Pandemic Puts Credit Union Business Continuity Plans to the Test

March 17, 2020

There isn’t a single aspect of life, work or play that hasn’t been impacted by the coronavirus pandemic. And, many believe, we are only at the beginning. The upside – the people-helping-people spirit has remained healthy throughout, as the industry prioritizes the financial health of the nation’s 100 million credit union members.

The NCUA’s unprecedented memo from March 16 is proof positive of the movement’s laser focus on members’ financial health. In case you missed it, the agency said it will give credit unions the flexibility to prudently adjust or alter member loan terms and will not subject those decisions to examiner criticism.

A second silver lining is the number of important lessons the industry is learning, specifically as it relates to business continuity planning and preparedness. Chief among these lessons is that a business continuity plan (BCP) must be specific, tested and continuously updated to be meaningfully effective. 

Let’s look at each of these qualifiers individually...

Specific

It’s not unusual for business continuity plans to be built through a cut-and-paste style of policy creation. Unfortunately, it’s a fairly risky approach.

To be clear, there’s nothing wrong with downloading a BCP template to get started. The trouble comes when the only change a well-meaning credit union makes to the policy template is the addition of the cooperative’s name to the top of the document. This sets a credit union up for inevitable disaster.

Tested

As many business leaders have discovered over the past several weeks, BCPs that have not properly been tested are often too short-sighted to be effective. Remote work strategies, for instance, are subject to myriad factors that need to be considered and prepared for (e.g., Can the VPN handle the increased traffic of mass remote workers? Is there a backup plan should third-party software or network providers fail, and is that backup plan reliable?).

Continuously updated

Examiners appreciate credit unions that acknowledge mistakes and take action to correct them. A BCP, even one that is specific and tested, can still fail in certain circumstances. Credit unions that diligently document these failures, have a plan to mitigate the fallout and take steps to prevent the failures from occurring again, are likely to be met with a greater degree of examiner forgiveness. After the dust from a disaster settles, be sure to sit down with your leaders to debrief. Ask all relevant staff members to weigh in on what worked and what didn’t; adjust the BCP accordingly.

During any crisis, it can be tempting to dwell on the mistakes of the past. Your credit union’s BCP may not be perfect; they rarely are. If you’re feeling stressed by an inadequate plan, encourage your leaders to spend less time lamenting what should have been done, and more time focusing on what can be done today and in the future.

And, be sure to take advantage of the movement’s cooperative spirit. You are one of many people across the industry configuring creative solutions to the problems this pandemic has and is presenting. Each of them is working hard to keep things humming for the nation’s credit union members. Don’t be afraid to pick up the phone to ask a colleague (or a ViClarity consultant) what advice they have for situation(s) you’re facing today.

Services performed by ViClarity are compliance and not legal in nature, and do not form an attorney-client relationship or any of the protections attendant to the attorney-client relationship.