Exam Procedures

While there are general guidelines for sound risk management and a risk governance framework, the ideal credit union’s risk management program, standards, and risk governance framework are developed and implemented in a manner commensurate with the credit union’s size, complexity, and risk exposure. All credit unions benefit from a structured and repeatable method for identifying, assessing, measuring, monitoring, controlling, and reporting material risks. A sound credit union will match the formality and capabilities of risk management functions and oversight independence to the credit union’s circumstances.

A credit union’s risk management framework addresses the major risks present in the credit union’s business strategy and objectives with a reasonable cost-benefit balance. A judicious board of directors adopts sound risk management practices and a risk governance framework as core elements within the institution.

A sound practice for credit unions is to establish a management structure that identifies, measures, monitors, and controls the risks of its activities, and governs the process properly. Examiners gauge the effectiveness of the credit union’s risk management programs against the identified and perceived risk posture of the credit union, the ability of leadership to maintain that risk culture, and the financial strength of the credit union relative to the various and collective risk exposures.

The NCUA’s assessment of a credit union’s strategic planning and risk management practices will depend on the effectiveness of the credit union’s risk governance framework and the strength of its process to identify unique risks under normal and stressful conditions, as well as on the strength of its overall governance and internal control processes.

When assessing the quality and breadth of a credit union’s risk management practices and risk governance framework, the examiner considers:

Last updated on August 23, 2022.