Letters to Credit Unions and Other Guidance

From time to time, the NCUA will provide guidance and other information to the credit union system on regulatory and supervisory matters, trends affecting federally insured credit unions and potential risks and threats.

  • Letters to Credit Unions — Provide guidance on specific NCUA policies and procedures, compliance, governance, and other timely issues that affect all federally insured credit unions.
  • Letters to Federal Credit Unions — Provide guidance on specific NCUA policies and procedures, compliance, governance, and other timely issues that affect only credit unions with a federal charter.
  • Risk Alerts — Detail practices or external threats that potentially are a significant risk to the safety and soundness of the credit union system.
  • Regulatory Alerts — Provide guidance on rules and regulations from other agencies that all credit unions must comply with.
  • Supervisory Letters — Provide the NCUA’s examiners with instructions and information on a range of supervisory and regulatory issues.
  • Accounting Bulletins — Provide guidance and instructions on how changes in generally accepted accounting principles and other regulatory initiatives affect how credit unions report these items in their financial statements.
  • Consumer Financial Protection Updates — Announce new activity on consumer compliance laws, regulations and guidance.

You can search these regulatory letters going back to 1979 by document type, the year issued, by subject and by title or keywords. Please note that obsolete letters are not included.

Showing 1 - 11 of 11 Results
Docket # Title Subject Type Year Status
22-RISK-01 Heightened Risk of Social Engineering and Phishing Attacks Cybersecurity Risk Alerts 2022 Active
21-RISK-01 Business Email Compromise through Exploitation of Cloud-Based Email Services Cybersecurity Risk Alerts 2021 Active
20-RISK-02 COVID-19 Fraud Schemes Consumer Protection Risk Alerts 2020 Active
20-RISK-01 Cybersecurity Considerations for Remote Work Cybersecurity Risk Alerts 2020 Active
19-RISK-01 Business Email Compromise Fraud Cybersecurity Risk Alerts 2019 Active
13-RISK-01 Mitigating Distributed Denial-of-Service Attacks Cybersecurity Risk Alerts 2013 Active
11-RISK-01 Security Breach involving RSA SecurID Tokens Cybersecurity Risk Alerts 2011 Active
09-RISK-01 Information Systems & Technology Cybersecurity Risk Alerts 2009 Active
06-RISK-01 Disaster Planning and Response Business Continuity Risk Alerts 2006 Active
05-RISK-02 Raising Consumer Awareness of Phishing Schemes Cybersecurity Risk Alerts 2005 Active
05-RISK-01 Specialized Lending Activities—Third-Party Subprime Indirect Lending and Participations Risk Management Risk Alerts 2005 Active

The NCUA is committed to providing an excellent user experience to all individuals, including persons with disabilities. If you require an accommodation to access information on or to use this website, contact Section508@NCUA.gov to request one. Please visit the NCUA's Accessibility Statement for additional information.