An official website of the United States government
NCUA Board hears presentations from staff during the October 2022 NCUA Board Meeting at the NCUA’s headquarters in Alexandria, Virginia.
As Prepared for Delivery on October 20, 2022
Thank you, Rendell and Jim, for your presentation on the work of the NCUA’s Enterprise Risk Management Council and the agency’s risk appetite statement. I appreciate all of your hard work, and I will support approving the risk appetite statement.
I also would like to thank Board Member Hood for encouraging the NCUA to take a holistic approach to our enterprise risk management program. Your insight and leadership contributed greatly to the risk appetite statement we are considering today. Moreover, the modifications suggested by Vice Chairman Hauptman improved the final document and ensured that we will appropriately permit innovation within the credit union system to continue.
As noted earlier, the NCUA uses an enterprise risk management program to evaluate the various factors affecting the agency’s performance relative to its mission, vision, and strategic goals. These factors and risks include both internal considerations, such as the agency’s internal control framework and information security posture, and external ones, like the evolution of the credit union system and the financial services marketplace.
The enterprise risk appetite statement presented today is part of the NCUA’s overall management approach. And I am especially pleased that we will have an adverse risk appetite when addressing identified safety and soundness concerns at credit unions. This means we will be risk-focused and ready to act expeditiously, if needed. I also appreciate that through this statement we will remain focused on ensuring compliance with and enforcement of federal consumer financial protection laws and regulations at credit unions.
Risk may be unavoidable when carrying out the NCUA’s safety and soundness and consumer protection missions. However, this enterprise risk appetite statement establishes boundaries for the NCUA on the risks it is willing to accept. Effective enterprise risk management and a well-articulated risk appetite are solid management practices for federal agencies and credit unions alike. A sound risk appetite statement creates an understanding needed to achieve organizational objectives. Further, the NCUA’s enterprise risk management program models the behaviors the agency expects of all credit unions.
Change is constant, and the NCUA’s enterprise risk management program continues to evolve in response. The new risk appetite statement considered today evolved from an earlier one developed by the NCUA’s Enterprise Risk Management Council and recognizes how the world and financial services sector changed during the pandemic.
Much has changed since March of 2020. The potential for interest rate and liquidity risk are increasing in the credit union system and there are strong economic head winds on the horizon. There are new competitors in the financial services marketplace, and consumers are increasingly turning to mobile apps and online banking to conduct transactions. The market for diverse and talented employees remains incredibly competitive. And the potential for cyberattacks has only grown.
As such, I encourage all credit unions to take a fresh look at their existing risk appetite statements or to begin the process of adopting a risk appetite statement. Assess the potential risks your institutions face. Implement processes and structures to manage those risks appropriately. It will ensure your credit union can adapt to the changing marketplace and weather all challenges.
Rendell and Jim, I just have two questions for you. First, how has the agency’s enterprise risk management program guided the NCUA’s actions since its inception?
Thank you for illustrating how important a strong enterprise risk management program can be. Second, what are the next steps after the NCUA Board approves the risk appetite statement?
Thank you, Rendell, and thank you both for this presentation and your hard work.
In sum, the NCUA’s new enterprise risk appetite statement is a well-structured plan that provides transparency on the factors that guide the NCUA Board and the agency’s senior leadership in our decision-making and allocation of resources in the years ahead.
That concludes my comments. I now recognize Vice Chairman Hauptman.