML/CFT).
NGFS published a paper on the overview of environmental risk analysis by financial institutions and an occasional paper on the case studies on environmental risk analysis methodologies.
MAS published the guidelines on individual accountability and conduct at financial institutions.
APRA published final versions of the prudential standard APS 220 on credit quality and the reporting standard ARS 923.2 on repayment deferrals.
SRB published two articles, with one article discussing the framework in place to safeguard financial stability amid crisis and the other article outlining the path to a harmonized and predictable liquidation regime.
FSB hosted a virtual workshop as part of the consultation process for its evaluation of the too-big-to-fail reforms.
ECB updated the list of supervised entities in EU, with the number of significant supervised entities being 115.
OSFI published the key findings of a study on third-party risk management.
FSB is extending the implementation timeline, by one year, for the minimum haircut standards for non-centrally cleared securities financing transactions or SFTs.