Strategic Planning
for Compliance
In the Summer, 2015 issue of Supervisory Insights, the FDIC
focuses on the idea of strategic planning for banks in a shifting earnings
environment.[1] While this article addresses the need for
overall strategic planning at banks, it brings to mind the idea that the
compliance program at your bank specifically should undergo strategic
planning. In fact, the same principles
that are outlined in the text can be directly applied to the compliance program
at community banks.
Changing Environment
The financial crisis of 2009 lead to many bank failures, a greater
number of regulations and overall uncertainty in the banking industry. As all of the financial pain from that
upheaval began to sort itself out many banks have been left to find their way
in a changing environment. The
competition for good and reliable borrowers has become intense while net
interest margins have been squeezed by persistent low interest rates. Alternative lending institutions that do business
to business lending have also started to make inroads in the pool of potential
customers for community banks.
Simultaneous to a shrinking pool of good customers is a
growing list of regulations that require active participation on the part of
bank management. The expectations of
regulators are that banks will make a strong effort to monitor their products
and activities to ensure compliance with the requirements of the
regulations. In both the immediate
future and the long term, it will be necessary for banks to be flexible and
innovative when addressing the need to stabilize and grow profits.
The compliance program has to be part of the growth and
innovation. As the products and services
that a bank offers change to meet the needs of the community, so must the
compliance program. New products have
different compliance risks that range throughout the lifecycle of the product.[2]
Governance
In the area of compliance, governance of the program is
critical to its success. Oftentimes, at
smaller financial institutions, this is an aspect of compliance that is
overlooked. The Board and senior
management must be a part of the overall strategic planning process for
compliance. Just like every other area
of bank administration, it is the role of the Board to establish the risk appetite
that will be implemented in the compliance program.
As a best practice, the compliance risk assessment should be
comprehensive, performed annually and should be a part of the strategic
planning process. Completing a
compliance risk assessment should not be simply a rote exercise. The risk compliance risk assessment should
take into account current resources versus needs and be a comprehensive and
honest assessment of the capabilities and effective ness of the current
program. The compliance risk assessment
should be presented to the Board and senior management as part of the strategic
planning process. In this manner, the
Board has a clear picture of the compliance program and can more accurately
establish the risk appetite of the financial institution.
Working with the Board to establish priorities for resources
in a given year is a critical part of strategic planning for compliance.
Budgeting
One of the problems that often confront compliance programs
is lack of adequate resources. This
can take the form of lack of staff, inadequate training, insufficient time to
perform essential duties, missed deadlines or missed audits or reviews. Unfortunately, there is a tendency for
compliance staff to try to maintain a static level of resources. Compliance is often seen and a
noncontributing expense and increasing the budget can be met with withering
opposition. However, despite its lack of
earning potential, an ineffective compliance program can be the source of
dramatic expenses. In this case, an
“ounce of protection” in the form of an adequate compliance program is worth a
pound of cure. An effective compliance
program must have adequate resources to meet the risk appetite of the financial
institutions. This does not necessarily
mean hiring additional staff; outsourcing is a practice that many financial
institutions employ. Outsourcing allows
the leveraging of resources to meet the specific needs of a financial
institution.
Take a look at the training, management information systems
and audit/compliance review resources that are available based upon the current
risk environment. If there are gaps,
the strategic planning process is the time to make the resource requirements
known. The level of earnings that are
projected at your financial institution must have taken the compliance budget
into account. Otherwise, an ineffective
compliance program can result in enforcement actions that wipe out the entire
earnings.
Forecasting
For a compliance program to be truly effective. It has to be
part of the forecasting for a financial institution. If new products or markets are being
contemplated, the compliance resources required must be considered. For example, in the event your financial
institution decides that they will once again offer HELOC’s, does the
compliance staff have sufficient knowledge of the disclosure, servicing and
reporting requirements for these loans?
If not, how difficult will it be to acquire this knowledge? Does the core system have the ability to
properly account for the compliance requirements for these loans? If not, what
are the costs for upgrading systems?
These are costs that rightly should be considered in the strategic
planning process. Even if no new
products are being offered the regulatory environment can change from one year
to the next. For example, in 2016 there
will be entirely new flood insurance rules.
These rules will apply not only to new loans, but to the existing
portfolio. The training and reporting
systems changes that will be necessary to comply with these new rules should be
part of the strategic planning process so that sufficient resources are allocated
to this change. Being a part of change at the Bank is an
essential compliance function.
One of the useful habits of financial institution regulators
is that they announce potential changes to regulations well in advance of the
changes actually taking place. All of
the regulators announce publicly the changes that they are proposing and invite
comment. For example,
On May 22, 2015, the CFPB released its Spring 2015 regulatory
agenda, which updates the status of the regulatory issues and rulemakings on
which the CFPB is currently working:
Final Rule
• Completing a final rule under Regulation C to implement the
Dodd-Frank Wall Street Reform and Consumer Protection Act’s (Dodd-Frank Act)
amendments to the Home Mortgage Disclosure Act. The rulemaking proposal is
available; the CFPB expects the final rule to be issued in August 2016.
• Completing a final rule under Regulation E to regulate prepaid
financial products. The proposal is available; the CFPB expects the final rule
to be issued in January 2016.
• Issuing a final rule on June 10, 2015, to supervise larger,
nonbank participants in the consumer automobile financing and leasing markets,
defined as nonbanks that annually originate at least 10,000 automobile loans,
automobile loan refinancing’s, purchase of automobile loans, or leases. The
rule became effective August 31, 2015. [3]
At least two of these rules will
have a direct impact on the compliance demands on your bank in the very near
future. This information is readily
available but is often overlooked due to strained resources and lack of
sufficient time. Part of the overall
forecasting for compliance should include a component that allows for the
forecasting of compliance needs in the immediate future.
By employing many of the same
principles that are part of overall bank strategic planning to the compliance
area, the compliance program can increase efficiency and can maintain an
appropriate view of the resources necessary to remain effective.
No comments:
Post a Comment