Finding the schedule to conduct a quarterly or annual risk management review proved to be a time crunch for CP Federal Credit Union.
The $323 million credit union in Jackson, Mich., knew that it was not alone in scheduling the reviews, and it was the impetus behind the debut of CU Rx, a risk management and compliance CUSO. The new entity was formed through CP FCU’s subsidiary, CP Financial Services LLC.
CU Rx will offer review and audit services with solutions to improve risk management, fraud, compliance and regulatory best practices. After conducting the review and audit for a credit union, CU Rx said the output from the analysis aims to produce a risk matrix exposing the client’s vulnerabilities and areas of noncompliance. The CUSO staff then evaluates the credit union’s existing policies and controls from the identified risks, and specifically seeks evidence of control weaknesses. The final recommendation includes strategies and tactics for improving those policies, procedures and controls.
According to CU Rx, training is also offered to ensure the credit union’s staff understands compliance on specific regulations and best practices, and to avoid the risks or issues that surfaced in the review process.
"We know from personal experience it’s difficult for credit union executives to find the time necessary to go through the process of a quarterly or annual risk management review process," said CU Rx President John Crist, who also serves as president/CEO of CP FCU.
Crist said the launch of CU Rx is timely given the regulatory landscape for credit unions.
"It’s no secret that keeping up with new regulations or changes is a tough chore, but it’s critical for the protection and health of any credit union’s reputation and operational success," he said.
Most credit unions currently hire legal firms or accounting firm auditors to complete audits, Crist said.
"CU Rx was created to fill a serious need in the industry, while helping credit unions mitigate risk and improve compliance," Crist said. "It’s proven to be a cost- effective solution for our existing clients. They appreciate the high level of care CU Rx provides. Not to mention the time savings and relief one feels to get control of regulatory risk and compliance issues."
Among the regulatory topics the CUSO is asked to review the most are the Bank Secrecy Act, USA Patriot Act, automated clearing house audit, identity theft red flag rules, disaster recovery, vendor management, and third-party due diligence, said Bryanna Tapley, CU Rx vice president. Reviews of Regulation E and Section 748 of the NCUA’s rules and regulations are also common request, she added.
"Training credit union staff on regulations becomes particularly helpful for the long-term effectiveness of the CU Rx audit process. It’s not just a list of solutions and we’re gone," Tapley said. "CU Rx works through the client’s customized plan to see that risk, fraud and compliance weaknesses are resolved. It’s a proactive step they must take for the long-term health of their credit union."
After the establishment of CP Financial Services in 2005, the need for consistent, expert risk management and compliance among credit unions nationwide became apparent, according to the credit union. Over time, Crist and Tapley said they recognized they had the nucleus of a risk management and compliance CUSO.
"The tools and experienced staff were already delivering risk management and compliance solutions for area credit unions. As a CUSO, they intrinsically understood a credit union’s needs, operations and opportunities, including the need for cost-effective and fast delivery of tailored risk, fraud and compliance solutions," Crist said.
Showing credit unions how to adapt and comply is one of CU Rx’s goals, said Chrissy Siders, vice president of operations at CU Rx.