As noted by the WOCCU Credit Union Governance white paper, credit unions fundamentally differ from other financial institutions. For-profit financial institutions primary focus is to maximise the owner’s gain, so shareholder benefit is always prioritised at service user’s expense. For credit unions, the shareholders are the service users, and democratically every shareholder has an equal vote irrespective of their financial stake in the credit union.
Achieving the appropriate balance between depositors, borrowers and transactors interests, complying with local regulation while growing the business in a safe and secure manner to meet members’ future needs requires the implementation of good governance practices throughout the organisation.
The Board of a credit union document their long term aims through a set of measured goals. Goals are broken down into lower level tasks and assigned with capital and operational expenditure budgets to individuals or functions within the organisation to complete.
redflare.strategy allows the Board to monitor the progression of the overall strategic plan, and drill into each goal to see the status of the tasks, the budgetary spend, and management’s commentary on what is working well or what needs more attention or resources.
Credit unions differ from other financial institutions but still must comply with financial rules, regulations and standards. Regulatory bodies impose capital rules to ensure credit unions are solvent and liquid; lending rules to prevent credit bubbles; AML/CTF checks to protect the financial sector from misuse; payment processing rules to make the payment infrastructure function; conduct of business rules to protect service users from mis-selling.
Additionally as places of work, credit unions have health, safety and welfare obligations; as employers, obligations under employment law to employees and pensioners; as holders of confidential member data, privacy and data protection obligations to those members.
redflare.compliance allows credit unions put in place multi-year plans to check that all compliance obligations are in place, effective and embedded in the culture of the organisation.
Manage enterprise risk
ISO 31000 defines risk as the uncertainty of achieving strategic objectives, and risk flows from the activities, and sometimes the inactivities of an organisation’s operations. It is only possible to avoid risk by offering no services, by having no members, by working towards no goal. A ship in harbour is safe, but that is not what ships are built for.
redflare.risk does not reduce or eliminate risk, but it properly records and reports on risk, both inherent (the risk exposure based on environmental context, scale of operations, and intrinsic uncertainty) and residual (the risk remaining post management activities to reduce, transfer or avoid risk). Through documentation of risk cause and consequence, the Board can visualise the effectiveness of controls deployed and identify inefficient, absent or weak controls on critical risks.
redflare.scorecard allows key performance measures, whether WOCCU’s PEARL ratios or internal Key Risk Indicators (KRI) or Key Performance Indicators (KPI) to be recorded and reported.
The integrated solution allows risk reviews to be triggered by compliance breaches, task over runs or key measures exceeding specified thresholds. With red flares real time reporting, the Board always have access to correct information in a timely manner to make the appropriate decision in guiding the credit union towards its future goals.
Governance is the process of translating the credit union’s mission into actionable plans. It requires that essential roles are filled by competent and proper persons; that policies exist to guide tactical decisions and choices, in a way that always advances the credit union’s strategic goals. Decision making should be delegated to the correct level be it functional role or committee. Delegation of authority should be scoped with boundaries between different authorities clearly delineated. Decisions must be recoded and their implementation planned and monitored.
redflare.governance records each authorities charter, tracks that decisions were validly reached based on quorum rules, records votes, discussion and dissension on each decision, and tracks the progress of implementation tasks to provide the governing body with the necessary information to have effective oversight on how the credit union’s strategic goals are progressing.
Our cloud based ISO 27001 infrastructure allows a credit union of any size to deploy an enterprise wide Governance Risk and Compliance system with no additional capital expenditure.