Skip to main content
United States flag An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NCUA Chairman Todd M. Harper Remarks at the Virginia Credit Union League CEO Summit

September 2022
NCUA Chairman Todd M. Harper Remarks at the Virginia Credit Union League CEO Summit

As Prepared for Delivery on September 30, 2022


Good morning, everyone. And, thank you, Carrie, for that kind introduction. I’m deeply interested in American history, and there’s a lot of that in the Charlottesville area, so I jumped on the chance to join you today.

I am usually reluctant to fill my remarks with too many numbers and figures, perhaps even more so this early in the morning because many of you are probably just finishing up your first cup of coffee to get you through the day. However, I believe in this case, industry statistics tell an important story about the state of the credit union system and its prospects for the future. So, please bear with me as I highlight some of these figures this morning.

2022 Q2 Performance Data

Earlier this month, the NCUA released Credit Union System Performance Data for the second quarter of 2022. Overall, the numbers point to a healthy credit union system that is facilitating the ability of households to achieve their financial goals.

For example, the industry’s aggregate net worth ratio grew to 10.42 percent, which represents a recovery of 40 basis points from a pandemic low of 10.02 percent. And, at the end of the second quarter, we recorded a 16.2 percent year-over-year increase in credit union loans. We have to go back more than two decades to see loan growth of this magnitude.

As you all know, the credit union system has also experienced significant growth in size and complexity during the last 10 years. This evolution is especially apparent in the number of large and very large credit unions in existence today.

For example, the most recent quarterly data shows that the number of federally insured credit unions with assets of at least $1 billion increased to 412 in the second quarter of 2022. Together, these billion-dollar-plus credit unions held $1.6 trillion in assets. That’s three out of every four dollars within the system. And, following a longstanding pattern, these credit unions reported the strongest growth in loans, membership, and net worth over the year ending in the second quarter of 2022.

Warning Signs

But, that’s not the entire story.

We have also seen declines in the credit union system’s net income and returns on average assets, rapidly rising interest rates, and continued inflationary pressures. And, we have identified growing liquidity concerns at individual institutions within the system, including at several billion-dollar-plus credit unions.

Therefore, credit unions of all types and sizes must remain diligent in managing safety and soundness, as we continue to navigate the challenging economic environment ahead of us.

Cybersecurity and Third-Party Vendor Authority

And, let’s not forget the specter of cyberattacks continues to loom over the credit union system. The likelihood of cyberattacks impacting credit unions, their regulators, and consumers has been steadily rising because of Russia’s unjust war in Ukraine, advances in financial technology, and increases in the use of remote workforces and mobile technology for financial transactions.

It is also a vulnerability throughout the industry because of a need for greater cybersecurity awareness, obsolete information technology infrastructure, and outdated cybersecurity policies and procedures. While the U.S. Government has not yet detected specific cyber operations directed at the financial sector or in our credit union ecosystem, it has observed “preparations” that include scanning websites and bad actors probing for known vulnerabilities.

This information serves as a warning to regulators and credit unions alike that cyberattacks are ultimately a question of when, not if.

To protect the system, we all need to maintain a heightened state of cybersecurity awareness. That also means establishing a regulatory framework that helps the system stay one step ahead of the bad actors who perpetrate cyberattacks. That’s why the agency will begin using its new Information System Examination tool, or ISE for short, in the coming months. This tool will have a streamlined program for small credit unions, a standard tool for most credit unions, and an in-depth system for more complex credit unions.

Additionally, when the NCUA’s statutory third-party vendor authority expired in 2001, a continuously growing regulatory blind spot was created that exposes credit unions to more sophisticated attacks on these unsupervised and unregulated service providers. That is why the agency has consistently advocated for the restoration of this important supervisory authority.

In the same vein, the NCUA has proposed a rule on cyber incident notification requirements for federally insured credit unions to promote information sharing and cyber awareness. After all, federally insured credit unions are not only the system’s first line of defense, but they are also the NCUA’s eyes and ears.

Capital Adequacy and RBC/CCULR

Amidst such uncertainty, it is critical for large credit unions, such as those of you here today, to also monitor and maintain adequate capital levels, so the system can withstand future crises and continue to serve members with minimal disruption. Capital, after all, is the first line of defense against losses.

I have long held that all financial institutions backed by federal share or deposit insurance, including federally insured credit unions, should hold capital commensurate with the risks held on their balance sheets. To facilitate complex credit unions’ adoption of a strong, risk-focused capital adequacy framework, the NCUA has prioritized regulatory measures that strike a balance between maintaining strong capital levels, protecting safety and soundness, and simplifying implementation.

To that end, the NCUA Board unanimously approved the Complex Credit Union Leverage Ratio final rule, also known as CCULR, last December. Comparable to the Community Bank Leverage Ratio adopted by federal banking agencies, the CCULR framework simplifies the way that complex credit unions meeting specified eligibility criteria may comply with the NCUA’s risk-based capital regime. Instead of calculating the risk-based capital ratio, credit unions using the CCULR option must maintain a higher net worth ratio than otherwise required for the well-capitalized classification.

In conjunction with NCUA’s final rules on subordinated debt and derivatives, the CCULR and Risk-Based Capital rules promote responsible and robust capital levels across the credit union system. And, this increased capital reserving is a success story that should be told more often, because it will not only better protect the system from future losses, but it will also minimize the premiums that all surviving credit unions will need to pay when a large, complex credit union fails in the future.

Interest Rate Risk

And, the turbulence we are currently seeing is due in no small part to the recent volatility in interest rates. During the first half of 2022, the United States experienced the sharpest increase in interest rates in decades.

Substantial, sudden changes in inflation, the interest rate environment, and broader economic conditions call for extra vigilance. A credit union’s ability to manage interest rate risk will remain a crucial factor in its performance going forward. So, credit unions must pay careful attention to the fundamentals of capital, asset quality, earnings, and liquidity.

The current environment also underscores the importance of the Central Liquidity Facility, or CLF, so that institutions, regardless of size, have access to emergency funds should a systemic liquidity event occur. This is why the entire NCUA Board currently supports legislative changes to adjust the CLF agent member requirements to allow members to purchase capital stock for a subset of their credit unions served.

The Road Ahead

In closing, the credit union system is rapidly changing, and the NCUA must change with it. This is not your father’s or even your grandfather’s credit union system. I can say that because both my father and grandfather were involved in chartering credit unions.

Back then, credit unions were extremely small, focused intently on serving members’ needs, and posed limited risks to the broader system. Today, with the recent growth in the number of billion-dollar-plus credit unions, cybersecurity threats, and economic uncertainty, we see much greater risks for which the NCUA must prepare.

Going forward, our focus will remain on the strength of the system, the needs of credit union members, and the NCUA’s preparedness to respond to evolving economic conditions. As such, the NCUA will continue to be fair and forward looking; innovative, inclusive, and independent; risk focused and ready to act when needed; and engaged appropriately with stakeholders to develop effective regulation and efficient supervision.

And, this philosophy will continue to drive the NCUA’s actions in the years ahead. In doing so, we will prioritize capital and liquidity, cybersecurity, consumer financial protection, and inclusion. And, by inclusion, I mean both diversity, equity, and inclusion within our agency and economic inclusion within the broader financial service system. And, to keep pace with the changing competitive and technological landscape, the NCUA will continue to foster innovation within the agency and credit unions, as appropriate.

If we all do our jobs right, we will be successful in fulfilling the credit union system’s statutory mission of promoting access to affordable credit, especially for people of modest means, for generations to come.

Thank you again for inviting me to be with you today. I look forward to our conversation, Carrie.

Todd M. Harper Cybersecurity Central Liquidity Facility
Last modified on