NCUA Fair Hiring in Banking Proposal


On Oct. 19, NCUA proposed to allow hiring those with some offenses.


  • NCUA reported board approved issuance of proposed rule on fair hiring in banking.
  • Proposal would incorporate the NCUA’s Second chance interpretive ruling, policy statement (IRPS 19-1), and the fair hiring in banking act (FHBA) into its regulations.
  • Also, would amend the statutory prohibitions imposed by Federal CU act S. 205(d).
  • Allow people convicted of certain minor offenses to work in CU without board approval.
  • At 9th open meeting 2023, also issued share insurance simplification, see #188852.
  • Board also received briefing on cybersecurity issues facing credit unions, their vendors.
  • Fair Hiring in Banking
  • Section 205(d) prohibits person convicted of certain criminal offenses on dishonesty or breach of trust/entered pretrial diversion or similar from participating in CU affairs.
  • Such participation prohibited except with prior written consent of NCUA Board,.
  • Proposal would address, among other topics, individuals and types of offenses covered by Section 205(d) and the NCUA’s procedures for reviewing a consent application.
  • Would amend NCUA’s policies and procedures governing an application to rescind a prohibition per 205(d), as currently reflected in the Second Chance policy statement.
  • Consistent with FHBA amendments and comparable FDIC regulations, see #121712.
  • Also, regulation governing conditions newly chartered/troubled federally insured CUs (FICU) must notify NCUA of proposed change to board, committees, senior executives.
  • Additionally, conforming changes; would amend 12 CFR 701, federal CU organization, operation, 12 CFR 741, requirements for insurance, 12 CFR 746, appeals procedures.
  • Further, would amend 12 CFR 748, security program, suspicious transactions, catastrophic acts, cyber incidents, BSA compliance; would add new part 12 CFR 752.
  • If final rule approved, Second chance interpretive rule, policy statement rescinded.
  • Cybersecurity
  • Employees from Office of examination and insurance and Office of the executive director briefed the Board on trending cybersecurity attack tactics, vendor incidents.
  • Staff also briefed the Board on the implementation of the NCUA’s Information security examination program and reviewed the results of the Cyber incident reporting rule.
  • CU's were encouraged to download the Automated Cybersecurity Evaluation Toolbox.
  • ACET is available at no cost and can be found online on the NCUA’s website.
  • 146 incidents were reported in the first 30 days of the cyber incident reporting rule
  • More than 60% of reported incidents were due to compromises to 3rd party vendors.
  • Credit union staff, boards of directors are encouraged to review their third-party vendor relationships, assess and mitigate potential risk associated with products.
  • Stressed strengthening their institution’s cyber vigilance and preparedness efforts.
  • Consultation
  • Comments must be submitted in 60 days from pending publication in federal register.
  • Nov. 2023 Fed Reg Proposal
  • On Nov. 7, 2023, NCUA published proposal in federal register, comments Jan. 8, 2024.
  • Sep. 19, 2024 NCUA Final Rule Approval
  • On Sep. 19, 2024, NCUA issued Board Action Bulletin reporting approval of final rule.
  • Codified Sec 205(d) of Federal CU act, and incorporated IRPS 19-1 and Fair hiring in banking act into NCUA regs; IRPS 19-1 rescinded with the issuance of final rule.
  • NCUA Board had generally adopted provisions of final rule as they were proposed.
  • Notable change from proposal was deleted proposed section on requirement for fidelity bond coverage and the disclosure of de minimis offenses to insured credit unions.
  • Will publish guidance to clarify other persons who are not institution-affiliated parties.
  • Final rule becomes effective 30 days following its publication in the federal register.
  • Sep. 30, 2024 Fed Reg Final Rule
  • On Sep. 30, 2024, NCUA published final rule in federal register, effective Oct. 30, 2024

Regulators NCUA
Entity Types Bank; CNSM; CU
Reference 89 FR 79380, 9/30/2024; Bul, RF, Rpl IRPS 19-1, 9/19/2024; 88 FR 76702, 11/7/2023; PR, RF NCUA-2023-0023, 10/19/2023; RIN 3133-AF55; BSA; Citation: *12 CFR* 701, 741, 746, 748;
Functions Compliance; C-Suite; Cyber; Financial; HR; Legal; Operations; Outsourcing; Reporting; Risk; Technology
Countries United States of America
Category
State
Products Banking
Regions Am
Rule Type Final
Rule Date 10/19/2023
Effective Date 10/30/2024
Rule Id 188748
Linked to Rule :188852
Reg. Last Update 9/30/2024
Report Section US Banking

Last substantive update on 10/02/2024