X

NCUA Issues Guidance to Credit Unions on the Use of Distributed Ledger Technology

The National Credit Union Administration ("NCUA") provided guidance to credit unions on the adoption of financial technology.

In a letter to federally insured credit union ("FICU") executives, the NCUA supported the use of distributed ledger technology ("DLT") and clarified expectations regarding its use. The NCUA affirmed that it does not prohibit credit unions from implementing DLT that is "deployed for permissible activities and in compliance with all applicable laws and regulations, including applicable state laws or state supervisory authority requirements." The NCUA stated that it expects credit unions to "exercise judgment, apply sound risk-management practices. and conduct necessary due diligence when choosing a platform, product or service."

The NCUA provided a framework for FICUs to identify, assess and mitigate risks associated with DLT. The framework provides a basis for credit unions' risk assessment of DLT, and proposes that credit unions consider (i) information and cybersecurity risk, (ii) legal and compliance risk, (iii) strategic and reputational risk, (iv) liquidity risk and (v) other third-party-related risk. The NCUA recommended that credit unions evaluate DLTs "[d]epending on the characteristics of the DLT being deployed and how it is being used." The NCUA stated that FICUs should take "a comprehensive approach to risk identification, assessment and mitigation as part of the development and implementation of DLT."

The NCUA stated that FICUs' risk assessments of DLT should ensure, at a minimum:

  • the credit union's board of directors are notified "of advancements in the underlying technology" including the technology's purposes and how its use "aligns with the credit union's strategic planning objectives and approved risk tolerances";

  • use and management of the DLT complies with applicable laws and regulations;

  • there are effective risk management practices in place; and

  • there are risk assessment and audit functions in place to validate the effectiveness of risk mitigation practices.

The NCUA also cautioned that credit unions "must remain alert to new or evolving risks posed by use of an emerging technology or approach."

Primary Sources

  1. NCUA Letter: Federally Insured Credit Union Use of Distributed Ledger Technologies

Related Articles

Premium Content

Available only to Premium subscribers.

 

Join Premium

US Regulatory Intelligence combines regulatory and enforcement news, analysis, and practical work tools on an easy-to-use digital platform.

Request a Free Trial

Tags

Individuals
Todd M. Harper
Regulated Activities
Fintech
Regulated Entities
Banking Entities
Sub-Entity
Credit Unions
Body of Law
Banking Law
Jurisdiction
US - Federal
Organization
US Banking Regulators
Sub-Author
NCUA