NCUA’s Hypocrisy Causes A Firestorm

In the light of day, NCUA’s disclosure that FIS received an information technology supervisory letter from the FDIC doesn’t appear threatening. Is that good or bad?


This past week the NCUA forwarded to credit unions an FDIC report on FIS. For most of us, the FDIC report is the kind of thing we consider confidential, something similar to what we get from our own regulator that we are not supposed to disclose. In this case, the NCUA took a different tack.

As the CEO of a CUSO, I’m already wondering what a new relationship with the NCUA will mean to my organization, so the FIS report raises many questions. Should the government use its regulatory power to issue buyer beware notices to motivate businesses to resolve issues? Does this include opinions on issues of good management practices? And can the government control the echo effect of this information? A bad report is news; will it still be news if the situation is significantly improved?

That’s one strike against releasing such reports as a general practice.

On one hand it makes sense that credit unions and banks would want more information about which vendors are doing well, which are not, and which ones should be avoided.

That’s one point for doing this as a general practice. But in this case, did the NCUA give enough guidance to help with the buying decision? Does this set a precedent we want NCUA to repeat?

Why has the government to this point not wanted the American consumer to be knowledgeable about the “unsatisfactory risk management” of banks and credit unions? It might be because regulators are worried about shouldering the responsibility for an opinion formed a little too easily or a harsh critique made a little too hastily. As a CUSO vendor, I would want to argue with the NCUA if its actions would ruin my brand unnecessarily, especially if it was hesitant to tell American consumers about the ratings of credit unions or banks for fear of undermining consumer confidence. Credit unions as consumers? No problem undermining their confidence. Credit union members as consumers? Big problem undermining their confidence. Can the regulator have it both ways?

Our industry needs great regulation. Our industry needs great regulators. Our industry needs consumers and owners to have confidence about why our solutions fit their lives. I have no inside knowledge about the practices of FIS, and I have no direct opinion about the details of the case, but I do believe regulators should not have it both ways. To publicize the weaknesses or malpractice of a vendor in order to protect a consumer is a practice that must be used judiciously and consistently.

I hope someone in Washington is considering how this FIS case might affect the credit union industry should the NCUA obtain more oversight of vendors and use that power to influence consumers. Will the NCUA act without responsibility for the correctness and consequences of its comments?

I am a proponent of regulators and rating systems being more open for consumers, and I support State Employees’ Credit Union using a CAMEL ratio to highlight a competitive difference. I am shocked the NCUA would consider it a dreadful breach to disclose a CAMEL score yet find it acceptable to distribute this FDIC report. If it is wrong to differentiate financial institutions on the confidential comments of an examination because it might overtly affect consumer scrutiny, how is this any different?

I am not commenting on the details of the report or on FIS. My questions and comments are meant to address our need as industry leaders to influence regulator practices so we can keep our reputations and businesses strong. If we want transparency for our buying decisions as credit unions and CUSOs, then we should demand the same for our members. Does the NCUA believe its comments about credit unions will stand in the light of day? Right now, the NCUA seems confident bullying operators behind closed doors. What do we want NCUA to do?

Once again, I remind us all that we are the system. We should use our voice to make sure all parts of the system work for our members: the owners of our cooperatives.




April 13, 2012


  • The issue of the NCUA letter--confidential or not--raised similar questions in my mind...However, this is certainly not the first time in recent years that "Hypocrisy and NCUA" have been said in the same breath. I appreciate the insigths expressed in the article and applaud the challenge for our industry to demand better.
    Polly Bell
  • I think a more important question is who is rating the rater? If you were not forced would you pay for NCUA? Have they not been a part of more losses to the industry than any vendor? What would happen if they actually had competition.

    They are generally clueless. With the country screaming about the GSA on junkets in Vegas, NCUA has a conference in Disney world in a resort! Its the member's money they are spending!!!!!!
    Bill Brooks
  • The decision by NCUA could influence customers of FIS to consider alternatives when FIS has been an excellent provider of services to many credit unions and banks for years. It makes anyone who is regulated uncomfortable commenting as you don't know who's next and whether this action was forewarned.
    Jim Dean
  • I guess this column would come under the "what's sauce for the gander . . ." category.
  • As a staffer AND member of CUs - the transparency is critical - but also will make all our jobs more difficult. Just as people are running to CUs without the knowledge that their home loans can still be sold there, or that many CUs invest in bank CDs - it is a fine line we walk.

    Kade Ja-Latefah
  • I was reading with full agreement up to the comments about disclosure of CAMEL. I am not sure that you really want government agencies picking winners and losers in the market place.

    In the brave new world of technology all systems are subject to attack. I wonder if FIS may actually be a safer system than smaller alternatives. If you can point to a processor who is absolutely secure, than I would say disclose. I think they hack the Pentagon on a regular schedule. Do we change the military?
    Bill Brooks
  • Great article. I was taken aback by the threat on the cover letter from NCUA that if we shared this info we would be subject to federal penalties, fine and jail. This was sent to 7000 credit union that have up to nine member boards. It was on sent regular us mail on faded copy paper. I have no relationship with FIS and I do not care to have that info. Will this threat be on all NCUA letters now?
    David Proffitt
  • I, for one applaud your insightful comments on the issues this latest action by NCUA raises.

    I am wondering what the intent behind the release of this type of report was? Why didn’t the NCUA and FDIC rely on FIS to fulfill their responsibility to their credit union customers to inform them of relevant issues and corrective actions undertaken/planned, rather than take this unprecedented action?

    Chris Ison
  • As a CPA that audits credit unions and CUSO's I’m quite surprised by the release of such confidential information, particularly when done in a vacuum and without any organized framework or precedent for doing so. The auditing profession has long been the primary “watchdog” for CUSO organization internal controls and I’m sure FIS has such reports available (under the framework of SAS 70 and now SSAE 16). Perhaps sharing the service auditor’s report might fairly tell the FIS internal control story.
    Roger A. Jones, CPA
  • These are thoughtful comments. The subject needs to be discussed.
    Dick Johnson
  • i agree with the bullying comments. the disclosure of FIS gave no detail to be useful to a CU. it has all the hallmarks of FDIC/NCUA stricking it to someone that they disagreed with. Rather than deal with the issues of the matter, the regulators arbitrarily disclosed information, then told the CUs to keep it confidential. By the way, i have seen no hand-wringing from FDIC/NCUA that their confidential information about FIS has been released to the media and public at large.

    It seems to be the same thing that they did to State Employees when they released the CAMEL issued from the NC state regulator (not the NCUA CAMEL). In that case, NCUA decided to punish all NC state chartered CUs.
  • NCUA and the state offices of financial regulation are not elected and have no accountability. As such they know that their actions cannot be challenged and for the regulated there exists the fear of reprisal. Nobody at NCUA or a state OFR has ever apologized for their conduct, errors, or accepted responsibility. If the American consumers understood how poorly the regulatory agencies are managed and the harm they cause, that would shake their confidence far more than a leaked exam report.
    Tom Randle