NCUA Adjusts ONES Supervision Threshold; Issues Cyber Incident Proposal

The NCUA board approved its final asset threshold supervision rule and issued a proposal on cyber incident reporting at its meeting Thursday. The board also heard a briefing on the 2022 mid-session budget.

The asset threshold rule increases the threshold for supervision by NCUA’s Office of National Examinations and Supervision (ONES) $15 billion in total assets (up from $10 billion). Credit unions with between $10 billion and less than $15 billion will be supervised by their regional office.

The cyber incident proposal would require federally insured credit unions to notify NCUA as soon as possible—but no later than 72 hours—after they reasonably believe a reportable cyber incident has occurred.

This requirement provides an early alert to the NCUA and does not require credit unions to provide a full incident assessment to the NCUA within the 72-hour timeframe.

Learn more

• Related: NCUA Board issues asset and supervision threshold final rule, receives mid-session budget briefing (NAFCU)
• Related: Video archive of NCUA Board Meeting (July 21, 2022)
• Related: NCUA Board Amends Asset Threshold for Supervision (Credit Union Times)