26 Hoosier Banker November 2014 DIRECTORS / SENIOR MANAGEMENT It’s all good, until it’s not” is a familiar saying that sums up a lesson learned by shocked community financial institution leaders who find themselves at the receiving end of an enforcement action (EA). That’s the nature of compliance these days. It is not solely “troubled” financial institutions that are enduring increased scrutiny. In 2014 there are plenty of wellintentioned banks – those that have always run operations in full observance of applicable legal and regulatory requirements – under EA. This situation leaves many bank executives wondering how things can go so wrong so fast, and how to avoid a similar path. There are many stumbling blocks that can derail a bank’s compliance efforts. They typically fall into three categories: Failure to acknowledge that you may be next. Nationwide more than 10 percent of all financial institutions are under EA. The problem is that institutions that are not under an EA today tend to assume that they’ve got compliance covered. After all, they’ve gone through the same examinations before and came out unscathed. However, just because your institution has not been in trouble before does not mean that nothing will be uncovered in the next examination. Exams are becoming more intense, and examiners are holding higher expectations. Confidence that breeds complacency is dangerous. Another common pitfall is getting distracted away from the fundamentals by the latest new regulatory requirements. Community bank leaders and compliance officers tend to focus their compliance efforts on a handful of “hot topics” that are generating the most discussion across the industry. The reality is that most EAs are a result of poor adherence to mature regulations. Paying attention to the old standbys can dramatically reduce your chances of being caught in the regulatory cross-hairs. Failure to modernize thinking. Examiners have shifted their focus from determining whether or not banks are compliant with specific regulations, to how financial institutions are managing compliance and risk. This practice has caught off guard those community banks that have failed to invest in systematic compliance management. Many community institutions still try to tackle compliance one regulation at a time. The futility of this approach becomes apparent, considering that there are more than 13,000 unique requirements in the Code of Federal Regulations. What examiners expect to see is a system in place that easily and quickly prevents, detects and corrects compliance risk as it arises. They understand that compliance is an ongoing process, not a zero tolerance game. Today’s community banks need to modernize their thinking around compliance and focus on systematically enforcing regulatory requirements, while minimizing risk. Failures to modernize technology. The path to noncompliance is paved with spreadsheets, intensive manual processes and paper-based systems. It is imperative that banks leverage technology to automate the compliance process. Systematically enforcing compliance across the organization cannot be done by a small group of people. The topics have grown too big and too broad to be contained into this siloed approach. New technology allows banks to automatically assign tasks across the organization. Risk identification and When Good Compliance Goes Bad About the Author Pam Perdue is executive vice president, regulatory insight, for Continuity Control, New Haven, Connecticut. She previously served as chief compliance strategist and has more than 20 years of regulatory industry experience. A graduate of The Ohio State University, Perdue has worked as a federal examiner, chief compliance officer, educator and consultant. The author can be reached at 888-932-6759, ext. 201, email: Pperdue@continuity.net. Continuity Control is an associate member of the Indiana Bankers Association and an IBA Preferred Service Provider.
RkJQdWJsaXNoZXIy MTg3NDExNQ==