AGENCY:

National Credit Union Administration.

ACTION:

Proposed rule.

SUMMARY:

NCUA is issuing proposed amendments to its rule governing corporate credit unions (corporates). The amendments include internal control and reporting requirements for corporates similar to those required for banks under the Federal Deposit Insurance Act and the Sarbanes-Oxley Act. The amendments require each corporate to establish an enterprise-wide risk management committee staffed with at least one risk management expert. The amendments provide for the equitable sharing of Temporary Corporate Credit Union Stabilization Fund (TCCUSF) expenses among all members of corporates, including both credit union and noncredit union members. The amendments increase the transparency of decision-making by requiring that corporates conduct all board of director votes as recorded votes and include the votes of individual directors in the meeting minutes. The amendments permit corporates to charge their members reasonable one-time or periodic membership fees as necessary to facilitate retained earnings growth. For senior corporate executives who are dual employees of corporate credit union service organizations (CUSOs), the amendments require disclosure of certain compensation received from the corporate CUSO. In addition, this proposal would amend our regulations to limit natural person credit unions (NPCUs) to membership in one corporate credit union at any particular time and provide that a natural person credit union may not make any investment in a corporate credit union of which the natural person credit union is not also a member. These proposed amendments will further strengthen individual corporates and the corporate system as a whole.

DATES:

Comments must be received on or before December 29, 2010.

ADDRESSES:

You may submit comments by any of the following methods (Please send comments by one method only):

Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.

NCUA Web site: http://www.ncua.gov/​Resources/​RegulationsOpinionsLaws/​ProposedRegulations.aspx. Follow the instructions for submitting comments.

E-mail: Address to regcomments@ncua.gov. Include “[Your name] Comments on ‘Notice of Proposed Rulemaking for Part 704—Corporate Credit Unions' ” in the e-mail subject line.

Fax: (703) 518-6319. Use the subject line described above for e-mail.

Mail: Address to Mary Rupp, Secretary of the Board, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428.

Hand Delivery/Courier: Same as mail address.

Public Inspection: All public comments are available on the agency's Web site at http://www.ncua.gov/​Resources/​RegulationsOpinionsLaws/​ProposedRegulations.aspx as submitted, except as may not be possible for technical reasons. Public comments will not be edited to remove any identifying or contact information. Paper copies of comments may be inspected in NCUA's law library at 1775 Duke Street, Alexandria, Virginia 22314, by appointment weekdays between 9 a.m. and 3 p.m. To make an appointment, call (703) 518-6546 or send an e-mail to OGCMail@ncua.gov.

FOR FURTHER INFORMATION CONTACT:

Jacqueline Lussier, Staff Attorney, Office of General Counsel; Elizabeth Wirick, Staff Attorney, Office of General Counsel; and Lisa Henderson, Staff Attorney, Office of General Counsel, at the address above or telephone (703) 518-6540; or David Shetler, Deputy Director, Office of Corporate Credit Unions, at the address above or telephone (703) 518-6640.

SUPPLEMENTARY INFORMATION:

The NCUA performs its mission of ensuring the safety and soundness of Federally-insured credit unions by examining all Federal credit unions, participating in the examination and supervision of Federally-insured, State-chartered credit unions in coordination with State regulators, and insuring Federally-insured credit union members' accounts. In its statutory role as the administrator of the National Credit Union Share Insurance Fund (NCUSIF), NCUA insures and supervises approximately 7,500 Federally-insured credit unions (FICUs), representing 98 percent of all credit unions and serving approximately 90 million members.

Corporate Credit Union System

A corporate credit union is an organization, chartered under the Federal Credit Union Act (the Act) or under applicable State law as a credit union that receives share deposits from and provides loan and other services primarily to other credit unions. 12 CFR 704.2. There are 26 retail corporates that provide services directly to NPCUs, and there is one wholesale corporate, U.S. Central Bridge Federal Credit Union (U.S. Central Bridge), that provides services to many of the 26 retail corporates. Fourteen retail corporates and U.S. Central Bridge are Federally-chartered and 12 retail corporates are State-chartered.

Like NPCUs, corporates are member-owned cooperatives. However, at corporates the member-owners are primarily NPCUs. Over 95 percent of NPCUs belong to corporate credit unions. In addition, other entities that are not Federally-insured credit unions (i.e., “non FICUs”) also may become members of corporates. These nonfederally-insured members consist of nonfederally-insured credit unions ^[1] and non credit union entities. Non credit union entities include credit union leagues and trade associations, CUSOs, certain banks, and other types of organizations. These other organizations include, for example, credit union political action committees, credit union charitable and educational foundations, and law firms, insurance agencies, and mortgage Start Printed Page 73001companies that are connected to the credit union industry.

The corporate system offers a broad range of support to its members. The products and services provided by U.S. Central Bridge to retail corporates, and by retail corporates to their members, include, among other things: investment and deposit services, wire transfers, share draft processing and imaging, automated clearinghouse (ACH) transactions processing, automated teller machine (ATM) processing, bill payment services, and security safekeeping. The volume of payment systems-related transactions throughout the system annually runs into the millions and the dollar amounts associated with those transactions are in the billions each month. Corporates also serve as liquidity providers for their members. An NPCU invests excess liquidity in a corporate when the NPCU has lower loan demand and draws down the invested liquidity when loan demand increases.

Some NPCUs depend heavily on corporates; for example, 75 percent of NPCUs rely on a corporate as their primary settlement agent. Corporates provide NPCUs with convenient and quality services and expertise, all at a fair price. For many NPCUs, this is a combination that makes the corporate system a valuable resource and, for some smaller NPCUs, an essential resource.

Federally-chartered corporates are governed by Federal law and State-chartered corporate credit unions by State law. In addition, all corporates that are Federally insured, or that accept share deposits from NPCU members that are Federally insured, must comply with NCUA's part 704 corporate rule. 12 CFR 704.1, 12 U.S.C. 1766(a).

NCUA recently made substantial revisions to part 704 (with conforming amendments to parts 702, 703, 709, and 747). Final Rule, 75 FR 64786 (October 20, 2010) (September Rulemaking). The most significant amendments establish a new capital scheme, including risk-based capital requirements; impose new prompt corrective action requirements; place various new limits on corporate investments; impose new asset-liability management controls; amend some corporate governance provisions; and limit a corporate CUSO to categories of services preapproved by NCUA. The preamble to the September Rulemaking also stated that shortly after its promulgation the Board intended to issue another proposal that would further amend Part 704 and related provisions. Id. at 64824. This current proposal is the referenced follow-on rulemaking.

These proposed amendments would:

(1) Increase the transparency of corporate credit union decision-making by requiring corporates conduct all board of director votes as recorded votes and include the votes of individual directors in the meeting minutes;

(2) Incorporate certain sound audit, reporting, and audit committee practices from the Federal Deposit Insurance Act (FDI Act), Part 363 of the Federal Deposit Insurance Corporation (FDIC) Regulations, and the Sarbanes-Oxley Act of 2002 (SOX);

(3) Provide for the equitable sharing of TCCUSF expenses among all members of corporate credit unions, including both credit union and noncredit union members, by establishing procedures for requesting members not insured by the NCUSIF to make voluntary premium payments to the TCCUSF;

(4) Protect against unnecessary competition between corporates by limiting NPCUs to membership in one corporate of the NPCU's choice at any one time and prohibiting an NPCU from making any investment in a corporate where the NPCU is not also a member;

(5) Improve risk management at corporates by requiring corporates to establish enterprise-wide risk management committees staffed with at least one independent risk management expert;

(6) Provide corporates with more options to grow retained earnings by allowing corporates to charge their members reasonable one-time or periodic membership fees; and

(7) Require the disclosure of compensation received from a corporate CUSO by certain highly compensated corporate credit union executives.

These proposals are discussed in more detail below in the section-by-section analysis.

Section-by-Section Analysis of Proposed Amendments

Section 701.5 Membership Limited to One Corporate Credit Union

In the recent past, some NPCUs “rate shopped” among corporates for the highest deposit rates and lowest service costs. This rate shopping resulted in increased competition and, in some cases, led to unsafe investment activities as corporates sought higher investment yields to subsidize share dividends and service costs.

Proposed § 701.5 seeks to prevent unhealthy competition among corporates by requiring Federal credit unions to make a decision to commit to membership in one corporate at a time. The proposal provides that a Federal credit union may belong to two corporates for a short period of time, but only when transitioning between those corporates. In addition, the proposal prohibits a Federal credit union from making any investment, including a share or deposit account, a loan, or a capital investment, in a corporate of which the Federal credit union is not a member.^[2] This will avoid unhealthy competition among corporates driven by rate shopping among nonmembers.

Proposed § 701.5 has prospective impact only. That is, credit unions that are currently members of two or more corporates do not have to relinquish memberships in any of those corporates. The Board believes that the members of a credit union are owners of that credit union, including the members of a corporate, and that “once a member, always a member.”

The Board also notes that § 704.8(k) applies a 15 percent investment limit to investments in a corporate made by a “member or nonmember credit union.” This section does not authorize investments by nonmembers, and, if the Board adopts § 701.5(c) as proposed, it is unlikely that a nonmember credit union would be able to make any investments in a corporate where it is not already a member.

These same restrictions, through language added in new § 741.226 of part 741, would apply to State-chartered Federally-insured NPCUs as well as FCUs.

This proposal also contains the following changes to part 704.

Section 704.2 Definitions

The NCUA Board is proposing to add a number of new definitions to § 704.2 to assist in complying with the proposed revisions to § 704.15 discussed below. The defined terms include: Critical accounting policies, Enterprise risk management, Examination of internal control, Family, Financial statements, Financial statement audit, Generally accepted auditing standards, Independent public accountant, Internal control, Internal control framework, Internal control over financial reporting, and Supervisory committee.

The associated definitions come from a variety of sources, including other sections of the NCUA Rules and Regulations, auditing and accounting industry standards, and Securities and Exchange Commission (SEC) rules. The Board requests comment on the appropriateness of these definitions.Start Printed Page 73002

Section 704.11 Corporate Credit Union Service Organizations; § 704.19 Disclosure of Executive and Director Compensation

The recently adopted revisions in the September Rulemaking require that each corporate annually prepare, and provide to its members, a document that discloses the compensation of certain employees. 12 CFR 704.19(a). An employee of a corporate may also, however, be an employee of a corporate CUSO and receive additional compensation from the CUSO. The dual employee's compensation disclosure under § 704.19(a) would be incomplete without a disclosure of both sources of compensation, particularly where the employee's corporate has made a loan to, or other investment in, that corporate CUSO and so has some control over the CUSO.

The proposal amends § 704.19 to clarify that for CUSOs in which a corporate has invested, the corporate must include compensation received from the CUSO in disclosures of compensation paid to the corporate's most highly compensated employees. To facilitate this disclosure, the proposal also amends § 704.11(g), which lists certain items with which a CUSO must agree in writing before a corporate credit union may make a loan to or invest in the CUSO. The amendment to § 704.11(g) requires a corporate CUSO disclose compensation paid to any employees that are also employees of a corporate credit union lending to, or investing in, the CUSO. This ensures that CUSOs will provide corporate credit unions the information necessary for the corporate to make the full disclosure required by § 704.19.

The proposal applies only to corporate employees. It does not amend or otherwise modify § 704.11(f), which prohibits officials of corporate credit unions which have invested in or loaned to a corporate CUSO from receiving any compensation or other payments from the corporate CUSO.

Section 704.13 Board Responsibilities

The proposal adds a new subparagraph (c)(8) to § 704.13, Board responsibilities, to require that all board of directors votes be conducted by recorded votes.^[3]

The minutes reporting the vote must identify the board members, by name, who voted for or against the proposal, as well as, if applicable, the board members who were absent or otherwise failed to vote, and any board members who abstained from voting. The Board believes this provision is necessary so as to increase the transparency of corporate board actions.

The corporate credit union system has confronted profound challenges during the economic crisis of the past several years. Some corporate credit unions made poor investment decisions, and these decisions caused billions of dollars of losses. Unfortunately, the role of individual directors in these decisions was not always clear because the board secretary did not always record the votes of individual directors in the minutes of the board meeting.

Corporate boards are likely to continue to face crucial decisions. For example, the ongoing effects of the financial crisis may force some corporates to confront critical restructuring questions in which the interests of NPCUs utilizing different services of the corporate may diverge. In these situations, members may need to know how each director voted in addition to knowing the outcome of the vote.

Also, requiring recorded votes will help to ensure that corporate directors comply with their obligation to recuse themselves from deliberating and voting on items which may involve a conflict of interest. Article XI, § 2 of the Standard Corporate Federal Credit Union Bylaws prohibits corporate insiders, including directors, from participating “in any manner, directly, or indirectly in the deliberation upon or the determination of any question affecting his/her pecuniary interest or the pecuniary interest of any corporation, partnership, or association (other than the corporate credit union) in which he/she is directly or indirectly interested.” If a director is disqualified because of a conflict, the director must withdraw from deliberation and determination of the issue. Id. Under the bylaw, the director has the obligation to identify issues that may pose a conflict of interest and withdraw from deliberation and determination of these issues. If, however, a director fails to self-identify or report a potential conflict, it would be difficult to determine whether or how the director voted on an issue without disclosure of votes on a director-by-director basis. The accountability and transparency that results from recording vote tallies by name will provide an important backstop to the self-policing aspect of the corporate bylaw conflict-of-interest provision.

NCUA's existing regulations provide some transparency to members, but may not be sufficient absent a specific requirement to record votes by name. For example, NCUA's regulations provide a process by which members of credit unions, including members of corporate credit unions, may inspect the credit union's books and records as well as minutes of member, board, and committee meetings. 12 CFR 701.3(a). Members seeking access to records must submit a petition signed by one percent of the credit union's members; the petition must identify particular records and state a purpose related to the protection of the members' financial interest in the credit union. 12 CFR 701.3(b). Like the current proposal, the rule providing for member access to records increases the transparency of actions and decisions of the credit union's leadership. If, however, the corporate credit union's records lack recorded votes showing how each director voted on a particular issue, members would not be able to get the director-by-director tally even after submitting a petition.

There are multiple sources of authority for NCUA's proposed amendment to paragraph 704.13(c). The Act grants NCUA broad authority to require FICUs, including corporate credit unions, to submit financial data and other information as required by the NCUA Board. 12 U.S.C. 1761, 1766, 1781, and 1789. Further, the Act authorizes the NCUA Board to request additional information as it may require. 12 U.S.C. 1782(a)(2). NCUA's recommended standard procedures for corporate credit union examinations include a review of minutes of the board of directors' meetings or actions. NCUA Corporate Examination Procedures § 301P-004 (2003). Like the review of board minutes, the proposal falls under NCUA's general powers to require both Federal credit unions and Federally-insured State-chartered credit unions to prepare and submit information in connection with insurance examinations.

Section 704.15 Audit and Reporting Requirements

Both NCUA and natural person credit unions rely upon financial information to evaluate the condition of insured corporate credit unions and to determine the adequacy of regulatory capital. Accurate and reliable measurement of a corporate credit union's assets and earnings has a direct bearing on the determination of regulatory capital. Interested parties can place greater reliance on recognition, measurement, and disclosures contained in financial statements that have been subject to an independent audit. Independent audits help to identify weaknesses in internal control Start Printed Page 73003over financial reporting and risk management at corporate credit unions and reinforce corrective measures, thus complementing supervisory efforts in contributing to the safety and soundness of corporate credit unions.

NCUA currently requires that a corporate credit union's board of directors ensure the preparation of timely and accurate balance sheets, income statements, and internal risk assessments and that systems are audited periodically in accordance with industry standards. 12 CFR 704.4(c). In addition, a corporate credit union's supervisory committee must ensure that: (1) An external audit is performed annually in accordance with generally accepted auditing standards; and (2) the audit report is submitted to the board of directors, to NCUA, and in a summary version, to the members. 12 CFR 704.15(a).

To facilitate early identification of problems in financial management at corporate credit unions, the NCUA Board is proposing to amend § 704.15 to add certain additional auditing, reporting, and supervisory committee requirements. The most significant proposed revisions would require a corporate credit union to:

Ensure that its financial reports reflect all material correcting adjustments necessary to conform with generally accepted accounting principles (GAAP) that were identified by the corporate credit union's independent public accountant (IPA).

Prepare an annual management report, signed by the chief executive officer and the chief accounting officer or chief financial officer, that contains: (1) A statement of management's responsibility for preparing financial statements, responsibility for establishing and maintaining an adequate internal control structure, responsibility for procedures for financial reporting, and responsibility for complying with laws and regulations relating to safety and soundness designated by NCUA; (2) an assessment of the corporate credit union's compliance with such laws and regulations; and (3) for a corporate with assets of at least $1 billion, an assessment of the effectiveness of the internal control structure and procedures over financial reporting, including identifying the internal control framework used to evaluate such internal control.

Ensure that its IPA: (1) Reports on a timely basis to the supervisory committee all critical accounting policies, alternative accounting practices discussed with management, and written communications provided to management; (2) retains the working papers related to an audit and, if applicable, the evaluation of the corporate credit union's internal control over financial reporting, for seven years from the report release date; (3) complies with the independence standards and interpretations of the American Institute of Certified Public Accountants (AICPA); (4) has, prior to beginning any services for a corporate, a peer review that meets acceptable audit industry guidelines; (5) notifies NCUA if the IPA ceases being a corporate credit union's independent accountant; and (6) for a corporate with assets of at least $1 billion, reports separately to the supervisory committee on management's assertions concerning the effectiveness of the corporate credit union's internal control structure and procedures for financial reporting.

Ensure that its supervisory committee (1) consists of members who are not employees of the corporate credit union; (2) supervises the IPA; and (3) ensures that audit engagement letters do not contain unsafe and unsound limitation of liability provisions.

NCUA has based many of these proposed revisions on part 363 of the FDIC's Rules, 12 CFR part 363. The FDIC has provided guidance, found in Appendices A and B to part 363, to assist managements of banks and thrifts in complying with a number of part 363 requirements. The NCUA Board has determined not to issue similar formal guidance in conjunction with the proposed revisions to part 704.

The NCUA Board also notes that part 363 only applies to banks and thrifts with assets of at least $500 million. In contrast, most of these proposed provisions to part 704 would apply to all corporate credit unions, even those smaller corporates with under $500 million in assets.^[4] The Board believes that because corporates provide services to NPCUs, smaller corporate credit unions may present systemic risks that smaller banks and thrifts do not. The Board requests comment, however, on whether certain of the proposed provisions should apply only to corporate credit unions with assets above a certain threshold. Commenters should specify which provisions and what the asset threshold or thresholds should be.

Paragraph 704.15(a) Annual Reporting Requirements

704.15(a)(1) Audited Financial Statements

Proposed paragraph (a)(1) restates the existing requirement that a corporate credit union prepare audited financial statements that conform with GAAP. To facilitate a more accurate picture of a corporate credit union's financial condition, the proposal also adds the requirement that the annual financial statements reflect all material correcting adjustments identified by the IPA as necessary to conform with GAAP.

704.15(a)(2) Management Report

Proposed paragraph (a)(2) requires the management of a corporate prepare an annual report that contains certain enumerated elements.

The Board is concerned that management in some corporate credit unions may have insufficient oversight over certain reporting, control, and compliance functions. The Board believes that requiring management to acknowledge its responsibilities in these areas will help the corporate credit union identify needed improvements in financial management. Accordingly, proposed paragraph (a)(2)(i) requires management reports contain a statement of management's responsibilities for preparing the corporate credit union's annual financial statements, for establishing and maintaining an adequate internal control structure and procedures for financial reporting, and for complying with certain laws and regulations relating to safety and soundness.

The proposed rule identifies the following five safety and soundness areas about which the NCUA Board is concerned: affiliate transactions, legal lending limits, loans to insiders, restrictions on capital and share dividends, and regulatory reporting that meets full and fair disclosure. When the FDIC issued a proposed rule implementing new audit, reporting, and internal control requirements for certain banks and thrifts, see 12 CFR part 363, it identified these five areas as presenting the greatest risks. See 57 FR 42516, Sept. 15, 1992.^[5] Corporate credit unions are structured differently from banks, however, and the Board seeks comment on whether the five identified areas are appropriate. The Board also seeks comment on whether the final regulation should specify the laws and rules and regulations covered by Start Printed Page 73004proposed paragraph (a)(2), such as section 107(5)(A)(iv) and (v) of the Federal Credit Union Act, 12 U.S.C. 1757(5)(A)(iv) and (v), governing loans to directors and committee members, and § 704.7, governing corporate credit union lending.

Proposed paragraph (a)(2)(ii) requires management assess and report on the corporate credit union's compliance with those designated safety and soundness laws and regulations. This assessment requirement reinforces the importance of management's responsibility for complying with the rules by requiring disclosure of instances of noncompliance. Management should perform its own investigation and review of compliance with the rules and maintain records of its assessments until the next NCUA examination or such later date as specified by NCUA.

The NCUA Board has determined that corporate credit unions with $1 billion or more in total assets present additional risks. Accordingly, proposed paragraph (a)(2)(iii) requires these larger corporate credit unions include in their management reports an assessment of the effectiveness of the internal control structure over financial reporting. Management must identify the internal control framework used to make its evaluation, include a statement that the evaluation included controls over the preparation of financial statements and regulatory reports, include a statement as to management's conclusion regarding the effectiveness of internal control over financial reporting, and disclose all material weaknesses identified by management. Management may not conclude that internal control over financial reporting is effective if there are any material weaknesses.

A suitable control framework is one established by a body of experts following widespread opportunity for comment, including the broad distribution of the framework for public comment. A framework is suitable only when it:

• Is free from bias;
• Permits reasonably consistent qualitative and quantitative measurements of a corporate credit union's internal control over financial reporting;
• Is sufficiently complete so that those relevant factors that would alter a conclusion about the effectiveness of a corporate credit union's internal control over financial reporting are not omitted; and
• Is relevant to an evaluation of internal control over financial reporting.

The Internal Control—Integrated Framework published by the Committee of Sponsoring Organizations of the Treadway Commission (the “COSO Report”) provides a suitable and recognized framework for purposes of a management assessment in the United States. Other suitable frameworks have been published in other countries, and still others may be developed in the future. Such other suitable frameworks may be used by management and the corporate credit union's IPA in assessments, attestations, and audits of internal control over financial reporting.

704.15(a)(3) Management Report Signatures

To ensure that management understands its ultimate responsibility for the corporate credit union's performance, proposed paragraph (a)(3) requires the chief executive officer and either the chief accounting officer or chief financial officer of the corporate credit union to sign the management report.

704.15(b)(1) Annual Audit of Financial Statements

Proposed paragraph (b) sets forth the requirements applicable to the corporate's IPA. Proposed paragraph (b)(1) clarifies the existing requirement that a corporate credit union have its annual financial statements audited by an IPA in accordance with generally accepted auditing standards. The IPA should be registered or licensed to practice as a public accountant, and be in good standing, under the laws of the State or other political subdivision of the United States in which the home office of the corporate credit union is located.

704.15(b)(2) Internal Control Over Financial Reporting

Proposed paragraph (b)(2) requires an IPA who audits a corporate credit union with assets of at least $1 billion attest to management's assertions concerning the effectiveness of the corporate credit union's internal control structure and procedures for financial reporting. To ensure that an attestation report is sufficiently informative, the report must:

• Identify the internal control framework that the IPA used to make the evaluation (which must be the same as the internal control framework used by management);
• Include a statement that the IPA's evaluation included controls over the preparation of regulatory financial statements;
• Include a clear statement as to the IPA's conclusion regarding the effectiveness of internal control over financial reporting;
• Disclose all material weaknesses identified by the IPA that have not been remediated;
• Conclude that internal control is ineffective if there are any material weaknesses; and
• Be dated by the IPA on or after the date of management's report on its assessment of the effectiveness of internal control over financial reporting.

704.15(b)(3) Notice by Accountant of Termination of Services

In the interests of safety and soundness, and to ensure that NCUA is aware of potential conflicts between a corporate credit union and its IPA, proposed paragraph (b)(3) requires an IPA to notify NCUA if the IPA terminates work as the corporate credit union's auditor. The IPA's notice of termination under (b)(3) is similar to the notice of termination in proposed paragraph (c)(4) that the corporate credit union must provide to both NCUA and the IPA. In its (b)(3) notice, the IPA must state whether the IPA agrees with the corporate credit union's assertions contained in the (c)(4) notice and whether the IPA agrees that the (c)(4) notice discloses all relevant reasons for the IPA's termination.

704.15(b)(4) Communications With Supervisory Committee

The Board believes that communications between a corporate credit union's supervisory committee and its auditor are critical to proper oversight of the auditing function. Accordingly, proposed paragraph (b)(4) establishes certain communication requirements between the auditor and the committee. Under the proposal, an IPA must inform the supervisory committee on a timely basis about: (1) All critical accounting policies, (2) alternative accounting treatments discussed with management, and (3) written communications provided to management, such as a management letter or schedule of unadjusted differences. These requirements are minimum requirements—other communications beyond these requirements are encouraged.

704.15(b)(5) Retention of Working Papers

Consistent with best industry practices, proposed paragraph (b)(5) requires an IPA to retain the working papers related to its audit of a corporate credit union's financial statements for at least seven years. If the IPA has conducted an evaluation of internal control over financial reporting, the IPA must also retain those working papers for at least seven years.Start Printed Page 73005

704.15(b)(6) Independence

Proposed paragraph (b)(6) codifies existing industry self-governance requirements that auditors comply with the independence standards of the American Institute of Certified Public Accountants (AICPA).

704.15(b)(7) Peer Reviews

Proposed paragraph (b)(7) codifies existing industry self-governance requirements that auditors undergo periodic peer reviews. The proposal clarifies that acceptable peer reviews include those performed in accordance with the AICPA's Peer Review Standards and inspections conducted by the Public Company Accounting Oversight Board (PCAOB). This paragraph also requires a corporate credit union's IPA to file a copy of the peer review report, or the public portion of the PCAOB inspection report, with NCUA.

704.15(c)(1) Annual Reporting

Proposed paragraph 704.15(c) sets forth various reporting, filing, and notice requirements. The current regulation is silent on when a corporate credit union must provide a copy of its annual report to NCUA. To ensure timely filing and provide consistent application of the requirement, proposed paragraph (c)(1) provides that a corporate credit union must file a copy of its annual report to NCUA within 180 days after the end of the calendar year. The report must contain the audited financial statements, the IPA's report on those statements, a management report, and, if applicable, the IPA's attestation report on management's assessment of internal control over financial reporting.

704.15(c)(2) Public Availability

Proposed paragraph (c)(2) provides that NCUA will make a corporate credit union's annual report available for public inspection.

704.15(c)(3) IPA's Reports

Consistent with good corporate governance, proposed paragraph (c)(3) requires a corporate credit union to provide NCUA with a copy of any management letter or report issued by its IPA. The proposal includes examples of the types of reports covered.

704.15(c)(4) Notice of Engagement or Change of Accountants

In the interests of safety and soundness, and as discussed above, proposed paragraph (c)(4) requires a corporate to inform NCUA when the credit union engages an IPA or loses an IPA through dismissal or resignation. The corporate must include with the notice a reasonably detailed statement of the reasons for any dismissal or resignation. The corporate must send a copy of the (c)(4) notice required to the IPA when the notice is filed with NCUA.

704.15(c)(5) Notification of Late Filing

Proposed paragraph (c)(5) requires the corporate provide a notice to NCUA of late filing of the annual report. The notice must specify the reasons for the inability to comply with the 180-day requirement and must also state the date by which the report will be filed.

704.15(c)(6) Report to Members

Paragraph (a) of the current § 704.15 requires a corporate credit union to submit a summary of its annual report to the membership. Recognizing that a corporate credit union may not have completed its annual report at the time of the annual meeting, proposed paragraph (c)(6) substitutes the word “preliminary” for “summary.”

704.15(d)(1) Composition

Proposed paragraph 704.15(d) deals with the corporate's supervisory committee. Proposed paragraph (d)(1) discusses the composition of the supervisory committee, stating that its members may not be employees of the corporate credit union and must be independent of the corporate credit union. The employment prohibition codifies Article X, Section 1, of the Corporate Federal Credit Union Bylaws for all corporates. The NCUA Board believes that in the interests of sound governance this prohibition should be applied to all corporates.

The Board further believes that to avoid potential conflicts of interest, supervisory committee members should be independent of the corporate. Under the proposal, a committee member is independent if he or she does not have any family relationships or material business or professional relationships with the corporate credit union and has been free of such relationships for at least three years.

704.15(d)(2) Duties

As a general matter, the supervisory committee should perform all the duties required of it under the corporate's bylaws as determined by the corporate's board of directors. Proposed paragraph (d)(2) clarifies that the committee is also responsible for the appointment, compensation, and oversight of the IPA, and for reviewing with management and the IPA the basis for audit reports.

As the SEC noted when it adopted its final rule implementing a similar provision regarding the audit committees of public companies, the auditing process may be compromised if a company's outside auditors incorrectly view their primary responsibility as serving the company's management rather than the company's full board of directors or audit committee. See 68 FR 18787, 18796, Apr. 16, 2003. The SEC went on to state that auditors may view management as the “employer” if management has the power to hire, fire, and set compensation and that under these circumstances the auditor may not have the appropriate incentive to raise concerns and conduct an objective review. Id. The SEC concluded that one way to promote auditor independence was for the auditor to be hired, evaluated, and, if necessary, terminated by the audit committee. Id. The NCUA Board believes it is critical that accountants who perform audit and attestation services for corporates have an appropriate incentive to conduct an objective review and identify potential concerns. In this regard, the Board believes it is a sound governance practice for a corporate's supervisory committee, rather than its management, to be responsible for the appointment, compensation, and oversight of the accountant.

704.15(d)(3) IPA Engagement Letters

In response to an observed increase in the types and frequency of provisions in financial institutions' external audit engagement letters that limit the auditors' liability, in February 2006 the Federal financial institution regulatory agencies, including NCUA, issued an Interagency Advisory on the Unsafe and Unsound Use of Limitation of Liability Provisions in External Audit Engagement Letters (Interagency Advisory).^[6] The Advisory states that such provisions may weaken the external auditors' objectivity, impartiality, and performance, which in turn may reduce the reliability of audits and consequently raise safety and soundness concerns. The agencies stated that a financial institution should not enter into any agreement that incorporates limitation of liability provisions with respect to audits.

Since a central purpose of this proposal is to increase the reliability of audits, proposed paragraph (d)(3)(i)(B) requires the supervisory committee ensure that audit engagement letters and any related agreements with the IPA for services to be performed under part 704 do not contain certain limitation of liability provisions. Prohibited provisions include any language that Start Printed Page 73006indemnifies the IPA against claims made by third parties; holds harmless or release the IPA from liability for claims or potential claims that might be asserted by the client corporate credit union, other than claims for punitive damages; or limits the remedies available to the client corporate credit union. Consistent with the Interagency Advisory, the proposal does not preclude the use of alternative dispute resolution agreements and jury trial waivers.

704.15(d)(4) Outside Counsel

Proposed paragraph (d)(4) provides that the supervisory committee must, when deemed necessary by the committee, have access to its own outside counsel. All counsel retained by a corporate, regardless of who at the corporate retained the counsel, owe the same fiduciary duties, that is, to provide advice in the best interests of the membership. Accordingly, in most circumstances the Board expects the supervisory committee, when seeking legal advice, would employ the services of the in-house counsel or other counsel under contract to the corporate. The Board believes, however, that in the interest of safety and soundness the supervisory committee must be able to retain counsel at its discretion without prior permission of the board of directors or management, particularly when the committee perceives that the in-house counsel or other counsel under contract to the corporate may be unable to provide unbiased advice.

704.15(e) Internal Audit

Paragraph (e) restates the internal audit requirements in the current paragraph (b).

704.21 Equitable Distribution of Corporate Credit Union Stabilization Expenses

Some of the recent corporate investment losses were absorbed directly by the members of the corporates in the form of capital depletion. Much of these losses, however, were absorbed by the NCUSIF as it made capital injections and launched liquidity and share guarantee programs designed to stabilize the corporate system and protect the system from collapse. The corporate losses absorbed by the NCUSIF—and subsequently transferred from the NCUSIF to the TCCUSF in June of 2009 and 2010—will be paid by all FICUs in the form of premium assessments now and over the next several years. The stabilization actions taken by NCUA to protect the corporate system benefitted every member of every corporate, both FICU and non FICU.^[7] Without NCUA's stabilization actions, the entire corporate system would have been in danger of collapse. NCUA's actions protected both FICUs and non FICUs from potential losses in their uninsured shares and from other potential problems, such as interruptions in their payment systems. Unfortunately, however, not all corporate members have assumed their fair share of the expense of NCUA's corporate stabilization actions. In particular, non FICU members have not paid, and likely will not pay in the future without some encouragement, their fair share of the expenses associated with NCUA's stabilization actions. Accordingly, and as discussed below, this proposal seeks to encourage existing non FICU members to pay their fair share of such expenses.

The proposal adds a new § 704.21, Equitable Distribution of Corporate Credit Union Stabilization Expenses, to provide for the equitable sharing of TCCUSF expenses among all members of corporate credit unions. Proposed § 704.21 provides that when the NCUA Board assesses a TCCUSF premium on FICUs, NCUA will request existing non FICU members make voluntary payments to the TCCUSF. It requires that when the NCUA Board imposes a TCCUSF premium assessment on FICUs, a corporate credit union must furnish to NCUA information about all its non FICU members. NCUA will then request each of these non FICU members to make a voluntary premium payment to the TCCUSF in an amount calculated as a percentage of the non FICU member's previous year-end assets.^[8] In the event one or more of these non FICUs declines to make the requested payment, or makes a payment in an amount less than requested, the proposal requires the corporate conduct a member vote on whether to expel that non FICU. A paragraph-by-paragraph breakdown of § 704.21 follows.

When the Board acts to assess a premium on FICUs, paragraph (a) provides that each corporate credit union must prepare a list of all its members on the date of the assessment that are non FICUs, including the name and assets of each such member, with the address and contact information for each such member. The assets of the non FICUs will be determined as of the previous year-end. The corporate should collect information from the member to support this asset calculation, such as an annual financial statement. If the member will not provide this information to the corporate, the corporate should simply make its best estimate of the asset size and inform NCUA of the basis for the estimate.

Paragraph (b) provides that within 14 days after the date of the assessment on FICUs, the corporate credit union must send the list of non FICU members to the NCUA Office of Corporate Credit Unions. A corporate that has no non FICU members must provide the Office of Corporate Credit Unions with a statement to that effect.

Paragraph (c) provides that within 60 days after the date of assessment on FICUs, the NCUA Chief Financial Officer will request each non FICU to make a voluntary payment to the TCCUSF. The amount of the requested payment will be the entity's assets times 0.815 times the percentage of insured shares that each FICU was assessed. The payment must be received by NCUA within 60 days after the date of the Chief Financial Officer's request.

NCUA determined the 0.815 factor by using the ratio of total aggregate FICU insured shares to aggregate FICU assets. NCUA calculated these ratios for year-end 2008 (ratio = 0.810) ^[9] and year-end 2009 (ratio = 0.819) ^[10] and then averaged the two ratios to obtain the factor 0.815. Accordingly, multiplying a non FICU's assets by 0.815 produces an amount approximating the entity's “insured shares” as if the entity were a Federally-insured credit union.

Paragraph (d) provides that if NCUA does not receive a full, timely payment of the TCCUSF contribution requested, NCUA will notify the corporate credit union of the failure. Paragraph (e) requires that no later than 90 days after receipt of the notice from NCUA, the corporate must call a special meeting of its members to determine whether each member that failed to make the full payment should be expelled from the corporate credit union. For Federally-chartered corporates, the expulsion vote will be conducted in accordance with § 118(a) of the Act, which provides that a member may be expelled by a two-thirds vote of the members present at a special meeting called for that purpose, Start Printed Page 73007but only after an opportunity has been given to the member to be heard. 12 U.S.C. 1764(a); see Article III, § 5 of the Standard Federal Corporate Credit Union Bylaws. For State-chartered corporates, the expulsion vote will be conducted in accordance with the bylaws of the corporate and applicable State law.

Paragraph (f) permits the corporate to conduct the expulsion vote at an annual meeting, if that would coincide with the date of any special meeting called under paragraph (e).

Paragraph (g) provides that for non FICUs that belong to more than one corporate, NCUA will request only one voluntary payment from that non FICU in connection with each TCCUSF assessment. If NCUA does not receive full payment of the amount requested, however, NCUA will notify all corporates to which the non FICU belongs for purposes of conducting an expulsion vote.

As should be clear from the language of proposed § 704.21, NCUA does not ultimately make the determination of whether a non FICU should make a payment to the TCCUSF or the amount of the payment. The non FICU makes that determination. NCUA also does not make the determination of the adequacy of any payment. The members of the affected corporate make that determination when deciding whether or not to expel the non FICU member. It is these corporate members, and particularly the FICU corporate members, that have a vested financial interest in whether or not non FICU members are contributing equitably to cover losses in the corporate credit union system.

The Board does not intend at this time to apply § 704.21 retroactively. Section 704.21 would only apply to TCCUSF assessments made following the effective date of any final rule.

704.22 Enterprise Risk Management

Sound risk management is an integral part of running a corporate credit union, and corporates need to strengthen their enterprise risk management. A well-designed enterprise risk management process can help a corporate by providing a framework within which the board of directors and senior management can determine:

• Where all the corporate's risk exposures lie;
• The amount of risk the corporate has in each exposure and the maximum levels it is willing to accept;
• How the risk exposures are changing; and
• The appropriate risk controls to limit overall risk to targeted levels.

Accordingly, this proposal adds a new § 704.22, Enterprise Risk Management. This section requires corporates to develop and follow an enterprise risk management policy (paragraph (a)). The board of directors must establish an enterprise risk management committee that is responsible for overseeing the corporate's risk management practices and must report at least annually to the board of directors (paragraph (b)). The committee must include at least one independent risk management expert with sufficient experience in identifying, assessing, and managing risk exposures (paragraph (c)).

The proposal defines independent to mean that the expert does not have any family relationships or any material business or professional relationships with the corporate that would affect his or her independence as a committee member, and has been free of any such relationships for at least three years (paragraph (d)). The risk management expert will have post-graduate education; an actuarial, accounting, economics, financial, or legal background; and at least five years experience in identifying, assessing, and managing risk exposures. The expert's experience must also be commensurate with the size of the corporate and the complexity of its operations. Proposed paragraph 704.22(e) clarifies that the risk management expert is not required to be a director of the corporate credit union. The board must hire this individual from outside the corporate.

Proposed paragraph 704.15(a)(2)(iii) requires management of a corporate with assets of at least $1 billion assess the effectiveness of the corporate's internal control structure and procedures for financial reporting. Proposed paragraph 704.15(a)(3) requires the corporate's managers to sign the report. The Board requests comment on whether NCUA should add a corresponding requirement that management assess the effectiveness of the corporate's enterprise risk reporting and that the senior risk management official sign the management report.

704.23 Membership Fees

This proposal adds a new § 704.23, Membership Fees, permitting corporates the option of charging their members, as a mandatory requirement of membership, reasonable one-time or periodic membership fees. The fees must generally be proportional to the member's asset size, and a member must be given at least six months notice of any new fees, or any material change to an existing fee. Furthermore, a corporate can terminate the membership of any credit union that fails to pay the fee fully and on time.

The September Rulemaking requires corporates to achieve certain minimum capital ratios, including, over time, certain minimum retained earnings ratios. NCUA is proposing this amendment to provide corporates with additional options in building up their retained earnings. Unlike a capital contribution, which will not flow to retained earnings, a membership fee flows directly to a corporate's retained earnings.

Paragraph (a) states that a corporate may charge its members a membership fee. The fees may be assessed on a periodic basis or as a one-time fee.

Paragraph (b) provides that the corporate must calculate the fee uniformly for all members and as a percentage of each member's assets. However, the corporate has the discretion to reduce the amount of the fee for members that have contributed capital to the corporate. Any such reduction must be proportional to the amount of the member's non-depleted contributed capital. Calculating the fee as a percentage of each member's assets is fairer to smaller natural person credit unions than a one-size-fits-all fee. In addition, NCUA wishes to give corporates the flexibility to reduce the size of the fee for those members that are contributing more capital to the corporate.

Paragraph (c) requires a corporate to give its members a minimum of six months notice of any new fee, including disclosure of its terms and conditions, before invoicing the fee. For a recurring fee, the corporate must also provide six months notice of any material change to the terms and condition of the fee. Corporate members should be given adequate time to look for alternatives to membership in the corporate should they find the fees too onerous. The Board believes that six months to find an alternative service provider should be appropriate.

Paragraph (d) permits a corporate to terminate the membership of any credit union that fails to pay the fee in full within 60 days of the invoice date. The Board believes this is a reasonable amount of time, given the advance notice required by paragraph (c).

Comment Period

The Board is putting this proposal out for a 30-day comment period in lieu of the standard 60-day comment period. The proposed rule is straightforward in its operation, and so does not require extensive time to consider. In addition, the Board desires, as much as possible, to coordinate the effective date of this Start Printed Page 73008rulemaking with the effective dates of the September Rulemaking.

Regulatory Procedures

Regulatory Flexibility Act

The Regulatory Flexibility Act requires NCUA to prepare an analysis to describe any significant economic impact any proposed regulation may have on a substantial number of small entities (those under $10 million in assets). For the most part, the proposal applies only to corporate credit unions, all of which have assets well in excess of $10 million. The one provision that applies directly to natural person credit unions, which generally limits membership in one corporate at a time, will not affect many small credit unions because they generally do not belong to multiple corporates. Accordingly, the proposed amendments will not have a significant economic impact on a substantial number of small credit unions and, therefore, a regulatory flexibility analysis is not required.

Paperwork Reduction Act

The Paperwork Reduction Act of 1995 (PRA) applies to rulemakings in which an agency by rule creates a new paperwork burden on regulated entities or modifies an existing burden. 44 U.S.C. 3507(d); 5 CFR part 1320. For purposes of the PRA, a paperwork burden may take the form of a reporting, recordkeeping, or disclosure requirement, each referred to as an information collection.

The proposed changes to part 704 in this proposal impose new information collection requirements. As required by the PRA, NCUA is submitting a copy of this proposal to OMB for its review and approval. Persons interested in submitting comments with respect to the information collection aspects of the proposed rule should submit them to OMB at the address noted below.

Estimated PRA Burden

The following discussion describes the new information collection requirements in the proposal:

1. Recorded director votes.

Proposed § 704.13(c)(8) revises existing § 704.13(c), Board responsibilities, to require corporates to conduct all board of directors votes by recorded vote, such that the minutes reporting the vote list the board members (by name) voting for or against the proposal, as well as, if applicable, board members who were absent or otherwise failed to vote, and board members who abstained from the vote. Proposed paragraph (c)(8) would apply to all 27 corporates. NCUA estimates that compliance with the requirement to record all board votes and to include the votes of each director by name in the minutes will take about one hour. Corporates are required to hold a minimum of twelve meetings each year. 27 corporates × 12 meetings = 324 meetings per year. 324 meetings × 1 hour = 324 hours.

2. Equitable distribution of corporate credit union stabilization fund expenses.

When the NCUA Board assesses a premium on FICUs for the TCCUSF in accordance with proposed § 704.21, NCUA will ask current non FICU members of corporates to make voluntary contributions to the TCCUSF. Proposed § 704.21(e) requires a corporate hold an expulsion vote if a non FICU member does not make the requested payment. These provisions would apply to all 27 corporates. NCUA estimates that the NCUA Board may assess a premium on FICUs for the TCCUSF about once each year for the next several years.

Proposed paragraphs (a) and (b) of § 704.21 state that when a TCCUSF premium is assessed on FICUs, a corporate must immediately prepare a list of all its members that are non FICUs, including the name and asset size of each such member as of the end of the previous year, and the address and contact information of each such member, and forward the list to NCUA. NCUA estimates that it should take each corporate approximately 20 hours to collect the information, prepare the list, and submit the list to NCUA. 27 corporates × 20 hours = 540 hours.

Proposed paragraph (e) of § 704.21 provides that following receipt of a notice of non-payment from NCUA, the corporate must call a special meeting of its members to determine whether each non FICU member that failed to make the full payment to the TCCUSF should be expelled from membership in the corporate. The corporate must notify NCUA of the result of the member vote. NCUA estimates that approximately 27 corporates will be required to conduct a member vote on expulsion once each year. NCUA estimates the preparation and mailing of notices and ballots (if paper ballots are used), the collection of ballots (if paper ballots are used), and notifying NCUA of the result of the vote will take about 25 hours. 27 corporates × 25 hours = 675 hours.

3. Disclosure of dual employee compensation from corporate CUSOs.

The amendment to § 704.11 requires that each corporate CUSO disclose compensation of dual employees to the corporate credit unions that make loans to, or invest in, the CUSO. NCUA estimates that this requirement will apply to five or fewer CUSOs, and that making these disclosures will take one hour per CUSO. 5 CUSOs × 1 hour = 5 hours.

4. Management report.

Proposed § 704.15(a)(2) requires each corporate credit union to prepare an annual management report that contains a statement of management's responsibilities for performing certain duties in the corporate credit union. The report must also contain an assessment of the corporate's compliance with certain laws and regulations. NCUA estimates that it should take each corporate approximately 4 hours to prepare its management report. 27 corporates × 4 hours = 108 hours.

5. Large corporate credit union management report.

Proposed § 704.15(a)(2)(iii) requires a corporate credit union with assets of $1 billion or more to include in its management report an assessment by management of the effectiveness of the corporate credit union's internal control structure and procedures for financial reporting. Currently, there are 16 corporates with at least $1 billion in assets. NCUA estimates that it should take a corporate credit union approximately 8 hours to prepare its assessment. 16 corporates × 8 hours = 128 hours.

6. Notice of engagement or change of accountants.

Proposed § 704.15(c)(4) requires a corporate credit union to notify NCUA when it engages an independent public accountant or loses an independent public accountant through dismissal or resignation. The corporate credit union must include with the notice a reasonably detailed statement of the reasons for any dismissal or resignation. NCUA estimates that no more than five corporate credit unions will change accountants each year and that it should take a corporate credit union about two hours to prepare the notice and submit it to NCUA. 5 corporates × 2 hours = 10 hours.

7. Notification of late filing.

Proposed § 704.15(c)(5) requires a corporate credit union that is unable to timely file its Annual Report to submit a written notice to NCUA. NCUA estimates that no more than five corporate credit unions will need to submit such notice and that it should take about one hour to prepare the notice and submit it to NCUA. 5 corporates × 1 hour = 5 hours.

B. Summary of Collection Burden

NCUA estimates the total information collection burden represented by the proposal, calculated on an annual basis, as follows:Start Printed Page 73009

Recorded director votes: 27 corporates × 12 meetings × 1 hour = 324 hours.

Preparation of list of non FICU members of a corporate and providing list to NCUA: 27 corporates × 20 hours = 540 hours.

Conducting special meeting of a corporate's members to expel a member and notifying NCUA of result of vote: 27 corporates × 25 hours = 675 hours.

Disclosure of dual employee compensation from corporate CUSOs: 5 CUSOs × 1 hour = 5 hours.

Management report: 27 corporates × 4 hours = 108 hours.

Large corporate credit union management report: 16 corporates × 8 hours = 128 hours.

Notice of engagement or change of accountants: 5 corporates × 2 hours = 10 hours.

Notification of late filing: 5 corporates × 1 hour = 5 hours.

Total Burden Hours: 1,795 hours.

The NCUA considers comments by the public on this proposed collection of information in:

Evaluating whether the proposed collection of information is necessary for the proper performance of the functions of the NCUA, including whether the information will have a practical use;

Evaluating the accuracy of the NCUA's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;

Enhancing the quality, usefulness, and clarity of the information to be collected; and

Minimizing the burden of collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology; e.g., permitting electronic submission of responses.

The Paperwork Reduction Act requires OMB to make a decision concerning the collection of information contained in the proposed regulation between 30 and 60 days after publication of this document in the Federal Register. Therefore, a comment to OMB is best assured of having its full effect if OMB receives it within 30 days of publication. This does not affect the deadline for the public to comment to the NCUA on the proposed regulation.

Comments on the proposed information collection requirements should be sent to: Office of Information and Regulatory Affairs, OMB, New Executive Office Building, Washington, DC 20503; Attention: NCUA Desk Officer, with a copy to Mary Rupp, Secretary of the Board, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428.

Executive Order 13132

Executive Order 13132 encourages independent regulatory agencies to consider the impact of their actions on State and local interests. In adherence to fundamental federalism principles, NCUA, an independent regulatory agency as defined in 44 U.S.C. 3502(5), voluntarily complies with the executive order.

The proposed rule would not have substantial direct effects on the States, on the connection between the national government and the States, or on the distribution of power and responsibilities among the various levels of government. NCUA has determined that this proposal does not constitute a policy that has federalism implications for purposes of the executive order.

The Treasury and General Government Appropriations Act, 1999—Assessment of Federal Regulations and Policies on Families

The NCUA has determined that this proposed rule will not affect family well-being within the meaning of section 654 of the Treasury and General Government Appropriations Act, 1999, Public Law 105-277, 112 Stat. 2681 (1998).

List of Subjects

12 CFR Part 701

• Credit unions
• Reporting and recordkeeping requirements

12 CFR Part 704

• Credit unions
• Corporate credit unions
• Reporting and recordkeeping requirements

12 CFR Part 741

• Bank deposit insurance
• Credit unions
• Reporting and recordkeeping requirements

For the reasons stated in the preamble, the National Credit Union Administration proposes to amend 12 CFR parts 701, 704, and 741 as set forth below:

PART 701—ORGANIZATION AND OPERATION OF FEDERAL CREDIT UNIONS

1. The authority citation for part 701 continues to read as follows:

Authority: 12 U.S.C. 1752(5), 1755, 1756, 1757, 1758, 1759, 1761a, 1761b, 1766, 1767, 1782, 1784, 1786, 1787, 1789.

2. Add a new § 701.5 to read as follows:

PART 704—CORPORATE CREDIT UNIONS

3. The authority citation for part 704 continues to read as follows:

Authority: 12 U.S.C. 1762, 1766(a), 1772a, 1781, 1789, and 1795e.

4. In § 704.2, add the following new definitions:

Critical accounting policies means those policies that are most important to the portrayal of a corporate credit union's financial condition and results and that require management's most difficult, subjective, or complex judgments, often as a result of the need to make estimates about the effect of matters that are inherently uncertain.

Enterprise risk management means the process of addressing risk on an entity-wide basis. The purpose of this process is not to eliminate risk but, rather, to provide the knowledge the board of directors and management need to effectively measure, monitor, and control risk and to then plan Start Printed Page 73010appropriate strategies to achieve the entity's business objectives with a reasonable amount of risk taking.

Examination of internal control means an engagement of an independent public accountant to report directly on internal control or on management's assertions about internal control. An examination of internal control over financial reporting includes controls over the preparation of financial statements in accordance with accounting principles generally accepted in the United States of America and NCUA regulatory reporting requirements.

Family, as it relates to a particular individual, means that individual's spouse, parents, children, and siblings, whether by blood, marriage, or adoption; and any other person residing in the individual's home.

Financial statements means the presentation of a corporate credit union's financial data, including accompanying notes, derived from accounting records of the credit union, and intended to disclose the credit union's economic resources or obligations at a point in time, or the changes therein for a period of time, in conformity with GAAP. Each of the following is considered to be a financial statement: A balance sheet or statement of financial condition; statement of income or statement of operations; statement of undivided earnings; statement of cash flows; statement of changes in members' equity; statement of revenue and expenses; and statement of cash receipts and disbursements.

Financial statement audit means an audit of the financial statements of a credit union performed in accordance with generally accepted auditing standards by an independent person who is licensed by the appropriate State or jurisdiction. The objective of a financial statement audit is to express an opinion as to whether those financial statements of the credit union present fairly, in all material respects, the financial position and the results of its operations and its cash flows in conformity with GAAP.

Generally accepted auditing standards (GAAS) means the standards approved and adopted by the American Institute of Certified Public Accountants which apply when an “independent, licensed certified public accountant” audits private company financial statements in the United States of America. Auditing standards differ from auditing procedures in that “procedures” address acts to be performed, whereas “standards” measure the quality of the performance of those acts and the objectives to be achieved by use of the procedures undertaken. In addition, auditing standards address the auditor's professional qualifications as well as the judgment exercised in performing the audit and in preparing the report of the audit.

Independent public accountant (IPA) means a person who is licensed by the appropriate State or jurisdiction to practice public accounting. An IPA must be able to exercise fairness toward credit union officials, members, creditors and others who may rely upon the report of a supervisory committee audit and demonstrate the impartiality necessary to produce dependable findings. As used in this part, IPA is synonymous with the terms “auditor” or “accountant.” The term IPA does not include a licensed person working in his or her capacity as an employee of an unlicensed entity and issuing an audit opinion in the unlicensed entity's name, e.g., a licensed league auditor or licensed retired examiner working for a non-licensed entity.

Internal control means the process, established by the credit union's board of directors, officers and employees, designed to provide reasonable assurance of reliable financial reporting and safeguarding of assets against unauthorized acquisition, use, or disposition. A credit union's internal control structure generally consists of five components: Control environment; risk assessment; control activities; information and communication; and monitoring. Reliable financial reporting refers to preparation of Call Reports that meet management's financial reporting objectives. Internal control over safeguarding of assets against unauthorized acquisition, use, or disposition refers to prevention or timely detection of transactions involving such unauthorized access, use, or disposition of assets which could result in a loss that is material to the financial statements.

Internal control framework means criteria such as that established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) or comparable, reasonable, and U.S. recognized criteria.

Internal control over financial reporting means a process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance regarding the preparation of reliable financial statements in accordance with accounting principles generally accepted in the United States of America. A corporate credit union's internal control over financial reporting includes those policies and procedures that:

(1) Pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the entity;

(2) Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with accounting principles generally accepted in the United States of America, and that receipts and expenditures of the entity are being made only in accordance with authorizations of management and those charged with governance; and

(3) Provide reasonable assurance regarding prevention, or timely detection and correction of unauthorized acquisition, use, or disposition of the entity's assets that could have a material effect on the financial statements.

Supervisory committee means, for Federally chartered corporate credit unions, the supervisory committee as defined in Section 111(b) of the Federal Credit Union Act, 12 U.S.C. 1761(b). For State chartered corporate credit unions, the term supervisory committee refers to the audit committee, or similar committee, designated by State statute or regulation.

5. In § 704.11, revise paragraphs (g)(5) and (g)(6), and add a new paragraph (g)(7), to read as follows:

PART 741—REQUIREMENTS FOR INSURANCE

12. The authority citation for part 741 continues to read as follows:

Authority: 12 U.S.C. 1757, 1766(a), 1781-1790, and 1790d; 31 U.S.C. 3717.

13. Add a new § 741.226 to read as follows:

Footnotes