Washington State Department of Financial Institutions

DIVISION OF CREDIT UNIONS

BULLETINS 2004

 

DCU Bulletin

Division of Credit Unions
Washington State Department of Financial Institutions
Phone: (360) 902-8701 FAX: (360) 704-6901

January 5, 2004
No. B-04-01

Changes in State's Unclaimed Property Regulations

Effective January 4, 2004, the Unclaimed Property Regulations, found at  RCW 63.29, change to require escheatment of certain abandoned property after only three years.  Previously escheatment was not required until the property was abandoned for five years.  Affected unclaimed property now requiring escheatment after only three years includes:

Unclaimed property is any intangible amount owed or held by an organization that remains unpaid or has no evidence of positive owner activity for an extended period of time. Unclaimed property does not include real estate, vehicles, and most physical property. Safe deposit box contents are the only tangible property that is reported.  Safe deposit box contents and money orders continue to have a five-year abandonment definition and payroll checks continue to be defined as abandoned after one year.

Typically credit unions determine member accounts as dormant after three years of inactivity.  As of January 4, 2004, credit unions will need to remit to the state after only three years.   This could impact the amount of fee income earned to the credit union, if dormant account fees are typically assessed.

The board minutes should reflect this change in the regulations has been discussed and that relevant credit union policies and procedures have been changed.

If training is needed by the credit union, a Department of Revenue newsletter describes workshops available.  The newsletter can be found electronically at http://dor.wa.gov/docs/pubs/ucp/UCPNewsletter.pdf.  If you prefer, you can arrange to have one of the DOR auditors provide training at the credit union.  If so, workshops and training are arranged by writing to UCP@dor.wa.gov

There is also a report year conversion table available at http://dor.wa.gov/docs/pubs/ucp/conversi.pdf.

Should you have further questions, please contact Jane Johnson at (360) 902-0508.

DCU Bulletin

Division of Credit Unions
Washington State Department of Financial Institutions
Phone: (360) 902-8701 FAX: (360) 704-6901

January 9, 2004  
No. B-04-02

IS & T Best Practices

Trust CC has been performing IS&T examinations under contract for the Division of Credit Unions for the past five months.  To provide information to our credit unions regarding Information Systems & Technology (IS & T) security we asked Tom Schauer of Trust CC to summarize his findings in this area for us.  This bulletin is intended to assist credit unions to improve IS&T operations by sharing some key best practices.

IS&T Security Best Practices

Management/Board Oversight.  The most security-minded credit unions regularly involve management and the Board of Directors in all information technology (IT) and information security decisions.  They routinely provide reports or schedule quarterly updates concerning risk assessment elements, equipment/software upgrades, or other changes in technology, along with the security ramifications of each.  All reports/updates are reflected in the board minutes, along with board approval, disapproval, or actions to be taken. 
 

  1. Policies and Procedures.  The best information security policies and procedures are those that are board approved; are detailed enough to be usable by IS&T staff, users, and management; and address all elements listed in Appendix A, 12 CFR 748.  Policies adopted from other institutions may be a good starting point but they must be tailored to the credit union’s own unique operating environment. 
     
  2. Virus Protection.  The best virus protection is that which is always on and is fully automated.  Automatic virus program downloads are recommended.  Those that are not fully automated should implement a manual maintenance schedule to accomplish the same thing, ensuring that every server, machine, and workstation has been updated and scanned.  Staff must be carefully trained to avoid introduction of a virus into the internal network.
  3. Risk Assessment.  A risk assessment, as outlined in 12 CFR 748, is a systematic analysis of your operating environment in which you identify foreseeable internal and external threats, assess the likelihood and potential damage of these threats, and assess the sufficiency of policies, procedures, and information systems in place to control these threats or risks.  A risk assessment is your process to ensure that your credit union has done everything possible to protect your systems—and most importantly, member data—from unauthorized disclosure, misuse, alteration, or destruction.  Some of the most effective risk assessments we have seen are simple spreadsheets with separate columns for Threat, Likelihood of Occurrence, Potential Impact, Mitigating Controls, and Conclusion.
     
  4. Patch Management.  News stories are frequently aired about security weaknesses or vulnerabilities on various operating systems, such as Windows 2000, XP, Solaris, or UNIX clones.  Viruses and worms are successful because they exploit vulnerabilities, which have been identified but that system administrators have simply failed to close with available tools.  Closing these vulnerabilities is becoming exceedingly simple, through patch management.  Secure credit unions have instituted regular and routine review and installation of released patches.  These credit unions have either automated this process or set up a regular maintenance schedule, which includes Windows Updates or similar program updates in other operating systems.  Microsoft’s patch management guidelines are at www.microsoft.com/security.

Conclusion

Information security is everyone’s responsibility, and a strong information security program will help ensure that your member information is protected.  In 12 CFR 748 and the FFIEC Information Security Handbook, you will find the tools available to accomplish this.  If you review these and implement their guidelines, you will have the confidence that your critical information is secure. 

Questions about these changes may be directed to Doug Lacy-Roberts at 360-902-0507 or Mike Delimont at 360-902-8753.

 

DCU Bulletin

Division of Credit Unions
Washington State Department of Financial Institutions
Phone: (360) 902-8701 FAX: (360) 704-6901

February 26, 2004  
No. B-04-03

Department Adopts Final Guidance on
Overdraft Protection Programs For Credit Unions and Banks 

On February 26, 2004 the Department of Financial Institutions (Department) adopted final guidance on overdraft protection programs for Washington state chartered financial institutions.  Enclosed is a copy of Guidance and Best Practices.

The Department thoroughly reviewed the approximately 20 comment letters/documents from credit unions, banks, trade organizations, vendors, and consumer groups in response to the draft guidance.  After careful consideration of all comments, the guidance was finalized.

The guidance sets expectations for discretionary overdraft protection programs with:

  1. Flexibility for financial institutions to offer this service in a responsible manner; and
  2. Protection for consumers through better disclosures about the program, timely notification of fees and charges, and clear information when the account will become overdrawn.

Please direct any questions about the Guidance and the Best Practices to Division of Credit Unions (360) 902-8701 or e-mail questions to comments@dfi.wa.gov

State of Washington

Department of Financial Institutions

GUIDANCE AND BEST PRACTICES
FOR
OVERDRAFT PROTECTION PROGRAMS

 

February 26, 2004

Table of Contents

 

Page No.

1.0

Introduction

1

2.0

Customer Education  

1

3.0

Advertising/ & Marketing   

1

4.0

“Automatic Eligibility”     

2

5.0

Internal Decision-Making Policies

3

6.0

Notification & Terms of Overdraft Protection   

3

7.0

Disclosure of Balance

4

8.0

ATM Cash Withdrawals  

4

9.0

Opt-Out

5

10.0

Notification of Overdrafts     

5

11.0

Amount and Disclosure of Overdraft Fees     . . . . . . .

5

   12.0

“Dollar Limits” of Overdraft Protection Programs   

6

13.0

Pay/No Pay Decisions    

6

14.0

Order of Payment of Overdrafts

7

15.0

Suspension of Overdraft Protection

7

16.0

Third Party Vendors

8
 

APPENDIX:  Definition of Overdraft Protection Programs

9

 

1.0 Introduction

On June 18, 2003, the Department of Financial Institutions (DFI) issued an examination by questionnaire to Washington state-chartered financial institutions[1] regarding their use of Overdraft Protection Programs[2].  After compiling the results of the Examination Questionnaire, the Department found that, in general, state-chartered institutions have acted reasonably and responsibly when offering Overdraft Protection Programs.  However, there are some areas where these institutions can improve.

What is Guidance? The following Guidance provides what the Department views as features of an Overdraft Protection Program that are safe and sound, and provide adequate consumer protection.  While the Guidance does not have the force of law, it expresses the Department’s view of what each state-chartered institution should strive to achieve.

What is a Best Practice? We have also provided with this Guidance some examples of Best Practices by Washington state-chartered institutions.  A Best Practice is a positive example for state-chartered institutions that addresses certain issues of an Overdraft Protection Program.  The Best Practices outlined below reflect actual practices of certain institutions – not hypotheticals.  In some instances, the Best Practices may exceed the standards set forth in the Guidance.

The Department expects financial institutions to consider the Guidance when developing and maintaining Overdraft Protection Programs.  In addition, the Department believes the Best Practices may help foster even greater responsibility to the public in the offering of Overdraft Protection Programs.

Please direct any questions about this Guidance and the Best Practices to Division of Banks (360) 902-8704 or Division of Credit Unions (360) 902-8701 or e-mail questions to comments@dfi.wa.gov

2.0 Customer[3] Education

2.1 Guidance

2.1.1 Customer Education.  DFI encourages institutions to inform customers of the risks and consequences of relying on this product, and the costs and benefits of various alternatives for short-term customer borrowing (e.g., transferring from savings, lines-of-credit, and credit cards).   

[1] The word “institution” is used interchangeably for a bank, thrift, or credit union.

[2] The definition of “Overdraft Protection Program” is specific for this Guidance and can be found in the Appendix.

[3] The word “customer” is used interchangeably for “credit union member.”

3.0 Advertising & Marketing

3.1 Guidance

  • “No more charges from retailers for insufficient checks.”
  • “Make a mistake -- you’re covered.”
  • “Write a check or use an ATM for more than you have in the Bank -- you’re covered.”
  • “Money may not grow on trees, but here’s the next best thing.”

3.2  Best Practices

3.2.1 One institution stood out as exhibiting best practices for advertising and marketing.  The institution:

4.0       “Automatic” Eligibility

4.1 Guidance

4.1.1  Notify When “Automatically” Added to Account.  A customer should not first learn about the Overdraft Protection Program when s/he receives her/his first overdraft notification letter.  The institution should promptly notify the customer and provide full disclosure of the Program (1) when the account is opened or  (2) when the customer meets the “automatic eligibility” requirements.  4.1.2     Opt-out.  (See section 9.0.)

5.0 Internal Decision-Making Policies

5.1 Guidance

5.1.1 Consistent Eligibility Requirements.  Eligibility requirements should be consistently applied. The customer should be generally informed of eligibility requirements at account opening. 5.1.2  Fair Lending Concerns.  Even though Overdraft Protection may be exempt from the Truth-in-Lending Act (TILA), this “discretionary service” may nonetheless constitute “credit” within the meaning of the Equal Credit Opportunity Act

(ECOA), at 15 USC, section 1691a.  Moreover, if credit scoring for eligibility purposes is applied in a manner that would result in a discriminatory “effect,” an institution may face potential liability for such credit scoring, however well intentioned it may be.  Although there is nothing discriminatory about credit scoring per se, we caution institutions to be watchful of their internal eligibility procedures -- particularly because intent to discriminate is not a requisite of a “fair lending” claim.

6.0 Notification & Terms of Overdraft Protection

6.1 Guidancee

Despite some good to very good practices as noted in section 6.2, all institutions can improve upon their disclosures, both as to clarity and/or specificity of all terms.  This is true of brochures, deposit contracts and other disclosures.

6.1.1 Complete Disclosure.  There should be complete disclosure of all terms of Overdraft Protection at account set up or when the customer meets “automatic eligibility” requirements.  Disclosures should be clear, concise, easy to read, and include the following elements:

6.1.2 Deposit Contract or Rules of Account.  All terms of Overdraft Protection should be set forth in a separate section in the Deposit Contract or Rules of Account (or equivalent), both textually and in any table of contents or index.

6.1.3 Avoid Misleading Customers About Overdraft Limits.  An institution should not mislead customers about the extent of overdraft limits.   

6.2 Best Practices

6.2.1 Deposit Contract is Inadequate as Sole Information Medium.  Deposit contracts and rules are often difficult to read.  Several institutions assist customers in understanding the program by providing a brochure.  One institution provides a brochure that contains the following worthy elements in simple, lay language:

6.2.1a Distinguishes its true overdraft protection product, “Overdraft Limit” from other products such as “OD Line of Credit” and “OD Transfer Service.”

6.2.1b Repeatedly and clearly emphasizes the service is “discretionary” and not “automatic.”

6.2.1c Reminds the customer of his/her responsibility to record all balances and transactions (including check card purchases, ATM withdrawals, electronic bill payments or other automatic transactions) and to maintain sufficient funds within his/her account.

6.2.1d Provides a customer service hotline for additional information or to have the brochure explained by a customer service representative.

6.2.2 Providing Web Information.  Many institutions make good use of their respective Web sites to disclose information about Overdraft Protection.

7.0 Disclosure of Balance

7.1 Guidance

7.1.1 Available Balance.  Institutions should not include the Overdraft Protection amount in the available balance.  The available balance disclosed to the customer should be the amount the customer can withdraw without overdrawing the account, i.e. the actual balance. The customer should receive the same available balance amount no matter what service is being used (e.g., teller inquiry, ATM screen, on-line banking, debit card transaction, or telephone transfer)

8.0 ATM Cash Withdrawals

8.1 Guidance

8.1.1 Notice on Institution-Owned or -Controlled ATM Screens.  Institutions should include   a notice on their owned or controlled ATMs that the customer views prior to completion of a transaction. The notice should explain to the customer that completion of the transaction may result in an overdraft and the customer may incur an overdraft fee.  

8.1.2 Notice on Other ATM Screens.  The Department encourages institutions to inquire of their ATM service providers as to the availability of additional disclosures regarding overdraft fees on ATM screens.

9.0 Opt-Out

9.1 Guidance

9.1.1 Notice of Opt-Out Privilege at Account Set-Up.  Customers should be informed at the time they qualify for protection that they may opt-out.  Customers should be informed of the consequences of opting-out, and any alternatives to Overdraft Protection Programs.

9.1.2 Timing & Methods of Opting-Out.  Customers should be able to opt-out of the Program at any time by a clearly defined method disclosed in the deposit contract.   

10.0 Notification of Overdrafts

10.1 Guidance

10.1.1 Universal Notification.  Institutions should send written notification to the customer within one to two business days of payment of an item causing an overdraft.

10.1.2 Contents of Notification.  Written notification should include the following:  amount of overdraft(s), date of overdraft(s), associated fees, required amount to be repaid, required time of repayment, and a number to call, or a website or e-mail address to contact if the customer has questions. 

10.1.3 Follow-up Letters.  Institutions should send one or more follow-up letters when the account remains overdrawn.  The notice should contain the date by which the overdraft amount must be repaid to remain eligible for the Overdraft Protection Program.

10.2 Best Practice

10.2.1 Contact by Phone. Some institutions contact the customer by telephone the same day the overdraft occurs.

11.0  Amount & Disclosure of Overdraft Fees

 11.1 Guidance

11.1.1 Additional Charges/Interest.  These charges include daily interest or periodic fees exceeding what an institution imposes as an overdraft protection fee. [For example, charging $3 per day when the customer has a negative balance, or charging interest after 3 business days at prime rate plus two percent.]  Currently, federal regulators are reviewing whether or not such fees are finance charges and subject to disclosure under Regulation Z, 12 CFR, section 226.4(b)(2).  As a result of these concerns, DFI cautions institutions not to impose additional charges/interest over and above their Overdraft Protection Program fee.

11.1.2 Overdraft Protection Program Fees in Excess of NSF Fees.  Overdraft protection fees exceeding the amount of NSF fees may trigger finance charge disclosure requirements contained in Regulation Z, 12 CFR, section 226.4(b)(2).  As a result of these concerns, DFI cautions institutions not to impose overdraft protection fees in excess of NSF fees. 

11.1.3 Truth in Savings Disclosures. All overdraft protection fees and charges in connection with a deposit account must be disclosed in order to be in compliance with the Truth in Savings Act and Regulation DD (12 USC, section 4301 et seq. and 12 CFR, part 230.1).   [Note:  If the service is to be implemented after account opening, the notice of fees, if given at a later time, must meet all applicable notice of change requirements under such regulations.]

11.2 Best Practice

11.2.1 Maximum Daily Fee Limits.   A number of institutions have established reasonable limits on the amount of overdraft fees assessed per day.

Example:  One institution has a daily limit of four fees at $18 per overdraft item.  If the customer has six overdrafts on the same day, the institution will charge $72 total in fees ($18 times 4 items).  The items in excess of four on that same day are paid as overdrafts up to the customer’s overdraft protection limit, but no fee is charged for overdraft items in excess of four per day.  Chronic users of excessive overdrafts have their overdraft limit suspended or the checking account closed, based on the institution’s written policy in the Overdraft Protection Program disclosures.

12.0 “Dollar Limits” of Overdraft Protection Program

12.1 Guidance

12.1.1 Consistent Requirements. The amount of protection should be based on a consistent and standard set of factors.

12.1.2 Increasing Limits Based on Account Behavior.  Institutions should place reasonable initial dollar limits per account.  Increases in the dollar limits should be approved based on the customer’s ability to handle the increased limit, an analysis of account activity, and an analysis of risk.  Institutions should not raise the limits for the primary purpose of increasing the volume of NSF’s per customer account.

13.0 Pay/No Pay Decisions

13.1 Guidance

13.1.1 Consistent Objective Methods for Honoring Overdrafts.  Institutions should have consistent objective methods for their Overdraft Protection approval process, whether automated or having personnel review the transactions.

14.0 Order of Payment of Overdrafts

14.1 Guidance

14.1.1 No Change in Order.  Institutions should not change the order in which items are honored for the purpose of increasing the number of items that would overdraw an account.

14.1.2 Disclosure.  Institutions should clearly disclose to their customers the order in which items will be paid.

15.0 Suspension of Overdraft Protection

15.1 Guidance 

15.1.1 Disclosure of Grounds for Suspension.  Reasons for suspension/cancellation of Overdraft Protection should be clearly disclosed to the customer.  Such reasons may include:  failing to bring accounts to a positive balance within xx days; filing for bankruptcy protection; delinquency of a loan account; or illegal activity such as check kiting. 

15.1.2 Notification of Suspension.  Customers should be notified in writing when protection is suspended/cancelled. 

15.1.3 Consistent Application of Suspension Rules.  Rules for suspension/cancellation of Overdraft Protection should be applied consistently based on specific, identified criteria. 

15.2 Best Practices

15.2.1 Warning before Suspension.  One institution provides the following after an account has been overdrawn for five consecutive days:  a letter is mailed instructing the customer to immediately bring his or her account to good standing.  If the account is not brought to good standing within the next five days, transactions on the account will not be honored (because the Overdraft Limit will be suspended). After ten consecutive days, another letter is sent instructing the customer to immediately bring his or her account to good standing.  This letter also notifies the customer that transactions on his or her account will not be honored  (because the Overdraft Limit has been suspended). Once Overdraft Limit is suspended, it no longer appears on the periodic statement.

15.2.2 Consistent Terms for Suspension.  At some institutions if a checking account remains negative for more than 10 days, the customer is notified by letter that overdraft privileges are revoked. 

16.0 Third Party Vendors

16.1 Guidance

16.1.1 Third-Party Risk.  The Office of the Comptroller of the Currency (OCC) has previously issued guidance as to risks in dealing with a third-party vendor of Overdraft Protection, which this Department, in principle, endorses.  

16.1.1a No Third-Party Sharing of Risk/Due Diligence of Vendor.  It often appears that the arrangement an institution enters into with a vendor to participate in an Overdraft Protection Program is devised in such a manner that only the institution is subject to the credit and reputation risk, while the vendor shares the benefits (i.e., the income). Institutions should conduct due diligence reviews of vendors.  This includes initial and ongoing reviews of the financial information of any vendor.  These reviews are necessary to ensure that the vendor can fulfill the representations as outlined in the contract.  Requirements for the timing and quality of financial information should be set forth in the vendor’s contract.

16.1.1b Lock-In (Anti-Termination) Clauses.  Beware of contracts with a termination clause that prohibits or severely restricts the contracting institution’s ability to terminate once a Program is initiated.  In one such contract, only the vendor has control of termination, and the only termination consideration is if the 150% fee income profitability goal is not achieved.  Such a one-sided termination clause would be potentially detrimental for an institution from a reputation, financial, and strategic risk perspective.  Under such a contract, the institution would have no recourse if it became dissatisfied for a variety of reasons, such as customer satisfaction, institution reputation, and credit risk issues (e.g., 50% of the customers complain or 15% delinquency rate).

 

APPENDIX:  Definition of Overdraft Protection Programs

Typically, Overdraft Protection Programs generate fee income by covering overdrafts up to a specified predetermined limit.  These programs differ from traditional overdraft programs because they are automated and the customer does not obtain prior credit approval for the program; nor does the program utilize a credit card, line of credit, or savings account in order to cover the overdraft. 

Although there are many variations of Overdraft Protection Programs, most programs have the following standard features:

Financial institutions make the program available to customers whose account is in “good standing.”  Financial institutions define “good standing” differently.  For example, “good standing” may be defined as an account that has been open for 30 to 60 days with regular deposits made to the account, or it may be defined as an account where the customer makes regular deposits and the account has a positive balance at least once every 20 days.

  • Checks and other withdrawals at teller windows;
  • ATM cards or Debit cards (for example Visa, Check Card);
  • ACH withdrawal transactions;
  • Checks issued to a third party;
  • Online banking or a voice banking line;
  • Debit and point of sale transactions;
  • Any other debit transactions honored through a personal checking account.

Customers are charged an overdraft fee for each payment made by the financial institution up to the program limit.  In addition, some institutions may charge other fees including daily overdraft fees.

Customers are required to bring their account to a positive balance at least once in a stated time period (for example, once every 20 or 30 days).  There are varied consequences if an account is not brought to a positive balance.  For instance, some institutions close the account and revoke the privilege, while others revoke only the privilege.

DCU Bulletin

Division of Credit Unions
Washington State Department of Financial Institutions
Phone: (360) 902-8701 FAX: (360) 704-6901

March 15, 2004  
No. B-04-04

Servicemembers' Civil Relief Act

On December 19, 2003, the President signed into law H.R. 100, the Servicemembers’ Civil Relief Act.  50 USCS Appx § 501 (2003), et.seq.  The law completely rewrites the Soldiers’ and Sailors’ Civil Relief Act of 1940, expanding many of the previous laws civil protections.  Since many state-chartered credit unions work with members of the military serving on active duty, we wanted to remind credit unions about the new provisions of the law. 

The new law has specific requirements that must be followed during foreclosure.  Under the Act, if a servicemember’s obligation is secured by a mortgage or trust deed and an action to enforce the obligation is filed during or within 90 days after the servicemember’s military service, the court is authorized to (1) stay the proceedings and (2) adjust the obligation as it sees fit.  In addition, a sale, seizure, or foreclosure is not valid if made during or within 90 days after the period of the servicemember’s military service except: (1) upon a court order granted before such sale, foreclosure, or seizure with a return made and approved by the court; or (2) if made pursuant to an agreement as provided in the Act.  See 50 USCS Appx § 517 (2003). For your review we attach to this document the section of the new law that pertains to foreclosures. 50 USCS Appx § 533 (2003).

If you have any questions or concerns about applying the new law to your members, please consult qualified legal counsel. 

Attachment

50 USCS Appx § 533 (2003)

§ 533.  Mortgages and trust deeds

  1. Mortgage as security. This section applies only to an obligation on real or personal property owned by a servicemember that--
  1. originated before the period of the servicemember's military service and for which the servicemember is still obligated; and
  2. is secured by a mortgage, trust deed, or other security in the nature of a mortgage.
  1. Stay of proceedings and adjustment of obligation. In an action filed during, or within 90 days after, a servicemember's period of military service to enforce an obligation described in subsection (a), the court may after a hearing and on its own motion and shall upon application by a servicemember when the servicemember's ability to comply with the obligation is materially affected by military service--
  1. stay the proceedings for a period of time as justice and equity require, or
  2. adjust the obligation to preserve the interests of all parties.
  1. Sale or foreclosure. A sale, foreclosure, or seizure of property for a breach of an obligation described in subsection (a) shall not be valid if made during, or within 90 days after, the period of the servicemember's military service except--
  1. upon a court order granted before such sale, foreclosure, or seizure with a return made and approved by the court; or
  2. if made pursuant to an agreement as provided in section 107 [50 USCS Appx § 517].
  1. Penalties.
  1. Misdemeanor. A person who knowingly makes or causes to be made a sale, foreclosure, or seizure of property that is prohibited by subsection (c), or who knowingly attempts to do so, shall be fined as provided in title 18, United States Code, or imprisoned for not more than one year, or both.
  2. Preservation of other remedies. The remedies and rights provided under this section are in addition to and do not preclude any remedy for wrongful conversion otherwise available under law to the person claiming relief under this section, including consequential and punitive damages.

DCU Bulletin

Division of Credit Unions
Washington State Department of Financial Institutions
Phone: (360) 902-8701 FAX: (360) 704-6901

May 17, 2004  
No. B-04-05

Board of Directors Examination Questionnaire

“Credit Union Board Effectiveness”, a video by the Filene Institute, recommends many successful strategies for board of directors, including strengthening board training.  We agree.  The Division of Credit Unions encourages directors to take training that will assist them on their oversight of the credit union.

To continue our emphasis on board training, we are using an examination questionnaire as the basis to explore the Board of Directors.  During each exam we will be inviting one or more members of the Board of Directors to meet with the examiner for an informal discussion (typically 30-60 minutes).  Management is also welcome to attend.  Our purpose is to provide an opportunity for board members and examiners to share common concerns about the credit union, examination, or competitive financial service environment.  We hope the discussion will help both the examiner and the board in understanding how the board is fulfilling their responsibilities.

To assist examiners on what is the board of director’s role, we developed a questionnaire for the following areas:

Board dutieses Supervisory committee role Succession planning
Fiduciary responsibility Oversight of management Compensation
Limiting personal liability Planning Examination red flags

Examiners typically answer many of these questions as they review board packets and other exam information.  While the questionnaire is somewhat lengthy, only some of the questions will be discussed during a particular exam.  We welcome feedback on the exam questionnaire and particularly what areas the board would like more training.

In addition to this bulletin, the questionnaire is available on our web site at www.dfi.wa.gov/cu/default.htm or from any of our examiners.  Please contact Jane Johnson at 360 902-0508 or Doug Lacy-Roberts at 360 902-0507 for additional information about the questionnaire.

 

Examination Questionnaire for Board of Directors

Duties of Board

COMMENTS

1.  How does the board:

 

a.  Maintain independence from management

 

b.  Enforce regular board meeting attendance

 

c.  Avoid conflicts of interest and self-serving practices

 

d.  Ensure the credit union serves the credit and savings needs of its field of membership

 

2.  Does the demographics and diversity of the board reflect the diversity of the membership?

 

3.  How does the board recruit board members?

 

4.  When vacancies occur, does the board or nominating committee determine the skills needed on the board and recruit nominees for board membership who can fill these skills?

 

Fiduciary

COMMENTS

1.  How does the board provide training to new board members in the risks and responsibilities of fiduciary responsibilities?

 

2.  Who is responsible to make the final determination as to whether a fiduciary responsibility has been breached?

 

3.  Does the board allow attendance at board meetings via telephone conference call?

 

4.  Has any board member had a transaction with the credit union other than loans as typically granted to non-affiliated members or savings accounts on terms found with non-affiliated members?

 

a. Describe the transactions:

 

b. If it involved real property, was an independent appraisal obtained?

 

c. If not real property, did the board obtain sealed bids for the transaction?

 

d. Did the affiliated director recuse himself and leave the room while the transaction was discussed, deliberated, and voted upon?

 

e. Do the minutes reflect this recusal?

 

5.  Are all loan transactions, including new loans granted and refinances, at terms and conditions both available to the membership at large as well as used by the membership at large?

 

6.  How many board members met with the examiner in charge at the last exam to hear his / her concerns?

 

7.  Who represents the Supervisory Committee at each board meeting?

 

8.  Is the use of credit union property restricted to authorized activities?

 

9.  Have any credit union assets been sold to any board member?

 

Limiting Personal Liability

COMMENTS

1.  Obtain copies of the written duties and responsibilities for board members.

 

2.  Obtain copies of the written performance standards and expectations for board members.

 

3.  Is each director, officer, committee member, and employee of a credit union adequately bonded?

 

4.  Does the board retain an attorney to opine on compliance when implementing new services or products?

 

5.  Does the board and management comply with laws and regulations that promote equal opportunity for all members regardless of race, color, religion, gender, national origin, age or handicap?

  

Supervisory Committee

COMMENTS

1.  How does the supervisory committee stay fully informed as to the financial condition of the credit union and the decisions of the credit union's board?

 

2. Did the credit union use an independent auditor / firm for the last audit?  If yes, who / which?

 

If yes click here: 

 

a. Describe the bid and interview process used by the supervisory committee to hire the firm used.

  

b. Was the last audit report addressed to the Supervisory Committee?

 

c. How did the Supervisory Committee coordinate management's response to the audit report?

 

3.  How many members of the Supervisory Committee met with the last examination team to hear his / her concerns?

 

4.  What criteria has the Supervisory Committee determined will trigger their hiring an internal auditor?

 

5.  If the credit union currently has an internal auditor, who does that person report to?

  

Information

COMMENTS

1.  Describe the training each board member received in the past year to carry out his / her duties and responsibilities?

 

2.  Describe the board packet of information received prior to each Board meeting.

  

3.  Did the board design and designate what information will be included in the board packet? 

 

4.  What additional information would you like to see?

  

5.  Does each board member receive adequate information to carry out his / her duties and responsibilities?

  

6.  How much time does each board member have to read and digest the board packets prior to having to make decisions?

  

7.  How do you train new board members so they might understand the terminology, calculations, relevance, and materials used in the board packet to ensure that they can adequately analyze and participate in a discussion on matters before the board?

  

8.  How does each board member keep up with changes in the environment / regulations?  (How do board members hear about changes in regulations?)

  

Oversight of Management

COMMENTS

1.  When did the board last review the written performance standards for the CEO to ensure they are relevant and address the current needs of the credit union?

  

2.  Does the board routinely discuss and either provide correction or approval of major management strategic decisions, degree of management's due diligence, and management's effectiveness in carrying out policies and procedures?

  

3.  Describe the internal systems used by the board to monitor operations and ensure that management takes appropriate actions that conform to board approved policies and directives.

  

4.  Describe the process used by the board to discuss and prepare a written performance evaluation on the CEO.

  

5.  Describe the process used by management to obtain board approval before implementing new policies, offering a new service, or engaging in new activities.

  

6.  Describe management's ability to effectively handle day-to-day management leaving the board free to focus on strategic and policy issues.

  

Planning

COMMENTS

1.  Has the board established a strategic plan?

  

a. How many years does the strategic plan address?

  

b. Does the plan set broad goals?

  

c. Which areas of the credit union's operation does the plan encompass?

  

d. How did you assess the credit union's strengths and weaknesses?

  

e. Is the strategic plan referred to frequently throughout the year?

  

f. Does the plan assign responsibility to individuals to accomplish these tasks and milestones?

  

g. Can the strategic plan be quantified to measure success?

  

h. Does the board packet routinely contain ratios and other quantifiable data that the board can use to measure success to their strategic plan?

  

i. Does the budget match and support the strategic plan?

  

2.  Has the board established a business plan?

  

a. What time period does the business plan cover?

  

b. Does the business plan implement the strategic plan?

  

c. How did the board assess the business environment in which the credit union will operate?

  

d.  Does the business plan include a clear, written statement of key objectives which are:

  

(1)  Consistent with the strategic plan?

  

(2) How is this measured?

  

3.  When were the plans implemented?

  

4.  How is achieving the strategic and business plans included as an performance element for key management?

  

Succession Planning

COMMENTS

1.  What is your plan for succession of key management in the disaster recovery plan?

 

2.  How many years do your key managers state that they plan to work before retirement?

  

If >5 years click here: 

 

a. Is the board familiar with the various methods of searching for new management?

  

b. How often does the board discuss succession planning?

  

If <5 years click here:

 

c. Describe the optimal knowledge, skills & abilities (KSA) the board has determined is needed by a CEO to promote his / her vision for the credit union.

  

d. Has the board reviewed the skill set of other employees to determine if any of them can be "groomed" for the promotion to CEO?

 

e. What method will the board use to find a new key managers?

  

f. How often does the board discuss succession planning?

  

If <2 years click here:

 

g. How has the board begun implementing their plan to replace key personnel?

  

h. Who is on the committee established to do the tasks necessary?

  

i. How often is succession planning discussed at board meetings?

  

j. Has the board decided if there will be an overlap between the 2 persons if there is a transition period between out-going CEO and in-coming CEO?

  

If yes click here: 

 

(1). Who will establish clear limits and authorities during this transition period?

  

k. Who is responsible for training the new key manager?

  

l. Describe the compensation package for the retiring key manager (Income continuation, lump sum, continue paying benefits, life insurance coverage, etc.) and what is the total cost.

  

m. Describe the board's method to screen and do background checks on CEO applicants.

  

Compensation

COMMENTS

1.  Where does your CEO's compensation rank among the salaries of CEO's of other similar sized and complexity financial institutions?

  

If low compensation compared to national CEO surveys of similar size financial institutions or don't know, click here:

  

a. How will the board attract a replacement CEO when the time comes?

  

b. How has the low CEO compensation impacted the compensation level of other employees?

  

2.  How does the board routinely compare the compensation package given to the CEO with those of other financial institutions?