Recently, I attended the America’s Credit Unions Compliance and Risk Management Council Conference in San Antonio, Texas. We heard from key speakers on regulatory advocacy, subject matter experts on fraud and fair lending, and well-known attorneys on current litigation trends. Here were my top five takeaways:
CFPB Priorities
The CFPB isn’t issuing new regulations or actively pursuing enforcement on many others. However, it is focused on fraud prevention, veteran support and collaboration with state and other regulators.
Remittance Tax Update
Effective January 1, 2026, a 1% tax will be applied to foreign wire transfers sent via cash. However, there is an exemption for foreign wire transfers sent from an account if the funds have been deposited into the account.
Litigation Risks
There have been recent lawsuits targeting credit unions serving immigrant populations. The most recent cases were in New York and Florida. The plaintiffs are not asking for financial compensation. However, they are asking the credit union to agree to change their policy so that it won’t deny immigrants.
Vendor contract lawsuits –
- What specific security standards are third-party vendors held to? This means what state is listed in the contract for litigation or arbitration.
- Make sure the contract defines what the vendor’s obligation is to notify the credit union in the event of a potential breach and includes a specific timeframe.
- What costs is the vendor accountable or responsible for?
- What are the requirements for third-party vendors should they choose to outsource any part of their relationship with your credit union or fourth-party transaction?
Account Takeover Protection
Consumers are not protected if they claim to have sent a Reg e-initiated transaction but were scammed. If the member admits they sent the electronic transaction but were scammed, there is no Regulation E protection. However, if the member states they did not initiate the electronic transaction the transaction is covered by Regulation E.
Stablecoin Regulation
The GENIUS Act, signed into law in July 2025, establishes a regulatory framework for stablecoins, requiring federal licensing for any financial institution who wants to issue them. Credit unions are included if they get a federal license and would be regulated by NCUA if they are federally chartered, and by the state, plus NCUA if state chartered.
Stablecoin issuers with less than $10 billion in stablecoin outstanding will be regulated at the state level if the state regulations are substantially similar to the federal regulations.
A stablecoin issuer is considered a financial institution under the Bank Secrecy Act and must develop measures against money laundering, including policies outlining:
- procedures for annual certification
- foreign issuer obligations
- technology capabilities
Save the Date for Next Year’s Conference
As a member of the Council Executive Committee and vice chair of the Conference Committee, ensuring the content was timely and relevant for compliance and risk management staff was top of mind. I encourage you to get connected with the Compliance and Risk Management Council and save the date for next year, Sept. 14-16, 2026, in Arizona.
