Skip to main content

Federal Crop and Livestock Insurance Programs and What’s Changing in 2025

By Craig Horsch, Consultant, Young & Associates

Overview of Federal Crop & Livestock Insurance Programs

Federal Crop Insurance and Federal Livestock Insurance are supplemental insurances that cover losses which are unavoidable and caused by naturally occurring events. They do not cover losses resulting from negligence or failure to follow good farming practices related to crops and/or livestock.

Federal Crop Insurance Programs include three main programs—Price Loss Coverage (PLC), Agriculture Risk Coverage (ARC), and the Marketing Assistance Loan Program (MALP)—as well as the Whole-Farm Revenue Protection Plan 2025 (WFRP), per the USDA Risk Management Agency. These programs are briefly described below:

  • PLC Overview:

    PLC program payments are issued when the effective price of a covered commodity is less than the effective reference price for that commodity. The effective price is defined as the higher of the market year average price (MYA) or the national average loan rate for the covered commodity. PLC payments are made to owners of historical base acres and are not tied to the current production of covered commodities. Covered commodities include wheat, corn, sorghum, barley, oats, seed cotton, long- and medium-grain rice, certain pulses, soybeans/other oilseeds, and peanuts.

  • ARC Overview:

    There are two types of Agriculture Risk Coverage: Agriculture Risk Coverage–County (ARC-CO) and Agriculture Risk Coverage–Individual (ARC-IC).

    • The ARC-CO program provides income support tied to the same historical base acres—not current production—of covered commodities. ARC-CO payments are issued when the actual county crop revenue of a covered commodity is less than the county ARC-CO guarantee for that commodity.
    • ARC-IC provides income support based on a farm’s revenue from current production of covered commodities, compared with a benchmark average of that farm’s production of those commodities. However, payments are limited to a portion of the farm’s historical base acres. This page focuses on ARC-CO; the ARC-IC program has not been widely adopted.
  • MALP Overview:

    The MALP allows producers to use eligible commodities they have produced as collateral for government-issued loans. Eligible commodities include wheat, corn, sorghum, barley, oats, upland and extra-long-staple cotton, long- and medium-grain rice, soybeans and other oilseeds, certain pulses, peanuts, sugar, honey, wool, and mohair.

  • WFRP Overview:

    WFRP insurance provides coverage against the loss of revenue that you expect to earn or obtain from commodities you produce or purchase for resale during the insurance period, all under a single insurance policy. WFRP offers benefits such as:

    • A range of coverage levels from 50% to 85% to fit the needs of more farming and ranching operations;
    • Replant coverage for annual crops, except Industrial Hemp;
    • The ability to consider market readiness costs as part of the insured revenue;
    • Provisions to adjust the insurance guarantee to better fit expanding operations;
    • An improved timeline for farming operations that operate as fiscal year filers; and
    • Streamlined underwriting procedures based on the forms used for WFRP.WFRP is designed to meet the needs of highly diverse farms that grow a wide range of commodities and sell to wholesale markets. The WFRP policy was specifically developed for farms that market directly to local or regional buyers, sell through identity-preserved channels, and produce specialty crops, animals, and animal products. The amount of farm revenue you can protect with WFRP insurance is the lower of the revenue expected on your current year’s farm plan or your five-year average historic income, adjusted for growth. This represents an insurable revenue amount that can reasonably be expected to be produced on your farm during the insurance period. All commodities produced by the farm are covered under WFRP, except timber, forest and forest products, and animals used for sport, show, or as pets.It is important to understand that WFRP covers revenue produced during the insurance period. For example, if a calf weighs 800 pounds at the beginning of the insurance period and is sold at 1,200 pounds during the insurance period, the value of production will be the additional 400 pounds gained. Inventory adjustments are used to remove production from previous years and to add revenue for production that has not yet been harvested or sold.

Understanding USDA Livestock Insurance Programs

Per the USDA Risk Management Agency website, the Federal Livestock Insurance Programs are as follows:

  • Livestock Gross Margin – Cattle:

    The LGM for Cattle Insurance Policy provides protection against the loss of gross margin (market value of livestock minus feeder cattle and feed costs) on cattle. The indemnity at the end of the 11-month insurance period is the difference, if positive, between the gross margin guarantee and the actual gross margin. The LGM for Cattle Insurance Policy uses futures prices to determine both the expected and actual gross margins. Adjustments to futures prices are based on state- and month-specific basis levels. The price the producer receives at the local market is not used in these calculations.

    Eligible producers are those who own cattle in the states of Colorado, Illinois, Indiana, Iowa, Kansas, Michigan, Minnesota, Missouri, Montana, Nebraska, Nevada, North Dakota, Ohio, Oklahoma, South Dakota, Texas, Utah, West Virginia, Wisconsin, and Wyoming. Only cattle sold for commercial or private slaughter—primarily intended for human consumption—and fed in one of the eligible states are covered under the LGM for Cattle Insurance Policy.

  • Livestock Gross Margin – Dairy Cattle:

    The LGM for Dairy Cattle Insurance Policy provides protection against the loss of gross margin (market value of milk minus feed costs) on milk produced from dairy cows. The indemnity at the end of the eleven-month insurance period is the difference, if positive, between the gross margin guarantee and the actual gross margin. The LGM for Dairy Cattle Insurance Policy uses futures prices for corn, soybean meal, and milk to determine the expected and actual gross margins. The price the producer receives at the local market is not used in these calculations.

    Any producer who owns dairy cattle in the contiguous 48 states is eligible for LGM for Dairy Cattle Insurance Policy coverage. Only milk sold for commercial or private sale—primarily intended for final human consumption—from dairy cattle fed in any of the eligible states is covered under this policy.

  • Livestock Gross Margin – Swine:

    The LGM for Swine Insurance Policy provides protection against the loss of gross margin (market value of livestock minus feed costs) on swine. The indemnity at the end of the 6-month insurance period is the difference, if positive, between the gross margin guarantee and the actual gross margin. The LGM for Swine Insurance Policy uses futures prices to determine both the expected and actual gross margins. The price the producer receives at the local market is not used in these calculations.

    Any producer who owns swine in the 48 contiguous states is eligible for LGM for Swine insurance coverage. Only swine sold for commercial or private slaughter—primarily intended for human consumption—and fed in the 48 contiguous states are eligible for coverage under the LGM for Swine Insurance Policy.

 

Policy Outlook: Projected Spending Impacts of Proposed PLC and ARC-CO Changes

In light of potential 2025 farm policy changes, the article “Spending Impacts of PLC and ARC-CO in the House Agriculture Reconciliation Bill” by Schnitkey, Paulson, Coppess (University of Illinois), and Zulauf (Ohio State University), published in farmdoc daily, offers valuable insight into the budgetary and structural implications of proposed revisions to two cornerstone commodity programs: Price Loss Coverage (PLC) and Agricultural Risk Coverage at the County Level (ARC-CO).

Key Proposed Changes

Under the House Agriculture Reconciliation Bill, four primary changes to PLC and ARC-CO are proposed:

1. Statutory Reference Price Increases:

From 2025 to 2030, statutory reference prices for major program crops would increase—for example, from $3.70 to $4.10 per bushel for corn (an 11% increase), from $8.40 to $10.00 for soybeans (19%), and from $5.50 to $6.35 for wheat (15%). Similar increases are also proposed for seed cotton, rice, and peanuts (Schnitkey et al., 2025, Table 1).

2. PLC Payment Floor Adjustments:

The bill proposes new price floors for PLC payments—$3.30 for corn and $0.30 per pound for seed cotton—to limit downside price risk. These new thresholds would reduce outlays in low-price environments by capping PLC payment escalation.

3. ARC-CO Enhancements:

Changes to ARC-CO include increasing the coverage level from 86% to 90% and the maximum payment rate from 10% to 12.5% of benchmark revenue, making the program more responsive during periods of reduced revenue.

4. Loan Rate Increases:

The bill also proposes a 10% increase in the loan rates for the six largest program crops, further enhancing the income safety net (Schnitkey et al., 2025).

Budgetary and Distributional Impacts

The authors estimate that these program changes would raise federal outlays for PLC, ARC-CO, and marketing loan programs from $46.5 billion to $76.4 billion between 2025 and 2035—a 64% increase (Schnitkey et al., 2025, Table 2). However, this increase is not evenly distributed across commodities or regions:

  • Southern crops—notably peanuts, rice, and seed cotton—would see the largest increases in payments per base acre. In contrast, traditional Midwestern crops such as corn and soybeans would receive more modest increases.
  • For farms with 500 base acres, estimated average annual payments under the proposed changes would be:

This disparity stems from differences in statutory reference prices across crops. Southern crops historically have higher relative reference prices, leading to larger government payments—an imbalance that would be widened under the proposed bill (Schnitkey et al., 2025).

Political and Policy Implications

To fund these increased outlays, the House Agriculture Committee is proposing spending reductions from the Nutrition Title, particularly the Supplemental Nutrition Assistance Program (SNAP). This cost-shifting pits agricultural and nutrition interests against each other and introduces politically sensitive trade-offs that could impact the outcome of future Farm Bill negotiations (Schnitkey et al., 2025).

Why This Matters

For agricultural lenders and risk managers, particularly those serving Midwestern crop producers, the proposed updates could affect the farm income landscape, collateral valuations, and overall credit risk. Although support increases are significant for crops like rice and peanuts, the more moderate gains for corn and soybeans mean Midwest producers may see less benefit from the bill in its current form. Understanding the potential outcomes of these policy shifts can help financial institutions refine their risk assessments and prepare clients for what lies ahead.

Staying Ahead in a Changing Agricultural Risk Landscape

As federal crop and livestock insurance programs evolve—and legislative proposals like those in the 2025 House Agriculture Reconciliation Bill signal substantial shifts in farm subsidy distribution—lenders must be prepared to navigate increased complexity in agricultural credit risk. From changes in PLC and ARC to adjustments in federal loan programs and WFRP, these developments have direct implications for borrower cash flow, collateral valuation, and overall lending strategy.

For financial institutions serving agricultural clients, now is the time to reassess risk management frameworks, update lending practices, and evaluate credit exposures in light of these changes.

Young & Associates has deep expertise in agricultural lending and credit risk analysis. Our team can help your institution proactively adapt, with services that include portfolio review, credit risk management consulting, and tailored support for ag-specific lending challenges. Whether you’re seeking to strengthen underwriting processes or prepare for policy-driven shifts in borrower performance, we’re here to help you respond with confidence.

Explore our lending and credit risk consulting services to learn how we can support your institution’s success in this evolving environment.

 

References

Coppess, J., C. Zulauf, G. Schnitkey, N. Paulson and B. Sherrick. “Reviewing the House Agriculture Committee’s Reconciliation Bill.” farmdoc daily (15):89, Department of Agricultural and Consumer Economics, University of Illinois at Urbana-Champaign, May 14, 2025. Permalink

Kalaitzandonakes, M., B. Ellison, T. Malone and J. Coppess. “Consumers’ Expectations about GLP-1 Drugs Economic Impact on Food System Players.” farmdoc daily (15):49, Department of Agricultural and Consumer Economics, University of Illinois at Urbana-Champaign, March 14, 2025. Permalink

Schnitkey, G., N. Paulson, C. Zulauf and J. Coppess. “Price Loss Coverage: Evaluation of Proportional Increase in Statutory Reference Price and a Proposal.” farmdoc daily (13):203, Department of Agricultural and Consumer Economics, University of Illinois at Urbana-Champaign, November 7, 2023. Permalink

Schnitkey, G., C. Zulauf, K. Swanson, J. Coppess and N. Paulson. “The Price Loss Coverage (PLC) Option in the 2018 Farm Bill.” farmdoc daily (9):178, Department of Agricultural and Consumer Economics, University of Illinois at Urbana-Champaign, September 24, 2019. Permalink

Schnitkey, G., N. Paulson, C. Zulauf and J. Coppess. “Spending Impacts of PLC and ARC-CO in House Agriculture Reconciliation Bill.” farmdoc daily (15):93, Department of Agricultural and Consumer Economics, University of Illinois at Urbana-Champaign, May 20, 2025. Permalink

OFAC Extends Record Retention Requirements

By Veronica Madsen; Consultant, Young & Associates

On March 21, 2025, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) published its final rule to adopt the interim final rule extending certain recordkeeping requirements from five to 10 years. This extension is consistent with the statute of limitations for violations of certain sanctions administered by OFAC and became effective on the date of publication in the Federal Register.

The final rule also extended the period during which civil monetary penalties may accrue for late filing of reports required to be submitted to OFAC (e.g., blocked property and reject reports or reporting required under specific licenses), from five years to 10 years. The potential penalty amounts did not change.

The changes stemmed from the 21st Century Peace through Strength Act (Public Law 118-50), signed into law on April 24, 2024, which extended the statute of limitations for civil and criminal violations of the International Emergency Economic Powers Act (50 U.S.C. 1701), and the Trading with the Enemy Act (50 U.S.C. 4301), from five years to 10 years.

OFAC published an interim final rule on September 13, 2024, and requested public comment. Despite the concern financial institutions needed more time to acquire additional resources and storage capacity, and to adjust their current recordkeeping practices to conform to the new recordkeeping requirements, OFAC finalized the rule as written due to the length of time provided since the law was passed.

What Records Must Be Retained Longer?

Under the Federal Financial Institutions Examination Council (FFIEC) BSA/AML Examination Manual, transactions subject to the extended record retention requirement relate to the full and accurate record of each rejected transaction, including all reports submitted to OFAC. For blocked property (including blocked transactions), records must be maintained for the period the property is blocked and for 10 years after the date the property is unblocked.

How Should Banks Prepare for this Change?

Because the rule became effective upon publication, banks that have not already prepared for this change should ensure their systems are updated to retain these documents longer; policies, procedures and the OFAC risk assessment are amended to reflect the new retention requirement and extended risk of penalties associated with late filings; prepare or amend training content; and prepare for potentially increased compliance costs.

Conclusion

Navigating this kind of regulatory shift can feel overwhelming, especially when it demands swift operational changes and long-term strategic planning. That’s where Young & Associates can help. Our compliance experts are ready to assist with updating your OFAC programs, reviewing risk assessments, and supporting your team in building a sustainable, compliant approach to record retention. Contact us today to ensure your institution is fully prepared for this new 10-year horizon.

Credit Unions: Prepare for Increased Cybersecurity Exam Scrutiny in 2025

By Mike Detrow, CISSP; Director of IT & IT Audit, Young & Associates

Is Your Credit Union Ready for Stricter NCUA Cybersecurity Examinations?

There have been some signals over the past few years that the NCUA is focusing more attention on cybersecurity and may be increasing scrutiny in this area during upcoming exams. In this article, I will identify these signals and also provide steps that credit unions can take to prepare for this potential in their next exam.

Looking back at the NCUA’s Letters to Credit Unions from January 2022 through present, we see the following regarding cybersecurity:

  • January 2022: The NCUA continues to develop updated information security examination procedures
  • January 2023: The NCUA will continue to have cybersecurity as an examination priority
  • January 2024: The NCUA will continue to prioritize cybersecurity as a key examination focus
  • October 2024: The NCUA provided the following reporting statistics regarding the cyber incident response notification rule: “From September 1, 2023, the effective date of the NCUA’s cyber incident notification rule, through August 31, 2024, federally insured credit unions reported 1,072 cyber incidents. Seven out of ten of these cyber incident reports were related to the use or involvement of a third-party vendor.”
    • This letter also identifies the following four key focus areas for boards of directors:
      • Ongoing cybersecurity education for the board of directors and credit union employees
      • Approval of a comprehensive information security program that includes risk assessments, security controls, and incident response plans and is reviewed and updated at least annually
      • Oversight of operational management
      • Ensuring that an effective incident response plan is in place and includes specific requirements
  • January 2025: Cybersecurity remains a top supervisory priority and the NCUA urges each credit union’s board of directors to prioritize cybersecurity as a top oversight and governance responsibility

What Do These Trends Mean for Credit Unions?

While the NCUA has identified cybersecurity as an examination focus area or priority in their supervisory priority statements for 2023, 2024, and yet again for 2025, the key information that identifies the potential for a more significant regulatory change is identified in the October 2024 letter. This letter states that 1,072 cyber incidents were reported over a one-year period and that seven out of ten of these incidents were related to the use or involvement of a third-party vendor.

While the information provided does not include any details about the severity of these incidents or how many may be attributed to a single vendor or single credit union, it would be hard for this number of reported cyber incidents not to get the attention of examiners and credit union management when it averages out to nearly three incidents per day. At a minimum, these statistics identify the need for better oversight of vendors by credit unions and potentially regulators. It also indicates that approximately 320 of the reported cyber incidents were not specifically attributable to the use or involvement of a vendor, which points to potential deficiencies in cybersecurity controls at the affected credit unions.

How Credit Unions Can Prepare for 2025 Cybersecurity Exams

The identification of key focus areas for boards of directors in the October 2024 letter is also noteworthy. This spells out specific recommendations for a credit union’s training program, information security program, oversight of operational management, and the incident response plan.

The recommendations for the oversight of operational management are very specific and include the following:

  • Set clear expectations regarding the due diligence of third-party vendors with respect to information security
  • Ensure that cybersecurity is a core value within the credit union and influences decision-making
  • Provide access to cybersecurity expertise and an adequate budget for the appropriate cybersecurity technologies and tools
  • Place an emphasis on vulnerability management, patch management, application and website whitelisting and blacklisting, and threat intelligence
  • Engage external parties with appropriate expertise to conduct audits of the cybersecurity program
  • Establish a framework for ongoing reporting of the status of the cybersecurity program including risk assessments, risk management and control decisions, service provider arrangements, results of testing, and any recommended changes to the program
  • Protection of data backups including secure storage and other controls to protect from ransomware as well as periodic testing to verify the recoverability of data
  • Ongoing training for members to promote sound cybersecurity practices

This is a potential indication that there will be more regulatory focus on evaluating the effectiveness of the board’s cybersecurity oversight and additional efforts to hold the board accountable if it does not take steps to promote cybersecurity as a core value within the credit union to mitigate potential cybersecurity threats.

How Should Credit Union Leaders Prepare?

The board of directors and senior management should ensure that each of the recommendations identified in the October 2024 Board of Director Engagement in Cybersecurity Oversight (24-CU-02) letter is put into practice at the credit union. While some credit unions may have internal resources to help with this process, many credit unions will benefit from having an independent consultant review their information security program, policies and procedures, incident response plan, vendor management practices, and technical security controls to identify areas for improvement to comply with the NCUA’s recommendations. The consultant can then provide templates and other resources for management to use to implement the recommended improvements, or the consultant can be engaged to assist the credit union with the implementation of the recommended improvements.

How can Young & Associates Help?

Young & Associates offers the following services to both evaluate and improve your cybersecurity program and security controls by identifying weaknesses and assisting with corrective actions to help you better protect your credit union from current cybersecurity threats.

  • IT Audits
  • Internal and External Vulnerability Assessments
  • Internal and External Network Penetration Testing
  • Social Engineering Tests
  • Policy templates, including an Incident Response Plan designed specifically for credit unions
  • Cybersecurity Program Development

For more information about our cybersecurity consulting services, contact us today.

Incorporating Core Competencies into Performance Reviews

A Strategic Approach for Organizational Success

By Clarissa Sinchak, PHR; Director of HR, Young & Associates

It is widely known that performance reviews are key to how your organization can measure individual and, ultimately, company-wide growth and success. Performance reviews are not just about measuring what employees have accomplished throughout the year but are also created to identify opportunities to grow, develop, and achieve their full potential through meaningful and intentional conversations with their managers. Additionally, they offer a chance to recognize achievements, identify areas for improvement, and set future goals and objectives. However, the real power of performance reviews is evident when core competencies are strategically aligned with your company’s goals. In doing so, it ensures that individual employee contributions are recognized and directly tied to the mission and vision of the organization, ultimately fostering a purpose-driven workforce.

What Are Core Competencies?

In today’s competitive business world, organizations must possess specific strengths to separate themselves from the competition to guarantee long-term success. These strengths, also known as core competencies, are the organization’s established foundational knowledge, skills, defining products, services, and capabilities that give a business an advantage over its competitors, ultimately driving its growth. These are behaviors and skills that employees in your company often either inherently possess or aim to develop over time to achieve their personal goals and perform well in their roles.

When core competencies are clearly defined and communicated, it also helps ensure that all employees can see a direct connection to the organization’s mission, promoting a more significant commitment and greater individual contributions. By aligning core competencies with organizational goals, business leaders can ensure that employees prioritize the desired behaviors and work habits that contribute to them.

Some common examples of core competencies might include, but are not limited to:

  • Initiative
  • Decision-Making
  • Teamwork
  • Communication
  • Adaptability
  • Client Service
  • Technical Job Knowledge
  • Interpersonal Skills
  • Integrity

How To Develop Your Organization’s Core Competencies

Developing core competencies within your organization requires deliberate thought, strategic alignment with the company’s long-term goals, and a commitment to continuously improving. Business leaders should take a systematic approach when incorporating core competencies into the performance review processes.

Defining the Organization’s Mission & Goals

First, developing core competencies begins with understanding the organization’s purpose and aspirations, so business leaders should clearly define this in addition to their goals. Once this is achieved, they should openly communicate their strategy to the employees to create buy-in and to gain an overall understanding. A clearly articulated company vision is the basis for identifying the areas where the organization must excel. Transparency in communication by the leaders ensures that the core competencies are focused on capabilities that directly contribute to the company’s competitive positioning.

Identifying Strengths & Gaps in Current Capabilities

A second essential step in creating core competencies is identifying your company’s strengths and gaps. Leaders can evaluate and analyze current skills, resources, and processes by working with human resources to conduct an internal assessment. This analysis highlights areas of expertise within the organization and exposes any opportunities for improvement. Understanding your organization’s current state makes it easier to create development initiatives in the areas that guarantee the most significant value.

Fostering a Culture of Learning & Development

A third key step in developing core competencies is promoting a workplace culture that prioritizes learning and development for employees at all levels of the organization. Investing in their growth is imperative because employees are fundamental to any company’s success. When training programs, mentoring, and knowledge-sharing programs are offered, employees will be empowered to build expertise in the company’s defined core competencies. Promoting open and ongoing communication, recognizing achievements, and encouraging accountability ensures employees work towards the same objectives.

Continuously Evaluating & Adapting Competencies

Lastly, it is essential to note that core competencies require continuous modification and evaluation as your company’s goals progress over time. For example, the market might change, client expectations might evolve, and competitors undoubtedly will vary over time. Therefore, evaluating and monitoring your core competencies and considering these potential changes is critical. Continuously assessing the effectiveness of these core competencies within performance reviews while simultaneously benchmarking against your industry’s standards is essential to guarantee that they remain relevant and have a desired impact. This creates a consistent and ongoing framework for evaluating employee contributions, making reviews transparent and predictable while reinforcing the organization’s core values and priorities.

In summary, establishing core competencies within your organization is a significant undertaking that combines internal strategy and alignment while focusing on developing your employees to set them up for success. Companies that can build and maintain these core competencies position themselves to grow and thrive. By incorporating core competencies into performance reviews, companies will see an uptick in employee engagement and the desire to increase their productivity to enable the organization to propel forward.

2025 Begins with a Normal Yield Curve – But Where is the Risk?

By Michael Gerbick; President, Young & Associates

On Wednesday, January 29, 2025, Jerome Powell and the Federal Open Market Committee (FOMC) decided to maintain the target range for the federal funds rate at 4.25 – 4.50 percent after three successive cuts totaling 100 bps in September, November, and December. There continues to be heightened attention and focus on the yield curve, and for valid reasons, as the curve’s shift has been dramatic in recent years.

The chart below shows the yield curve at five different points in time from January 2022 to Tuesday, February 18, 2025. The shape of the curve has gone from normal to inverted and now back to normal. Looking at a few different US Treasury Bond maturities over the last 14 months, you can see the one month yield has decreased over 120 bps and the 20 year has increased over 60 bps! Each rate curve shape and elevation imply different opportunities for your balance sheet. A more asset-sensitive and positive gap on a balance sheet may be more attractive for earnings in the short term and helpful when the Fed was raising rates in 2022 and 2023.  A more liability-sensitive and negative gap on a balance sheet may be more attractive for earnings in the short term as the Fed reduces rates. Your ALCO is likely well-versed in these shifts and has been managing these drastic movements and their impact on the Bank’s overall strategy.

The normal yield curve indicates improved expectations for economic growth in the years ahead. That said, there is also caution for inflation. When the Fed began rate reductions, there were discussions regarding more cuts totaling 100 bps by year end 2025, then these ambitious views have shortened to perhaps two cuts of 25 bps each. The yield curve is still elevated from what it was several years ago and the Fed Funds rate is higher than the previous cycle’s peak of 2.25 – 2.50 percent in 2018-2019. The consumer is more savvy than they were at that time as well.

At the end of 2024, we spent time interviewing some of our community banker colleagues to gain a pulse on what they are talking internally about in their ALCO meetings concerning interest rate risk. As expected, there is an overall sense of relief to have a normal yield curve instead having to manage to the inverted one of recent years. There is still an overall sense of caution headed into 2025 for many reasons, with two key factors briefly discussed in the following sections.

Cost of Deposits

Community banks may not realize the full impact of the Fed’s rate reduction in their cost of deposits. Given the continued elevated competition for deposits and the more savvy consumer, community banks may find their deposit rate offering slower to adjust than the Fed’s rate movements and some may see their interest expense actually increase in 2025. There may also be migration to more longer term duration CDs (movement from less than 6 months to 1 year or more). Yes, longer term CDs will keep the deposit costs higher than non-maturity but will create welcomed funding stability for the bank. Continued focus on the bank’s deposit makeup and shifts are necessary. Staggering the CD maturities will be critical for community banks to manage this new environment so as to maintain adequate liquidity levels as CDs mature and consumers make a choice to reinvest, migrate to shorter term or perhaps withdraw their funds.

Investments

Many investments were made by community banks with PPP funds and other excess liquidity in a low rate environment back in 2021. The Fed raised rates 550 bps and many of those investments contributed to a significant amount of unrealized loss. Now, the Fed cut rates 100 bps and the yield curve is no longer inverted. The rates are still elevated and there are still a significant amount of investments on community banks’ balance sheets with unrealized losses. The chart below shows the fair value of investment portfolio expressed as a percent of the amortized cost of the investment portfolio over the last four years for commercial banks.

You can see all three asset sizes over the last four years have a similar trend line. Consider a bank having $100MM in their security portfolio, it is likely its portfolio is currently $7-$10MM underwater. This changes each day as these investments continue to reprice and mature over time.  As they do, bank management is faced with how best to serve its bank either in reinvesting short-term or long-term within their investment portfolio or funding higher yielding loan growth opportunities. Each has liquidity and capital implications that must be considered.

Conclusion

Community banking is resilient and the conversations with community bankers reveal their drive to prepare and plans for managing risk in 2025 and beyond. ALCO and Boards of Directors should continue their sharp focus on managing interest rate risk.  If the deposit competition is fierce for your Bank and interest expense in 2025 is expected to be elevated, then focus on what is within your bank’s control. On the asset side of the balance sheet, consider paying attention to the loan and investment portfolios and when they are repricing, what additional loan fee income can be generated, revisiting discussions and confirming the types of loans the bank is comfortable making.

When considering interest rate risk, confirm your bank’s risk profile and always remember to stay within the Board approved risk parameters. Your bank’s balance sheet may have experienced significant change away from a neutral risk position given the economic environment in recent years. If you have found your bank is outside the risk parameters, discuss strategies with your Board that are designed to get the bank back within acceptable risk thresholds.  Always be clear with the Board on expectations and inform them we may not be able to fix this overnight.  One banker said it best when providing advice for community bankers trying manage the interest rate risk of the bank, “Always manage the bank’s IRR to a better position, even if getting to that position takes years …don’t get ahead of your skis and try to do it all in one day.”

Lastly, thank you to those community bankers that spent their time discussion IRR and sharing their insights in the interest of helping other community bankers.

If you’d like to hear more about our ALM services, specifically interest rate risk and liquidity risk reviews, please reach out as we would be happy to discuss and assist.

Compliance – 2025 & Beyond

By Bill Elliott, CRCM; Director of Compliance Education, Young & Associates

Over the last few years we have dealt with changes to regulation, followed by lawsuits, followed by resolution (in some cases).

The original intent of the CFPB was to have a governmental department that was independent of the rest of the federal government. The leader of the CFPB. would not be a political appointment. For good or ill, that has changed due to decisions by the Supreme Court. As a result, this agency has become part of each administration, and experiences changes in direction based on the results of elections.

Some of the discussion below includes other agencies, as they are part of the same trend.

CRA

The new CRA rule was published and was due to be implemented in part last year. However, there is a lawsuit  pending, challenging the regulation. That lawsuit still has not reached the resolution stage, and all federal regulators have said publicly that they are going to follow the old CRA regulation until resolution occurs.

The intent of the new CRA regulation was to try to take as much examiner judgment out of the rating system as possible, with the result of fairer reviews for banks. While an excellent goal, I am not sure that the pending regulation accomplishes this. In any event, all banks and regulators will follow the existing regulation until the court battles have concluded. The CFPB is not part of the new CRA rule, just the primary regulators, but this is part of the same trend.

Beneficial Ownership

Congress passed the Corporate Transparency Act requiring that beneficial ownership information be collected by the federal government. That process began in 2024, and required your smaller commercial customers to share a lot of information with the federal government.

The federal government said that compliance was actually going well. But late in 2024, once again in response to a lawsuit, everything ground to a halt. Your customers who have not yet complied may have to comply at some point in the future, and are welcome to comply now, but currently do not have to comply.

The lawsuit generally is regarding  the issue of whether a law such as this could be passed by Congress in the first place. We do not know where it will go from here, and because of the issue, we may have to wait for the Supreme Court to rule on it. Another example of the current environment.

1071

1071 (Regulation B, Subpart B)  is perhaps the regulation that will create the greatest problems for banks and their customers. Although implementation is a year or more in the future for many banks, the current regulation will be considered invasive by your customers. Amongst other things, the regulation requires banks to ask small business owners their sexual preferences, orientations, etc. Many of your customers will consider this none of the government’s business. And this particular information is not required under the Dodd Frank Act.

While a small business owner could be discriminated because of their LGBTQ+ status, we would hope that that would not happen. This is a rule with good intentions, however, the approach in  the regulation will create more difficulties for banks and their small commercial  customers than we would like. We will see what happens with the change in administration and CFPB leadership.

Conclusion

There are other rules pending. For instance, privacy is becoming a bigger and bigger issue as we get more and more electronic. These sorts of regulations are probably going to be useful. but we will have to wait and see how the final regulations read, and then maybe wait through lawsuits once again.

A regulatory environment that was less chaotic would be better for all of us, but that does not appear to be something that we can count on. Enjoy the ride.

In this ever-changing environment, having a knowledgeable compliance partner is essential. At Young & Associates, we specialize in helping financial institutions interpret, implement, and manage compliance requirements with confidence. Whether you need regulatory guidance, risk assessments, or compliance program reviews, our team is here to support you.

Reach out to Young & Associates today to discuss your compliance needs and ensure your institution is prepared for the road ahead.

Checking Your BSA Program Is More Important Than Ever

By William J. Showalter, CRCM; Senior Consultant, Young & Associates

Over the past year, we have seen at least 27 Bank Secrecy Act (BSA) enforcement actions from an array of financial institution supervisory agencies.  Banks of all sizes, including community banks, continue to be hit with cease and desist (C&D) orders, formal agreements, consent orders, and even civil money penalties (CMP).  Five of these actions involved monetary penalties of some sort totaling nearly $4 billion – all but about $109 million coming from one case with four federal agency actions against one bank, and one $100,000 CMP imposed against an individual for BSA noncompliance.  These enforcement actions remind us that even community banks and thrifts must have thorough and well-managed BSA compliance programs.

The enforcement actions do not spell out specifics of what the agencies found at each institution, but they do give us important insights into what the regulators will expect during your next BSA compliance exam.

Community banks should evaluate their BSA compliance programs in light of the corrective actions that these institutions are required to take.

Another important issue that financial institution management should remember is that the USA PATRIOT Act made BSA compliance as important as Community Reinvestment Act (CRA) compliance in getting an application approved.  The act adds BSA as a factor for consideration in merger transactions. The agency must take into consideration “the effectiveness of any insured depository institution involved in the proposed merger transaction in combating money laundering activities.”  This means that banks and thrifts must have more than a written BSA program.  They must be able to demonstrate that the program works.

BSA Compliance Programs

All insured banks and thrifts are required to develop, administer, and maintain a program that assures and monitors compliance with the BSA and its implementing regulations, including recordkeeping and reporting requirements. Such a program can help protect a bank against possible criminal and civil penalties and asset forfeitures.

At a minimum, a bank’s internal compliance program must be written, approved by the board of directors, and noted as such in the board meeting minutes. The program must include at least the following elements:

  • A system of internal controls to assure ongoing compliance
  • Independent testing of compliance
  • Daily coordination and monitoring of compliance by a designated person
  • Training for appropriate personnel
  • Risk-based customer due diligence/beneficial ownership procedures

Internal Controls

Senior management is responsible for assuring an effective system of internal controls for the BSA, including suspicious activity reporting, and must demonstrate its commitment to compliance by:

  • Establishing a comprehensive program and set of controls, including account opening, monitoring, and currency reporting procedures
  • Requiring that senior management be kept informed of compliance efforts, audit reports, identified compliance deficiencies, and corrective action taken – to assure ongoing compliance
  • Making BSA compliance a condition of employment
  • Incorporating compliance with the BSA and its implementing regulations into job descriptions and performance evaluations of bank personnel

Independent Testing of Compliance

The bank’s internal or external auditors should be able to:

  • Attest to the overall integrity and effectiveness of management systems and controls, and BSA technical compliance
  • Test transactions in all areas of the bank with emphasis on high-risk areas, products, and services to assure the bank is following prescribed regulations
  • Assess employees’ knowledge of regulations and procedures
  • Assess adequacy, accuracy, and completeness of training programs
  • Assess adequacy of the bank’s process for identifying suspicious activity

Internal review or audit findings should be incorporated after each assessment into a board and senior management report and reviewed promptly.  Appropriate follow up should be assured.

Regulators increasingly expect the BSA audit or testing program to also include these elements:

  • Confirmation of the integrity and accuracy of management information reports used in the AML compliance program
  • Overall integrity and effectiveness of the program
  • Evaluation of management’s efforts to resolve violations deficiencies
  • Evaluation of the effectiveness of the suspicious activity monitoring systems
  • Review of the BSA risk assess­ment for reasonableness given the bank’s risk profile

BSA Compliance Officer

A bank or thrift must designate a qualified bank employee as its BSA compliance officer, who has day-to-day responsibility for managing all aspects of the BSA compliance program and compliance with all BSA regulations.  The BSA compliance officer may delegate certain BSA compliance duties to other employees, but not compliance responsibility.

The bank’s board of directors and senior management must assure that the BSA compliance officer has sufficient authority and resources – time, funding, staffing – to administer effectively a comprehensive BSA compliance program.  And, the BSA officer must have a direct reporting channel to the board of directors.

Board of Directors

The board must ensure that it exercises supervision and direction of the BSA/AML program.  This involves making sure that the institution develops sound BSA/AML policies, procedures, and processes that are approved by the board and implemented by management.  The board also has to ensure that the bank maintains a designated BSA officer with qualifications commensurate with the bank’s situation.  As noted above, the BSA officer must report directly to the board and be vested with sufficient authority, time, and resources.  The board must provide for an adequate independent testing of BSA/AML compliance.  The board should bear in mind that it has the ultimate responsibility for the institution’s BSA compliance.

Training

Financial institutions must ensure that appropriate bank personnel are trained in all aspects of the regulatory requirements of the BSA and the bank’s internal BSA compliance and anti-money laundering (AML) policies and procedures.

An effective training program includes provisions to assure that all bank personnel, including senior management, who have contact with customers (whether in person or by phone), who see customer transaction activity, or who handle cash in any way, receive appropriate training.  Board members also need to receive regular BSA/AML training, though at a much higher level with less detail than institution line employees.

The training needs to be ongoing and incorporate current developments and changes to the BSA, AML laws, and agency regulations.  New and different money laundering schemes involving customers and financial institutions should be addressed.  It also should include examples of money laundering schemes and cases, tailored to the audience, and the ways in which such activities can be detected or resolved.

Another focus of the training should be on the consequences of an employee’s failure to comply with established policy and procedures (e.g., fines or termination).  These programs also should provide personnel with guidance and direction in terms of bank policies and available resources.

Beneficial Ownership Procedures

The beneficial ownership rule contains three core requirements:

  • Identifying and verifying the identity of the beneficial owners of companies opening accounts
  • Understanding the nature and purpose of customer relationships to develop customer risk profiles, and
  • Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information

A beneficial owner is an individual who owns more than 25 percent of the equity interest in a company or is the single individual who exercises control.  Also subject to these requirements is the one person who has control of each legal entity customer.

Beyond the Basics

BSA enforcement actions continue to raise the bar for all financial institutions.  BSA compliance programs must meet additional standards in order to be considered adequate to meet the ever-evolving challenges that arise over time.

  • Customer due diligence (CDD). Verifying a customer’s name, address, date of birth and identification number will satisfy the basic BSA customer identification requirements.  However, these four pieces of information will not be enough to help an institution deter­mine a customer’s typical account activity.  The recent C&D orders make clear that regulators expect community bank managers to use information collected as part of the institution’s CDD process to predict the type, dollar amount, and volume of transactions that a customer is likely to conduct.  This expectation goes beyond the new beneficial ownership rule to extend CDD expectations to the broader customer base.Several institutions subject to the recent round of enforcement actions were directed to develop specific procedures to describe how the institu­tion will conduct customer due diligence.  As computer and software technology has improved, regulators have come to expect small and large banks to gather and review information about the normal range of a customer’s banking activities.  They view the CDD processes and analysis as providing the framework that enables institutions to comply with suspicious activity reporting requirements.
  • Account & transaction monitoring. A number of institutions that received the most recent orders did not have adequate, or any, procedures for detecting and reporting suspi­cious activities. The enforcement actions make clear that community banks must specify in writing how the institu­tion will analyze and use customer information to detect suspicious activities.  As this area gets more complex, it becomes more difficult to try to maintain an adequate suspicious activity monitoring regimen without some form of automated monitoring.

Conclusion

The costs of being subject to an enforce­ment action go beyond extra regulatory scrutiny in subsequent examinations.  Institutions under the latest round of actions must report the enforcement action in communications with their shareholders and spend significant sums of money to hire outside consultants to train employees, audit the revised BSA programs and backfile required reports.  They also must submit planned actions to the regulators involved for prior approval, as well as report regularly (usually quarterly) on their progress in remediating the deficiencies that led to their particular enforcement action.

An interagency BSA enforcement policy statement clarifies that formal enforcement actions will not be issued for minor BSA infractions.  These enforcement actions are levied against financial institutions – including community banks – with significant breakdowns in their BSA compliance systems.  The consent and other orders illustrate that all banks are ex­pected to have very specific procedures for how they will collect customer information, predict customer account ac­tivity, utilize transaction monitoring reports, and train and manage employees with BSA-related responsibilities.

Be sure that you are not an object lesson for your banking fellows.  If we can help, contact us today.

The Future of Mortgage Loan Buybacks

Mitigating Repurchase Risk Before It’s Too Late

By Donald Stimpert, Manager of Secondary Market QC, Young & Associates

Understanding the Rising Risk of Loan Buybacks

The secondary mortgage market is evolving rapidly, and with it, lenders face increasing pressure to maintain strict quality control (QC) standards. Loan buybacks—once considered an occasional risk—have become a growing concern as investors, government-sponsored enterprises (GSEs), and regulatory bodies scrutinize loan origination and underwriting processes more closely.

Recent economic uncertainty, fluctuating interest rates, and regulatory changes have only amplified repurchase risks, making it imperative for financial institutions to adopt proactive strategies to mitigate potential buybacks before they impact profitability.

Why Are Mortgage Buybacks Increasing?

Several factors contribute to the rise in loan repurchase demands, including:

1. Heightened Investor Scrutiny

With a more volatile lending environment, investors and GSEs such as Fannie Mae and Freddie Mac are intensifying post-closing reviews to identify underwriting errors, miscalculations, and misrepresentations.

2. Rising Interest Rates and Loan Performance Issues

As interest rates climb, borrowers with recent mortgages may be at a higher risk of delinquency. A worsening performance trend in loans increases investor caution, leading them to revisit underwriting quality and enforce buybacks when defects are found.

3. Evolving Regulatory Standards

The Consumer Financial Protection Bureau (CFPB) and other regulators continue to refine lending requirements, particularly around fair lending, borrower income verification, and compliance with TRID (TILA-RESPA Integrated Disclosure) rules. Lenders who fail to maintain strict adherence to these standards may see increased buyback requests.

4. Defect Trends in Loan Underwriting

Recent QC reports indicate a surge in defects related to:

  • Income calculation errors
  • Debt-to-income (DTI) miscalculations
  • Missing documentation
  • Undisclosed liabilities
  • Misrepresentation of borrower information

Even minor discrepancies can trigger a repurchase demand, highlighting the need for enhanced QC measures.

Strategies to Minimize Repurchase Risk

To reduce exposure to loan buybacks, lenders must strengthen their QC frameworks and proactively address risk areas before loans reach the secondary market.

1. Strengthen Pre-Funding and Post-Closing QC Reviews

Implementing a robust pre-funding QC process helps catch potential defects before loans are sold, significantly reducing repurchase risk. Post-closing audits should be conducted consistently, ensuring that any issues are corrected before investor scrutiny.

2. Enhance Data Validation and Borrower Verification

Investors are increasingly focused on data integrity. Lenders must adopt advanced verification tools to cross-check borrower information, income, employment history, and undisclosed debts, minimizing the risk of fraud and errors.

3. Implement Targeted Sampling for QC Reviews

Rather than relying solely on random sampling, lenders should integrate risk-based QC sampling that focuses on high-risk loan categories, such as self-employed borrowers, non-traditional income sources, or jumbo loans.

4. Maintain Open Communication with Investors and GSEs

Establishing proactive dialogue with investors, servicers, and GSEs can help lenders identify evolving QC expectations and regulatory shifts, allowing them to adjust policies before issues escalate into buyback requests.

5. Conduct Regular Staff Training and Compliance Refreshers

Underwriting and QC staff should receive continuous training on updated investor guidelines, industry best practices, and regulatory changes. Well-informed teams are less likely to overlook critical details that lead to defects.

A More Proactive Approach to Mortgage QC

The risk of loan buybacks is unlikely to disappear, but financial institutions that take a proactive approach to mortgage quality control will be better positioned to minimize losses, maintain strong investor relationships, and protect their bottom line.

By integrating technology-driven audits, enhanced borrower validation, and risk-based QC sampling, lenders can significantly reduce repurchase exposure and navigate the evolving secondary market with confidence.

Is your institution prepared to mitigate repurchase risk? Young & Associates offers customized Mortgage QC solutions designed to enhance your quality control processes and protect your loan portfolio. Contact us today to learn how we can help safeguard your secondary market loan sales.

Key Insights from CFPB Supervisory Highlights, Winter 2024

As the regulatory environment continues to evolve, the CFPB’s latest Supervisory Highlights offer crucial insights for financial institutions navigating an increasingly complex landscape. Issue 37 shines a spotlight on deposit operations, credit furnishing practices, and the burgeoning short-term lending market, while also addressing significant enforcement actions and new rules. Here’s what community banks need to learn—and act on.


Overdraft Fees: A Continuing Challenge

For years, overdraft and non-sufficient funds (NSF) fees have drawn regulatory scrutiny. This issue of Supervisory Highlights confirms that some practices—such as re-presentment NSF fees and Authorize-Positive Settle-Negative (APSN) overdraft fees—remain problematic. Despite progress, core processors often set fee structures to charge these fees by default unless institutions actively intervene.

Takeaway for Community Banks
It’s time to re-evaluate fee structures. Ensure that your core processor’s systems are configured to align with updated regulatory expectations. Educate staff and consumers about these changes to build trust and avoid regulatory pitfalls.


Furnishing Data: Accuracy Matters

Banks that furnish data to credit reporting agencies are under the microscope. The CFPB found widespread failures to maintain procedures for identity theft notifications, conduct thorough investigations of disputes, and ensure data accuracy. This isn’t just about compliance—it’s about your reputation.

Actionable Insight
Community banks should strengthen internal controls and train employees on handling credit disputes. Investing in accurate, consumer-friendly data practices not only mitigates risk but also reinforces your institution’s credibility.


Short-Term Lending: Transparency is Key

The Supervisory Highlights also scrutinize the exploding popularity of Buy Now, Pay Later (BNPL) programs and paycheck advance products. Findings revealed deceptive marketing practices, delayed dispute resolutions, and loan denials tied to trivial payment processing errors.

Why It Matters
Even if your bank doesn’t offer these products, they’re reshaping consumer expectations. Transparency in terms and processes isn’t optional—it’s a competitive necessity.


Technology Pitfalls: Lessons from Enforcement Actions

This issue features notable enforcement actions, including a $1.5 million penalty against VyStar Credit Union for botching the launch of an online banking platform. Consumers faced months of restricted access to their accounts, incurring fees and frustration.

A Word of Caution
Digital transformation is critical for community banks to stay relevant, but poorly executed rollouts can damage trust. Rigorous testing and a solid contingency plan can safeguard against consumer harm and regulatory penalties.


New Rules to Watch

The CFPB issued a final rule governing overdraft practices at large institutions, capping fees unless they are minimal. Additionally, supervisory authority now extends to digital payment platforms processing over 50 million transactions annually.

What’s Next for Community Banks?
Stay proactive in monitoring new rules and adapting processes. Even if you’re not directly impacted by these changes, they signal the regulatory trends shaping the future.


Final Thoughts: Protecting Your Institution

The themes in this issue of Supervisory Highlights boil down to a central lesson: consumer protection is non-negotiable. Whether it’s ensuring accurate reporting, transparent lending, or seamless technology implementation, community banks must prioritize their customers’ experience.

By addressing these areas, you’re not just avoiding penalties—you’re fortifying your role as a trusted partner in your community. For tailored guidance, connect with Young & Associates, your partner in navigating the ever-changing regulatory landscape. Contact us for tailored solutions to support your institution’s goals.

U.S. Industrial Transition: Insights for Metro Areas and Community Banks

The FDIC’s analysis of U.S. industrial transitions between 1970 and 2019 reveals the profound effects of economic shifts on metro areas and the community banks serving them. These transitions, driven by the decline of manufacturing and the rise of service-based economies, created challenges and opportunities for local economies and financial institutions. Below, we explore the key findings from this study and their implications for community banks.


The Decline of Manufacturing and Economic Shifts

Over five decades, the national economy moved away from manufacturing, with industries like steel, textiles, and machinery experiencing steep employment declines. Metro areas heavily reliant on these sectors, particularly in the Northeast and Midwest, faced significant economic stagnation. For example, cities like Youngstown, OH, and Flint, MI, struggled to replace lost industries, leading to slower population growth, aging demographics, and economic contraction. Meanwhile, metro areas in the South and West benefited from population inflows and economic diversification, fostering stronger economic growth.


Challenges for Community Banks in High-Transition Metros

Community banks in metros with high levels of industrial transition faced significant challenges. These banks experienced weaker deposit and branch growth compared to their counterparts in other regions. Their loan portfolios were heavily concentrated in single-family residential loans, with less exposure to business-related lending, which limited their growth potential. Despite these challenges, community banks in high-transition metros showed resilience during periods of economic stress, such as the Savings and Loan Crisis and the Great Financial Crisis, with lower failure rates than banks in other regions.


Strategies for Success: High-Performing Banks

Amid these challenges, a subset of high-performing community banks in high-transition metros found success through strategic adaptability. These banks diversified their loan portfolios, expanded operations beyond their local metro areas, and emphasized commercial lending. By focusing on growth opportunities outside their immediate regions and strengthening their balance sheets, these banks outperformed both their local peers and many banks in more stable metros. Their success underscores the importance of innovation and diversification in navigating economic transitions.


The Role of Metro Diversification

Larger, more industrially diversified metros, such as San Jose, CA, demonstrated the benefits of economic adaptability. San Jose successfully transitioned from computer manufacturing to a broader technology-driven economy, supported by high-paying jobs in professional, scientific, and technical services. This highlights the critical role of industrial diversity in building resilience during times of economic change. Smaller, less diversified metros struggled to recover, illustrating the importance of proactive economic planning and investment in diverse industries.


Lessons for Future Transitions

The FDIC study offers valuable lessons for navigating future economic shifts, including those driven by climate change and clean energy transitions. Metro areas and community banks that prioritize diversification, invest in high-growth industries, and adapt to changing market demands will be better equipped to manage these transitions. By learning from past challenges, financial institutions can position themselves as resilient and innovative partners in their communities.


Supporting Community Banks Through Transition

As community banks navigate the challenges of economic shifts, Young & Associates is here to help. Our expert guidance can assist financial institutions in diversifying portfolios, expanding operations, and developing strategies for resilience. Contact us today to learn more about our tailored services, and subscribe to our newsletter for the latest insights and updates.

Understanding NCUA’s Guidance on Overdraft and NSF Fees: Key Takeaways for Credit Unions

The NCUA’s December 2024 Letter to Credit Unions (24-CU-03) sheds light on the risks and regulatory concerns surrounding overdraft and non-sufficient funds (NSF) fee practices. This guidance is crucial for federally insured credit unions aiming to mitigate compliance, reputation, and litigation risks while maintaining fair and transparent practices for their members. Below, we break down the essential points of the letter, tailored for credit union leaders.


The Problem with Unanticipated Fees

Credit unions may face significant risks if their overdraft or NSF fee policies result in fees that members cannot reasonably anticipate or avoid. These fees can lead to:

  • Substantial Member Harm: Unexpected fees strain members financially and undermine trust.
  • Regulatory Violations: Such practices may be deemed unfair or deceptive under the FTC Act and the Consumer Financial Protection Act (CFPA).
  • Heightened Risks: Credit unions expose themselves to reputational, consumer compliance, third-party, and litigation risks.

Key Risk Areas in Overdraft and NSF Fee Practices

The NCUA identified several problematic practices:

  1. Authorize Positive, Settle Negative (APSN) Fees:

    • Fees charged when a transaction is authorized with sufficient funds but settles with insufficient funds due to intervening transactions.
    • Such practices are likely unfair under federal regulations, especially if members cannot anticipate the fees.
  2. Multiple NSF Representment Fees:

    • Charging additional fees when a returned check or ACH item is presented multiple times without sufficient funds.
    • Members often cannot control or predict when items will be represented, making these fees unfair and deceptive.
  3. Returned Deposited Item (RDI) Fees:

    • Assessing fees on members for depositing checks that are returned unpaid.
    • Members typically have no way to foresee these occurrences, increasing compliance and reputational risks.
  4. Other High-Risk Practices:

    • High or No Limits on Fees: Charging excessive fees in a single day creates undue financial burdens on members.
    • Inaccurate Disclosures: Failing to clearly disclose fee practices or transaction cutoff times can mislead members and violate regulations.
    • Reordering Transactions: Prioritizing larger transactions to maximize overdraft fees is likely to be considered unfair.

Risk Management Best Practices

To address these risks, the NCUA recommends that credit unions:

  • Conduct Comprehensive Reviews:

    • Analyze all aspects of overdraft and NSF fee programs, including disclosures, processing systems, and member communications.
    • Evaluate member complaints and fee structures for fairness and transparency.
  • Mitigate Risks:

    • Eliminate fee practices that members cannot reasonably anticipate or avoid.
    • Self-identify and reimburse members for fees assessed under unfair practices.
    • Consult legal counsel to ensure compliance with applicable laws.
  • Enhance Member Support:

    • Offer alternatives such as linked savings accounts, affordable lines of credit, or short-term loans.
    • Provide educational resources to help members manage their accounts effectively.

NCUA’s Supervisory Approach

The NCUA will continue reviewing overdraft and NSF programs during examinations to ensure compliance and risk mitigation. Credit unions are encouraged to take proactive measures, as the agency will consider self-corrected violations and member reimbursements favorably during examinations. Enforcement actions may include restitution for harmed members and other penalties for non-compliance.


This guidance emphasizes the importance of transparency, fairness, and compliance in managing overdraft and NSF fee practices. By implementing the NCUA’s recommended best practices, credit unions can reduce risk exposure, enhance member trust, and align with regulatory expectations.

How We Can Help

At Young & Associates, we specialize in helping credit unions navigate complex compliance requirements. Contact us for tailored solutions to evaluate and improve your overdraft and NSF fee programs. Sign up for our newsletter to stay informed about the latest regulatory updates and best practices in the credit union industry.

The OCC 2024 Annual Report: A Summary for Financial Institutions

The OCC 2024 Annual Report provides a comprehensive overview of the federal banking system, highlighting stability, strategic priorities, and regulatory advancements. This report underscores the importance of proactive risk management, fairness in banking practices, and adapting to evolving technology and environmental challenges.

The report reaffirms the strength of the federal banking system, noting that 99% of banks are well-capitalized and that 92% maintain strong capital adequacy, asset quality, and management. These metrics reflect the resilience of financial institutions in the face of economic uncertainties.


Strategic Priorities for the Federal Banking System

The OCC’s strategic priorities for 2024 focus on four critical areas:

  • Guarding Against Complacency: Banks are encouraged to remain vigilant and manage both traditional and emerging risks effectively.
  • Promoting Fairness: Efforts to reduce lending inequities and biases in financial practices continue to be a priority.
  • Adapting to Digitalization: The integration of financial technologies and artificial intelligence must be managed responsibly to ensure security and trust.
  • Addressing Climate Risks: Large banks are expected to develop frameworks to mitigate climate-related risks, both physical and transitional.

Key Focus Areas for Financial Institutions

  1. Fraud Prevention and Cybersecurity:
    • Rising threats, including AI-driven fraud, call for advanced detection systems and secure authentication processes.
    • The increasing reliance on fintech partnerships highlights the need for robust third-party risk management frameworks.
  2. Operational Resilience:
    • Operational resilience, including robust recovery planning, is critical to maintaining financial stability.
    • Recent regulatory updates require banks with over $100 billion in assets to expand recovery planning and testing.
  3. Regulatory Modernization:
    • Enhanced transparency in bank mergers aims to foster competition and benefit underserved communities.
    • Updates to the Community Reinvestment Act (CRA) strengthen fair lending practices and promote financial inclusion.
  4. Digital Innovation:
    • Artificial intelligence and automation are reshaping the banking landscape. The OCC emphasizes fairness, accountability, and transparency in AI applications.
    • Open banking and real-time payment systems present growth opportunities, but they must be implemented with customer trust and regulatory compliance in mind.

Financial System Resilience

The federal banking system demonstrated financial resilience in 2024, but challenges persist:

  • Revenue Growth: The OCC’s revenue increased by 2.8% in FY 2024, totaling $1.22 billion, driven by higher interest earnings and bank assessments.
  • Profitability Pressures: Declines in net interest margins and rising credit costs affected profitability, particularly for community banks.

Operational resilience remains a cornerstone of financial stability. The OCC highlights the importance of maintaining adequate liquidity, robust capital levels, and strategic recovery planning to mitigate risks.


The OCC’s 2024 Annual Report emphasizes the importance of adaptability, fairness, and resilience in navigating an increasingly complex financial landscape. Financial institutions must align their strategies with these priorities to ensure compliance, enhance customer trust, and foster long-term stability.

Learn More:
Young & Associates offers expert guidance in compliance, risk management, and operational resilience. Contact us for tailored solutions to support your institution’s goals. Sign up for our newsletter to stay informed about the latest industry trends and insights.

Connect with a Consultant

Contact us to learn more about our consulting services and how we can add value to your financial institution

Ask a Question