How does your credit union handle loan applications for Board members or other officials that exceed $20,000? The regs (§701.21 (d) (4)) state that the Board is required to review and approve/deny request that aggregate to more than $20k outstanding. At what level does your Board review the details of the loan? Can this be delegated to a committee (credit, executive)? The requirement is pretty clear, we are just wondering operationally how this is done at other CUs.
I was just approached by our VP of Operations asking if I could complete some type of IRA Audit. I don't have a template and not much background knowledge of what to audit for. Can anyone provide me something to get me started?Thanks, Jeff Dubeyjdubey@michcathcu.org
We have received proposals from vendors to perform IT Security/Vulnerability Assessments and have narrowed it down to 2 finalists. The finalists are Digital Defense and Trust CC. I was wondering if anyone has used either company and your experience with them. Any responses will be much appreciated. Thanks, Daryl Holdaway
In the past we have requiredemployees to identify all accounts they own (primary or joint), and accounts of family members and close personal friends, so that the Credit Union can use system controls to restrict access to these accounts. We have a concern about requiring employees to identify account numbers of family/friends, due to member privacy and the employee's "need to know". If we do not collect that information, we cannot restrict employee access to the accounts (used to reducie potential fraud collusion).
Does anyone have an audit plan addressing UDAAP and Fair Lending Standards?ThanksJeffrey L. Dubeyjdubey@michcathcu.org
It has been my understanding that an annual, independent, audit of ACH is required by NACHA. I have outsourced this audit for the past several years. I'm now getting some push back, telling me that an independent audit is not required. What are your opinions?
Scenario - a member makes a large cash deposit into his personal account. On the same date, at another branch, a large cash deposit is made into a business account on which the previously mentioned member is one of two signers. Both transactions total more than $10,000. Is a CTR required?
Risk Management believes not because can not confirm which business owner made the deposit. However, the one member benefits from both accounts.
We are trying to determine how other credit unions perform OFAC data checks on newly established accounts. Do you perform the OFAC check before the account is opened? Within 24 Hours? May you perform the OFAC check weekly (based on a "Low" OFAC Risk Assessment)? You may email me directly @ lgreenwe@cwcu.org .Thanks for your help!Lisa Greenwell CPA, CFSA, CFE, Internal Audit, Commonwealth Credit Union
If anyone has an audit program for OREO (other real estate owned) that they are willing to share, it would be greatly appreciated! Thank you in advance.
