Commercial Loan Administration

Loan administration is the operational arm of a credit union’s lending function. It begins when a loan is approved, and continues through a loan’s final payoff. Loan administration includes many responsibilities and activities. While these vary widely from credit union to credit union, some are consistent across institutions, including risk identification, management, monitoring, and reporting duties.

There are a number of quality control steps and operational functions that support a sound loan administration process. At a minimum, the credit union’s process should include steps to:

• Manage the borrowing relationship after a loan is initially granted
• Monitor the ongoing risk of the exposure, including periodic reviews of the borrower
• Obtain independent reviews or audits of the commercial loan portfolio and program
• Complete credit analysis and credit approval documents1 A credit approval document is the official document that contains the full risk assessment of the borrower; it is used for the formal approval of the loan transaction. It may also be referred to as a credit memo, credit write-up, loan approval document, credit proposal, credit approval vehicle, credit display, etc.
• Perform pre- and post-closing processes to ensure loans are closed, loan documents are properly executed, funded, and booked on management information systems accurately and as approved
• Ensure loan and collateral documents are properly and accurately prepared, whether prepared internally, by a third party, or an attorney (a document review checklist may be used for this function)
• Monitor and report compliance with policy, procedures, and regulations
• Track, monitor, and report exceptions (policy, underwriting, technical)

• Generate loan-level and portfolio-level reports for senior management and the board of directors

  • Examples include concentrations of loans by industry and type, loan structure, and interest rate; compliance reports concerning the aggregate loan limit to one borrower or groups of associated borrowers; compliance with the statutory member business loan cap outlined in NCUA regulation § 723.8; other reports to show compliance with all limits established in policy; summary of loan risk ratings; delinquency; workouts; modification; troubled debt restructured loans; watch list and problem loan reports, and more.

• Prepare loan and collateral documentation that establish the obligation and secure the debt

  • Electronic or hard copy loan and collateral files should be maintained using commercial file documentation checklists.
  • A credit union may use a checklist and third party to perform this function.
• Ensure and maintain lien attachment and perfection
• Disburse loan proceeds and other advances related to borrowing base certificates and construction loans
• Inspect the condition, confirm the value, and monitor the marketability of the collateral
• Maintain loan and collateral files (electronic or hard copy) using commercial file documentation checklists
• Maintain an MIS to ensure adequate loan-level data quality and integrity
• Enter or “board” loans onto credit union systems (servicing, monitoring, management, as applicable)
• Perform servicing functions for collecting and posting loan payments, as well as billing, quoting, processing payoffs, and releasing collateral
• Maintain tickler, tracking, monitoring, and reporting systems such as pending loan and collateral documentation, ongoing operational and financial documentation, completion status of annual loan reviews, and covenant tracking and reporting
• Manage ALLL analysis and data, as well as charge-offs, workouts, problem loans, watch lists, non-accrual, and supplemental accounting systems2 Supplemental accounting requires a separate accounting system to record the adjusted balance and terms of a loan that has been changed from the regularly scheduled terms of the contract or note. Examples would be loans that are impaired, such as TDRs.

Loan administration provides ongoing support in the management of individual loans and the overall loan portfolio. Proper loan administration is necessary to ensure a credit union’s risk management process, management information systems, and internal controls are reliable and effective. Loan administration activities and functions also ensure senior management and the board of directors receive reports and periodic assessments concerning how the commercial lending staff understand the institution’s credit culture and risk appetite, and whether the loans’ performance conforms to established standards.

Loan administration activities and staff should be independent of loan production. These activities should be tailored and resourced to promote and maintain safe and sound commercial lending practices and a quality commercial loan portfolio.

Loan Administration Risks

Loan administration is an important control mechanism, and is a credit union’s first line of defense in the ability to collect on a loan. This highly detailed and specialized work requires skill and expertise. Inadequate loan administration could lead to unnecessary losses.

Loan administration system failures occur when:

• Information systems fail to provide adequate and timely information concerning concentrations, expired facilities, or stale financial statements
• Staff fail to perfect or renew collateral liens
• Staff fail to obtain proper signatures on loan and collateral documents
• Staff fail to enforce loan covenants
• Staff do not disburse loan proceeds as required by the loan documents
• Staff fail to process loans or notify borrowers regarding credit renewal prior to loan maturity
• Staff fail to detect early warning signs of debt repayment stress
• Staff fail to proactively contact borrowers as soon as potential concerns are noted
• There are issues with loan and collateral documentation
• Internal and systems controls, data quality, tracking, and monitoring are lacking
• Filing and maintenance are disorganized

Weaknesses in loan administration can pose significant safety and soundness issues for a credit union. Concerns about the adequacy of loan administration may signal the need for more extensive examination procedures.

Loan and Collateral Documentation

Examples of loan administration weaknesses and risks associated with loan and collateral documentation are provided below.

• Loan agreements drafted without loan covenants (financial and reporting) as listed in the credit approval document to mitigate and monitor risk

  • Failure to properly execute a covenant in the formal loan documents may render them unenforceable.

• Failure to obtain or retain necessary documentation including:

  • Guaranty agreements
  • Estoppel certificates
  • Subordination, non-disturbance, and attornment agreements (SNDAs)
  • Borrowing resolutions (signing authorization for legal entities)
  • Promissory notes
  • Security agreements
  • Recordation of lien documents (mortgages, deeds of trust, UCCs)

• Loan and collateral documents inconsistent with state and federal regulations

  • Laws, regulations, and documentation standards vary from state to state. Each credit union is responsible for documenting and maintaining an enforceable obligation in accordance with state and federal law. For example, to maintain the lien position for a lien perfected by a UCC filing, the recorded UCC usually needs to be renewed every five years. When necessary, a credit union should employ the services of local legal counsel to review or prepare loan and collateral documents, especially for out-of-market transactions.

• Processing of collateral lien releases resulting in unintended unsecured or under-secured loans

  • Failure to consider cross-collateralization and partial pay-downs insufficient to pay the loan in full increases this risk. Without close attention to detail, a credit union may release collateral without adequate principal repayment or release the wrong collateral. Loan agreements must contain collateral release clauses when appropriate, such as development and lot loans. Floor plan loans and other loan types should also contain collateral release clauses when the sale of specific collateral is also the repayment source.

Internal and Systems Controls

A credit union should ensure loans are closed, funded, and boarded (entered into the credit union MIS) onto servicing, monitoring, and tickler systems in compliance with the loan’s approval terms and conditions. This is especially important for loans that benefit from some type of credit enhancement in the form of a state or federal loan guarantee. Failing to document, monitor, and service guaranteed loans in accordance with the requirements of a guarantee may result in a guarantee being rescinded, which increases risk and potential loss.

A credit union should have a loan information system that is able to handle the processing, servicing, monitoring, tracking, and reporting requirements for commercial lending. This can be challenging, as commercial loans have a wide variety of loan structures, repayment terms, schedules, and interest rate types (variable rates tied to an index that is subject to change daily). An inadequate system can result in the inaccurate calculation of interest income, billing errors, inaccurate amortization, and a credit union’s inability to process cash payments in non-accrual or collection loan situations. A credit union should have systems that can meet the needs of commercial borrowers, and can support the complexities associated with such loans.

Credit unions should ensure their MIS can handle the increased demands and complexities as portfolios grow. Deficient systems can restrict credit risk management practices. Common data integrity problems include:

• Incorrect industry codes for the type of loan granted
• Failure to accurately calculate and report delinquencies
• Incomplete or outdated information on loan participations
• Failure to archive note origination dates and amounts when a loan is renewed or modified
• Inaccurate capture of underwriting exceptions
• Lack of clear reports and reporting lines for lenders and administrative support
• Incorrect risk ratings or failure to update modified risk ratings in the system
• Incorrect payment application
• Omission of off-balance-sheet exposure

Examiners should determine the root cause of any deficiency noted during an exam, discuss findings with management, and initiate appropriate corrective actions as necessary.

Management Information Systems

Credit information can be both highly-detailed and voluminous, which adds to the complexity and difficulty of administering a large commercial portfolio. A credit union cannot manage a large portfolio (nor can oversight authorities govern such a portfolio) without a robust MIS to capture all the relevant details and allow wide-ranging analysis and reporting. Such a system helps a credit union continuously identify, monitor, and report critical information.

Oversight and governance of a commercial portfolio depends on an MIS that incorporates relevant credit-risk information. This enables a credit union’s board of directors and senior management to fulfill their respective roles. When assessing systems, examiners should determine whether users receive the right kind of information at the right time, and whether the summary results are reasonable and accurate.

Reports to senior management and the board should be more than a presentation of numbers; they should translate data into useful information and allow oversight authorities to verify aggregate risk exposures and conformity with approved limits. Reports should be analytical in nature and allow users to draw independent conclusions. For example, a report presenting the level of classified assets has limited value. Such a report becomes more useful if it includes historical information and shows the classified asset position relative to capital. Similarly, reports on numbers of exceptions to policy are not very useful, while a report on aggregate exceptions as a percentage of industry or specialized lending portfolios may signal a change in risk assumption.

Frontline lending managers have different information needs than senior management and the board of directors. Lending managers are focused on transactional as well as portfolio-level analytics. Their needs require strong systems architecture in order to generate the various management reporting required by the various user groups within the overall credit administration and risk oversight functions.

To accommodate the needs and responsibilities of each credit union board member, manager, and employee, an ideal system lets a user query, track, and aggregate all loan data fields so they can prepare both standardized and ad hoc reports on demand. The board of directors, senior management, and examiners should assess the adequacy and accuracy of the credit union’s MIS based on the size, complexity, and scope of lending activities and any planned changes in the portfolio.

As with any reliable risk-management-reporting process, the technology platform being used must be sufficiently robust and have accurate and timely data to maximize its contribution. MIS processes should ensure that relevant data can be updated periodically and that out-of-date loan information can be purged on a regular basis to ensure the MIS remains an accurate, timely, and effective risk management platform. MIS limitations or weaknesses can undermine the reliability and effectiveness of risk information. This, in turn, can compromise the board’s and senior management’s ability to fulfill their fiduciary responsibilities to monitor and manage the risk of the commercial loan portfolio. Because MIS is so integral to the management of loan administration and risk management, a credit union’s board of directors and senior management should periodically re-assess MIS adequacy. This is particularly important if a credit union is planning to introduce new loan types or transaction structures in the near term.

Data Quality

Senior management and the board need reliable, relevant, and accurate information to support strategic decision making and planning, capital reserve assessments, risk monitoring and management, and Call Report filings. While systems limitations and inaccurate portfolio-level data can lead to providing the board and senior management inaccurate or insufficient information, they are not a valid explanation or justification for inaccurate loan-level or portfolio-level data or errors.

Loans that are not properly boarded onto the loan systems result in inaccurate loan-level data. Data quality issues can result when a credit union uses incorrect codes or fails to use codes (loan type, industry, purpose or collateral), applies an incorrect interest rate or repayment terms, or otherwise uses incorrect data.

Inaccurate loan-level data results in inaccurate portfolio-level data. A credit union’s MIS should be designed to handle the institution’s commercial loan portfolio. Credit unions that use a consumer-based system may not have enough codes and data points to generate meaningful reports.

Tracking and Monitoring

Credit unions should maintain tickler systems to track and monitor expiring lien documents (such as mortgages, deeds of trust, or UCCs) to maintain and protect:

• Lien or lien position;
• Paid property taxes to avoid tax liens which, in most jurisdictions, supersede a credit union’s lien;
• Federal and state income tax filings that result in tax liens; and
• Insurance.

Failure to monitor the status of collateral and other insurance coverage can result in loan losses following a catastrophic event. Events such as fire, flood, windstorm, death, or disability of key owners or managers can disrupt or end business operations. Timely monitoring, follow-up, and corrective action concerning expired or insufficient insurance coverage is essential in mitigating loan losses following such an event.

Tickler systems should be sufficient to mitigate administrative past-dues and delinquency caused by the failure to renew a maturing loan in a timely manner. A credit union’s systems should be sufficient to identify and report maturing loans. This will help a credit union begin the renewal and underwriting process well in advance of a loan’s maturity date. The credit union should contact a borrower before a loan matures to determine the borrower’s intentions regarding the loan (to pay off, renew, seek modification, or other action). The credit union should use the advance time to complete site visits, update collateral values, obtain and analyze current operational and financial data, update lien searches, and secure necessary approvals before the loan maturity date.

Identifying changes in financial and business conditions in a timely manner is key to effective loan administration. A credit union that does not complete timely loan reviews has an increased risk of exposure from any material changes in the risk profile of the borrower and/or guarantor relationships. Proactive lenders understand that vigilant monitoring can help anticipate and address emerging problems more effectively.

A credit union should focus on changes that have occurred in a borrower’s or guarantor’s financial or operational condition, and in the market or industry in which a borrower or guarantor operates. Conditions can change over time, and they should be monitored on an ongoing basis from the time a loan is initially granted. A credit union that does not monitor and assess credit and market conditions undermines the integrity of the risk management platform. This can lead to inaccurate risk ratings.

Inaccurate risk ratings can delay and thus diminish the effectiveness of any required risk mitigation efforts. The early identification of adverse operational and financial trends allows a credit union to dedicate immediate attention to the concern(s). Early problem identification is critical, because the longer adverse trends continue, the harder it generally becomes to overcome their effects. Vigilant monitoring enables the credit union to conduct scheduled internal borrower relationship reviews and covenant compliance testing as necessary.

File Organization and Maintenance

Proper file organization and maintenance (credit, document, and collateral) are essential elements of an effective loan administration process. A credit union should maintain electronic and hard copy files in a consistent, orderly, and uniform manner, with clearly labeled sections that are easily identified. Files should be organized chronologically, and all documents should be filed when received by the credit union.

Files should be current and up-to-date during examinations, third-party reviews, and audits. When required information is not located in a loan file, or cannot be provided during an exam, the examiner should conclude the information is missing and address the issue as part of noted loan exceptions.

Filed documents vary based on the borrower and entity type, the kind of loan, and the collateral. Most sound loan programs rely, in part, on the use of various checklists, but generally include the following basic categories:

Category	Description
Loan requests	Loan approvals, presentations and analysis, underwriting, exceptions and applications
Borrower and guarantor documents	Organization documents, verification of legal status, resolutions and signing authorizations, and other borrower or guarantor specific information; financial statements and tax returns and other borrower and guarantor financial and operation data
Loan and legal documents	Promissory note, loan agreement, security agreement, guarantees, and other legal documents
Collateral and related documents	Appraisals or evaluations for personal and real property, UCCs, lien searches, environmental indemnity and/or questionnaires (if applicable), titles, collateral inspections, etc.
Insurance	Property and casualty, general liability, key-man life, title policy, flood hazard determination, etc.
Correspondence and miscellaneous	Letters, memos, emails etc.

Strong loan administration relies, in large part, on the content and organization of credit files. At a minimum, a credit union should establish written procedures that describe how files will be constructed and maintained, and that clearly specify staff and department responsibilities. Procedures should also address record retention requirements that ensure compliance with applicable federal and state laws, as well as any relevant guarantor (such as SBA and USDA regulations).

A credit union should maintain files with sufficient detail to allow any user to comprehensively review a transaction/lending relationship. The files should be sufficiently complete and well organized to facilitate a smooth transition of responsibility between lending staff should a change in lending personnel occur. The files should contain a record of all agreements and understandings between all parties in the relationship (borrower, guarantor, and lender). They should also be maintained in a safe and secure environment (whether electronic or hard copy), with access restricted to only those staff positions who need access to perform their duties. Active files should be separated from inactive files.

Internal Periodic Review

A major component of a strong loan administration program is an independent loan or credit review function. A credit union should establish written policies that govern its internal loan review. The policies should spell out the objectives, requirements, roles and responsibilities, and frequency with which reviews are conducted. Reviews should be based on current financial information. The credit union should assign accountability to appropriate staff concerning the quality and timeliness of reviews.

The review process should allow early identification of adverse financial or operational trends and detect material changes in a borrower’s operations, market, or industry. The process should require a full financial analysis consistent with the analysis completed at origination. Reviews should determine whether loans present the same level of risk as when they were originally approved. A credit union should take appropriate action when material events or items change its level of risk exposure. Reviews should be completed as frequently as necessary, but no less than once a year.

A credit union should reevaluate and reaffirm risk ratings as part of its review process. It should also review loan and collateral documents for accuracy. Collateral values should be updated and lien positions verified.

Along with requiring the timely receipt, review, and analysis of a borrower and guarantor’s financial information, a credit union’s internal loan review process should require documented site visits. Staff should also document conversations with borrowers in which material information is discussed. The loan review process should require compliance testing for financial (and any other) covenants. Covenants can help reduce potential credit losses by communicating specific thresholds for financial performance deemed necessary to maintain a borrower’s financial integrity and by triggering corrective actions if the financial integrity changes.

The loan administration role is distinctly separate from the role of the lender. The loan administration manager or credit analyst should be sufficiently experienced and confident in their knowledge of the transactions to raise material concerns and mount a credible challenge to loan officers or production staff when necessary. It is normal and acceptable to have some healthy friction between loan production and the analyst. This friction allows for a more comprehensive and independent analysis of the loan request and borrower relationship. Independence in the review process is critical in promoting and maintaining safe and sound commercial lending practices and a safe and sound commercial loan portfolio.

Independent Loan Review

Independent loan reviews are an important internal control for a credit union’s commercial loan portfolio. Periodic reviews of credit risk and risk management processes are essential for effective portfolio and program management.

An independent loan review can be performed by a separate internal department or individuals separate from the loan approval process. Credit unions generally use the services of an independent third-party loan review provider. These reviews do not replace a credit union’s own internal review process as part of the risk management process, but are essential in assessing whether a credit union’s internal risk-management process is adequate.

The objective of an independent review is to provide assurance that a credit union is following its loan policies, procedures, and processes, that the risk level of the portfolio is properly identified, and to determine if a credit union’s credit culture is consistent with the desired risk appetite and tolerances. The scope of an independent loan review should include a representational sample of loans in the existing portfolio to determine:

• The quality of underwriting
• Compliance with internal credit union policies, procedures, laws and regulations
• That loans are documented as approved and all conditions of approval are met
• Individual loan quality and accuracy of risk ratings
• Loan and collateral documentation
• Effectiveness of collection activity
• Volume and quality of workout and problem loan management
• An impairment analysis under ASC 310-10-35 and ASC 450

The scope should also go beyond transactional testing to include an evaluation of individual departments’ performance; the adequacy of a credit union’s policy and procedures; an assessment of personnel, staffing levels and needs; the effectiveness of loan administration; and of the risk management process.

To ensure the review is conducted independently, the department, third-party, or individuals that complete a review should report administratively and functionally to the board of directors or a standing committee designated by the board.

Review results should be shared with senior management and, when warranted, the board of directors. Loan review personnel should discuss all noted deficiencies and identified weaknesses, along with any existing or planned corrective actions (including timeframes for correction) with appropriate loan officers and department managers. Loan review personnel should then review the findings and corrective actions with members of senior management. All noted deficiencies and identified weaknesses that remain unresolved beyond the scheduled timeframes for correction should be promptly reported to senior management and the board of directors.

The loan review process is further discussed in NCUA Accounting Bulletin No. 06-01.

Exceptions

Identifying and approving exceptions is part of effective portfolio risk management. To meet the needs of members and communities, a credit union will occasionally approve loans outside its established internal policy or guidelines. Loans with approved exceptions are often acceptable risks, and should not be criticized solely because they are an exception. However, such loans often warrant closer-than-normal supervision. Loan approval documents should clearly identify exceptions and provide mitigants that justify a decision to grant a loan. This information should be kept in the loan file.

A credit union should establish aggregate limits for exceptions in its loan policy. Trends in exceptions should be analyzed by management and reported to the credit union’s board of directors. Tracking the aggregate level of exceptions can help a credit union detect shifts in the risk characteristics of loan portfolios. These analyses and reports allow the board and management to evaluate underwriting practices and assess the level of compliance with the general loan policy. A high volume or pattern of exceptions may signal an unintended or unwarranted relaxation of a credit union’s underwriting practices. If the volume of exceptions is high, the board of directors may be prompted to:

• Reconsider the institution’s tolerance for risk
• Revise the credit union’s general loan policy to bring it more into line with the credit union’s credit culture or current market conditions
• Place new limits on the aggregate volume of exceptions, or
• Change the type of exceptions permitted in the credit union’s loan portfolio

Exceptions pose varying degrees of risk, and their relative significance changes as portfolio composition, risk levels, and external conditions change. Over time, the analysis of aggregate exceptions will allow a credit union to correlate particular types of loan policy exceptions with a high probability of default. Portfolio managers should compare the performance of exception loans with that of loans made within policy guidelines.

Policy and Underwriting Exceptions

Policy and underwriting exceptions are conditions in approved loans that violate a credit union’s internal loan policy or underwriting guidelines. Because underwriting guidelines are the primary means by which a credit union steers lending decisions toward planned strategic objectives and maintains desired levels of risk within the portfolio, deviations from these guidelines should be well documented and justified. Policy and underwriting exceptions should be tracked, monitored, and reported to the board of directors. The level or pattern of exceptions will dictate the frequency at which they should be reported to the board of directors.

Loan and Collateral Documentation Exceptions

In most credit unions, loan administration is the control point for loan documentation. A credit union should systematically identify and document exceptions, initiate timely resolution, and ensure that documentation remains current and valid throughout the loan term. Pre-closing reviews by a lender or attorney and post-closing reviews by loan administration will likely identify most deficiencies.

Loan documentation refers broadly to the documents needed to legally enforce a loan agreement and properly analyze a borrower’s financial capacity. When a document is missing, stale, or improperly executed, it becomes an exception. Common loan documents are promissory notes, note guarantees, financial statements, collateral agreements, and appraisals. Promissory notes, guarantees, and financial statements must be properly prepared and signed. Financial statements must be received and analyzed in a timely manner by the credit union, and collateral agreements must be recorded in the appropriate jurisdiction.

Document exceptions are much easier to rectify before a loan is funded. A credit union should analyze document exception patterns to identify problems in the origination process as well as to identify officers, departments, or branch locations that need to strengthen their compliance with policies on documentation. The effectiveness of this control function should be reviewed by audit and third-party loan reviews.

Documentation exceptions can exacerbate problem loans and seriously hamper a credit union’s work-out efforts. For example, failure to ensure that financial information is received and reviewed in a timely manner can preclude the early identification of potential problems and the opportunity to give those problems immediate attention. Failure to promptly review financial information can delay the identification of covenant violations, which may jeopardize the enforceability of the loan agreement. Neglecting to renew a UCC filing can turn a secured loan into an unsecured loan.

Workpapers & Resources

The concepts and principles set forth in this section of the Examiner’s Guide were derived and adapted from guidance previously issued by the NCUA:

• Accounting Bulletin 06-01 (December 2006)
• 12 CFR Part 723, Preamble
• 10-CU-02, Current Risks in Business Lending and Sound Risk Management Practices
• ASC 310-10-35
• ASC 450

The concepts and principles set forth in this section of the Examiner’s Guide were also derived and adapted from guidance issued by other federal regulatory agencies, including:

• OCC Comptroller’s Handbook on Loan Portfolio Management. (April 1998)

Last updated October 14, 2021