United States

4 steps banks should take to strengthen compliance management systems

Focus on compliance culture and approach, not just transactions

ARTICLE  | 

Regulators are taking a different approach to examinations at banks and credit unions. Where, until recently, they focused almost exclusively on files and transaction testing, they are now also taking a harder look at each institution’s overall compliance approach. With the Consumer Financial Protection Bureau (CFPB) leading the charge, regulators are now taking a top-down look at the overall compliance effort, looking for evidence that financial institutions have:

  • A strong compliance culture, starting with the right tone at the top

  • Effective compliance policies and procedures

  • Solid compliance training and monitoring programs

Incidents such as the recent scandal at Wells Fargo, in which an overly aggressive sales culture led to wide-spread abuses, underscore the importance of a top-down, risk-focused compliance management approach. Financial institutions need to invest the time and resources necessary to ensure effective compliance throughout the institution. Four steps all financial institutions should take: 

  1. Develop compliance policies and procedures throughout the institution that set very clear compliance goals and that spell out exactly what all employees need to do to help ensure those goals are met. Be sure your compliance procedures are specific and actionable.

  2. Bake compliance into the development of new products and services. Don’t leave compliance as an afterthought that’s addressed after they are in place. Anticipate and address compliance risks during the development process.

  3. Take customer complaints and audit findings seriously. How financial institutions respond to signals of possible compliance issues is a major indictor of the strength of their overall compliance management system. Escalate customer complaints and audit findings to management and ensure that any underlying compliance issues are identified and addressed.

  4. Focus on training, support and testing. Having the right policies and procedures in place doesn’t matter if employees don’t understand them. Be sure personnel at every level of the organization understand overall compliance issues and goals as well as specific compliance tasks that fall within their job description. Regularly test compliance at all levels and hold people at every level accountable for compliance performance. As testing uncovers issues, ensure practices are adjusted to correct for weaknesses. Training is often the weak link. Employees might understand which form to fill out or what actions to take, but if they don’t understand why, then they don’t fully appreciate the associated risks or their role in addressing them. Be sure employees understand their full role in your compliance efforts. Employees should understand their compliance functions as clearly as they understand their operational responsibilities. Consider specifying compliance obligations in their job descriptions.

A more sophisticated and holistic approach to compliance is not just a practice for major national banks. Smaller community banks and credit unions also need to ensure they are taking an effective, top-down approach to managing their compliance risks. Reviewing and strengthening your compliance program now will not only help to control your risks, it will better position you to stand up to the deeper focus that regulators will be taking in their examinations.

How can we help you?

To discuss how our team can help your business, contact us by phone 800.274.3978 or



Investment Industry Insights

The quarterly newsletter follows developments in accounting and finance and places them in the context of current events and changes in economic and marketplace trends.

Subscribe


Events / Webcasts

IN-PERSON EVENT

Trends in business development companies 2017

  • May 15, 2017

IN-PERSON EVENT

Trends in business development companies 2017

  • May 15, 2017

RECORDED WEBCAST

FATCA and the new Common Reporting Standards

  • March 30, 2017

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.


Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.

LEARN MORE



Events/Webcasts

IN-PERSON EVENT

Getting past the sound and fury of security

  • May 18, 2017

RECORDED WEBCAST

AML and regulatory compliance webcast series—Spring 2017

  • April 25, 2017

RECORDED WEBCAST

ERP implementation risks and their impact on your organization

  • March 29, 2017

RECORDED WEBCAST

2017 cybersecurity outlook and key considerations for nonprofits

  • January 31, 2017

RECORDED WEBCAST

2017 economic and risk outlook

  • January 09, 2017