Credit union leaders and industry experts outline challenges and considerations for organizations approaching this major growth milestone.
There’s a magic milestone for financial institutions in the United States—an asset mark that has loomed large since Dodd-Frank was signed into law in 2010. That mark is $10 billion, and once a financial institution hits that mark, a lot of things change: It is subject to annual examination from the Consumer Financial Protection Bureau, receives less interchange income, and may have increased staffing needs that smaller institutions don’t face.
Until July of this year, credit unions at this asset size were also subject to increased testing and supervision from the National Credit Union Administration, but the testing threshold has now been raised to $15 billion.
Currently, only 21 credit unions sit above $10 billion in assets, but a period of steady growth and increased deposits from members who received pandemic payments helped several of those credit unions grow to $10 billion in assets in the past two to three years. Still more have grown well beyond the $1 billion mark.
How Oversight Changes at $10 Billion
At $15 billion in assets, NCUA oversight will shift to NCUA’s Office of National Examinations and Supervision. But when a credit union is smaller than $10 billion, most oversight comes from the regional NCUA regulator.
Credit unions are used to regulators’ “safety and soundness” exams, says CUES member Jim Laffoon, president/CEO of $12 billion Security Service Federal Credit Union, San Antonio. The back-office staff may be tasked with preparing reports and gathering information, but the process of the exam is predictable.
However, CFPB supervision at the $10 billion in assets mark includes new reporting and scrutiny. Where NCUA oversight is meant to ensure the soundness of the credit union, CFPB is looking for risks that hurt consumers, according to Jim Carley, director of the compliance practice group at Promontory and former regional director in the Office of Supervision, Enforcement & Fair Lending at the CFPB.
The bureau’s supervision priorities reflect those risks to consumers and current economic conditions, Carley continues. For example, in the years following the mortgage crisis, foreclosures and loss mitigation were major areas of scrutiny. Each year, the CFPB sets new supervision priorities through an agency-wide analysis of consumer risks. The analysis considers such factors as new financial product types, conditions in product markets, the results of CFPB’s monitoring of supervised entities, information shared among federal and state regulators, and consumer complaints received by the agency.
Another big consideration for FIs that hit the $10 billion threshold, Carley points out, is that CFPB examinations aren’t on a “recurring calendar-based cycle.” Rather, exams are scheduled through a risk-based prioritization process. Other differences may be the duration of the exam and even the size of the exam team, since CFPB exams typically involve “more than just sampling and transaction testing of compliance but also an evaluation of the institution’s compliance management system, or CMS.”
How Revenue Must Shift at $10 Billion
When a credit union reaches $10 billion in assets, the Durbin amendment of the Dodd Frank Wall Street Reform and Consumer Protection Act also kicks in. This amendment reduces the amount of interchange income a financial institution may collect on debit and credit card transactions. The reduction in income can be significant—Laffoon says Security Service FCU planned for approximately $25-30 million in reduced interchange income each year.
To compensate for this loss, credit unions must either find new ways to earn income or plan for an overall income reduction. Although fee income is likely not an appropriate method of increasing income in the current economic climate, credit unions could consider adding new services, such as wealth management or commercial banking, says Norm Patrick, VP/Advisors Plus Consulting at CUESolutions provider PSCU, St. Petersburg, Florida. Such new lines of business can provide sources of income that are isolated from fee and interchange pressures, increasing the soundness of the credit union overall.
What It Takes to Get to $10 Billion
Organic growth—increasing accounts and sales of products and services through the credit union’s internal resources—is a major way that credit unions hit various asset size benchmarks. Laffoon points out that organic growth, which is how his credit union grew to $10 billion, allows credit union leaders to plan well ahead of reaching $10 billion in assets because such growth tends to be steady and predictable. Security Service FCU’s growth is mainly due to word-of-mouth endorsements among members and their family and friends, he says.
Mergers and acquisitions are also common methods of growth in the financial services industry. $13 billion VyStar Credit Union, Jacksonville, Florida, grew its membership size and geographic reach through a combination of acquisitions and field of membership expansions. Although organizations should be mindful of acquisitions and FOM expansion that can cause growth to happen more quickly than is sustainable, CUES member Brian Wolfburg, president/CEO of Vystar CU, says his credit union carefully considered each expansion point. “We have and will remain focused on meeting member needs, scale and efficiency, diversification and stability,” he notes.
How Can a Credit Union Plan for This Asset Size?
No credit union leader wants to start preparing for their first CFPB exam right when the CU reaches $10 billion. Instead, Laffoon says, Security Service FCU began preparing three or four years before the organization would reach the magic number of assets.
Patrick recommends starting the planning process when a credit union reaches $5 billion in asset size. Credit unions approaching the $10 billion milestone will need to carefully craft their plans for staffing, systems and training.
Laffoon offers a key piece of advice when it comes to staffing. “It would be a mistake to underestimate the number of new personnel that are required to build and maintain the compliance systems to meet CFPB expectations,” he warns.
To give an idea of staffing needs of large credit unions, Wolfburg says that VyStar CU has more than 2,000 employees to serve 840,000 members.
And although many credit unions have a culture that prioritizes promotions from within when possible, it is likely that credit unions preparing for increased oversight will need to make external hires. New staff needs to “have experience in a CFPB-regulated environment,” Laffoon says, so “promoting from within the organization is less likely to provide the expertise required to guide the credit union through the transition.”
Be prepared to offer industry-leading compensation, benefits and perks, as the hiring market is competitive for experts in risk and compliance, Patrick advises. Survey the market and other organizations’ compliance job postings to ensure that what you offer job candidates is attractive enough to appeal to the most knowledgeable staff.
Systems are the next area of consideration. Ensuring that your credit union’s risk and compliance systems are prepared for the level of scrutiny from CFPB is crucial. Increased staffing in IT and analytics areas may also be necessary to ensure compliance.
Over a period of years, says Wolfburg, VyStar CU “invested in technology and infrastructure, strategically hired in areas needed to support our expansion, and created or built up several departments, including risk, compliance, legal, lending, data and governance.”
Some of the specific changes VyStar CU made include charging the enterprise risk management team “with developing ERM (enterprise risk management) systems and procedures, board policies and an assessment framework,” Wolfburg explains. “We have processes in place that are used by our branch teams and back office to ensure identified risks are managed consistently and appropriately.” To help determine where your credit union’s systems may be lacking, Wolfburg advises, “conduct a gap analysis of where they currently stand compared to what will be expected under the increased regulatory requirements.”
Acquisitions may offer special considerations. Carley points out that when financial institutions merge, “you have two operating systems, you have two cultures, you have two different geographies in some cases. And what can fall behind in that circumstance is the compliance management system.” If the compliance risk management team is not fully involved and the CMS is not adequately upgraded before CU systems, cultures, product lines and branch networks are consolidated, the credit union is at risk with examiners, he says. “At a minimum, you’ll have deficiencies and weaknesses in your CMS. And potentially violations of regulations will occur because the CMS isn’t capable of preventing or detecting and correcting them.”
Once your staffing needs are met and your systems are up to par, Patrick advises that training is necessary to ensure that all credit union staff know how to navigate the technology tools and provide the information required by CFPB and NCUA ONES examiners. Your systems vendors can typically offer education that ensures staff knows how the CMS works and what components of the tools they will need to interact with regularly.
In-house or outsourced training for staff can also help with softer components that need additional attention during significant growth, such as complaint management, member service and enhanced income sources.
Don’t forget to educate the board and supervisory committee too. Because of their critical role in overseeing the operations of the credit union and the actions of the senior leaders, says Patrick, they must also be trained in what CFPB requires of institutions at this size.
It Takes a Village
In addition to the above considerations, keep in mind the people and organizations around you that can help. Connections can be especially important when your institution isn’t clear on what training and support it will need to manage growth and regulation.
Both Carley and Wolfburg suggest talking with peer credit unions to get specific ideas of the types of compliance and risk changes they made when approaching or surpassing the $10 billion mark. And although Carley points out that CFPB exams are specific to each institution (and exam reports and findings are confidential supervisory information), hearing how another institution prepared for a first exam from a credit union leader you trust can help increase your comfort level with the steps you need to take to demonstrate compliance.
Hiring outside help may also be necessary. Consultants who have experience helping financial institutions prepare for CFPB examination can be well worth the expense, as they will have wider levels of experience than your peers in credit union leadership may be able to offer, Carley advises.
Also be in contact with your regulators before you grow to the $10 (or $15) billion level. Your local NCUA examiners can help you prepare and understand the differences in expectations. You may also get in touch with the NCUA ONES and CFPB examiners you’re likely to be working with. Laffoon had the opportunity to have a hybrid local and ONES team perform an exam, giving the credit union early contact with ONES regulators and ensuring that his team understood exactly what was coming.
Your credit union will also need to ensure it is connected with CFPB’s consumer complaint portal, says Carley, as consumer protections are an important part of the agency’s oversight. Complaints from consumers who may have first complained directly to the institution but were not satisfied with how their issues were resolved may reflect problems that warrant review and correction.
No matter where your credit union falls within the asset range, Laffoon offers this sage advice: When planning for growth, “avoid the mindset that ‘our credit union is good for consumers and does not need to change current practices.’” What worked for a small credit union may not work for a larger institution, and it’s important to stay relevant to members’ needs. cues icon
Former credit union staffer Jennifer Roland Cadiente is a writer based in Oregon who focuses on technology and financial institutions.