6 minutes
Understand these three fundamentals for successful credit union oversight.
All credit unions have governance, but does yours have good governance? Here are the three keys to cultivating good governance and effective risk-management at your credit union.
1. The Board of Directors Has All the Power on Paper (and Should Use It)
Section 701.4 of National Credit Union Administration regulations and the standard federal credit union bylaws give the boards of directors of FCUs the general direction and control of the credit union. State credit union acts, bylaws, and/or other state laws typically establish similar rules and duties for boards of state-chartered credit unions. This means that, when push comes to shove, a credit union board that is unified enough to act collectively will always have the final say, at least as a legal matter.
Section 701.4 also addresses board members’ fiduciary duties, allows the board to retain staff and such outside consultants as accountants and legal counsel, and gives the board express authority to “Direct management's operations of the Federal credit union…”
In addition, Article VI, Section 6 of the standard FCU bylaws restates the board’s authority to direct the credit union’s operations as well as the board’s other duties, such as establishing effective policies and procedures. In terms of who is elected to the board, the people on the nominating committee’s slate of candidates often run for office unopposed, which may be why the standard FCU bylaws do not address ties in board elections. Who the nominating committee recruits therefore often plays a key role in determining the mix of skill sets and personalities serving on the board.
Governance problems typically emerge, however, when credit union boards are too fractious to provide effective oversight of the credit union’s management or when management misrepresents facts to the board. While the standard FCU bylaws do not address tiebreaks on a credit union’s board, NCUA’s Office of General Counsel once issued an interesting opinion letter on that issue. At the end of the day, however, a credit union board must be able to achieve consensus, or at least a near consensus, to be an effective governance organ as a practical matter.
2. The CEO Has Outsized De Facto Power
While the credit union’s board has all the power on paper, the chief executive officer is the individual exercising day-to-day authority and, in practice, can choose to ignore board directives, instruct the organization’s staff to lie to the board, use flimsy pretexts to push out staff members who do not play along, and/or portray any operational shortcomings resulting from the CEO’s intentional non-compliance with board directives as merely the result of bad luck, incompetence by the CEO’s subordinates or a misunderstanding.
This means that the board’s only real power at an institution with poor governance may be to hire and fire the CEO. Factor into the equation that many CEOs have three-year contracts and suddenly the board may not have very much power in practice. It may be faced with Hobson’s Choice (a free choice in which only one thing is actually offered) of either issuing paper directives that the CEO chooses to ignore or firing the CEO and potentially having to keep paying that individual until their contract runs out years later.
In terms of worst-case governance scenarios, NCUA’s material loss reviews—i.e. inspector general’s reports on significant losses to the share insurance fund—provide some interesting examples of credit union managers whose insider abuse caused their credit unions to fail. These insider schemes commonly involved embezzlement using fictitious payees or falsified investments or saw executives receiving alleged kickbacks from vendors in exchange for having the credit union enter into questionable business relationships. Anyone who wants to know how better to spot credit union governance red flags should read these material loss reviews.
3. Fiduciary Duty Means Prudent Risk Management
Credit union officers and directors, like all corporate officers and directors, owe fiduciary duties of care and loyalty to their credit unions, which primarily involve managing risk. The duty of care requires officers and board members to act in a reasonably prudent manner in running the credit union, much like how one is supposed to drive safely and obey the rules of the road while driving a car. The duty of loyalty requires officers and board members to put the credit union’s interests above their own in most situations, such as to prohibit officers and directors from stealing the credit union’s business opportunities, deliberating on matters that affect their own interests or engaging in insider abuse.
Section 701.4 of NCUA rules establishes these fiduciary duties for board members of FCUs as well as a version of the “business judgment rule” that gives board members a safe harbor when they rely on information provided to them by the credit union’s management, outside advisors and/or board committees. State laws establish these fiduciary duties for board members of state-chartered credit unions as well as for management officials of both FCUs and state-chartered credit unions, however, management officials, unlike board members, do not generally receive protection from the business judgment rule. See, for example, Gully v. NCUA Board, 341 F.3d 155 (2d Cir. 2003), and Doolittle v. NCUA, 992 F.2d 1531 (11th Cir. 1993). Board members or management officials who act consistently with their fiduciary duties are generally protected from legal liability if things go wrong, much like how a safe driver who obeys the rules of the road but gets into an accident anyway should not be held liable either.
Understanding board members’ and officers’ fiduciary duties, as well as the other secrets to credit union good governance, should help credit union boards and managers establish the governance fundamentals necessary for any credit union to be successful. This is especially true when the experience and qualifications of the credit union’s management are commensurate with the credit union’s complexity so that managers understand the risks facing the institution and can advise the Board appropriately on how to manage those risks.
Prudent risk management is the name of the game because credit unions, like all financial institutions, are always exposed to credit risk, operational risk, market risk, liquidity risk, compliance risk and reputational risk, to name a few. Credit unions that manage risk effectively are almost always considered well-governed because the proof is in the pudding.
Michael S. Edwards is an attorney-at-law with extensive experience representing credit unions, community banks and credit union organizations in the United States and around the world on a wide range of regulatory, compliance and other legal matters. Now with his own law firm based in the Washington, D.C., area, Edwards previously served as SVP/advocacy and general counsel of the World Council of Credit Unions and was senior assistant general counsel in the regulatory advocacy section of the Credit Union National Association.