the need for adequate resources (staff, technology, software, etc.) to meet those obligations. The federal banking supervisors have identified a number of risk categories they expect financial institutions to monitor and manage. Compliance is an important factor in at least a few of the following recognized classifications: • Compliance risk: Identified first by the Office of the Comptroller of the Currency (OCC) as a separate risk category, this is the risk to earnings or capital from violations of the requirements of laws, regulations, prescribed practices, ethical standards or other rules. This risk can also arise in areas of uncertainty where laws or regulations are ambiguous or untested. Compliance risk is one part of the “legal risk” identified by the Federal Reserve Board (FRB) in its risk rating system. • Transaction or operational risk: This classification of risk is recognized by regulators in their published standards. It is the risk to earnings or capital from problems with service or product delivery and can arise from inadequate information systems, operational problems, breakdowns in internal controls, fraud or unforeseen disasters. • Reputation risk: Negative public opinion or publicity can lead to risk to earnings or capital through litigation, decline in customer base, revenue reductions, reduced ability to offer competitive products, other financial loss or reputation damage. The prudent financial institution will strive to avoid problems in these areas (and other risk categories identified by the banking supervisors). An important component of this risk-avoidance process is training for all employees that is appropriate to their particular jobs, and it must include compliance issues that affect them. Effective compliance training also supports another ideal of compliance management in the current era — decentralizing and fixing accountability for compliance performance standards. It is most effective and efficient for a financial institution to “push down” responsibility for compliance performance as close to the front line as possible. This has to involve a buy-in by line managers and staff. But you cannot expect them to see the importance of these issues if you do not provide them with adequate information. Neither can you expect them to perform well if you have not given them the tools and knowledge needed to succeed. Good training furnishes the information necessary for the accomplishment of that goal. Who and What To Train The first order of business in structuring a compliance training program is to assess the needs of the institution. Among the questions you should ask in this exercise are: • What types of products and services are offered? • What regulations impact these processes? • What is the current knowledge level of the staff involved in these various areas? • How much turnover or migration within the institution occurs? • Where have problems been identified in the past by compliance monitoring, audits and examinations? • What is the pace of new product development and introduction? • What are the areas where regulatory change is occurring (and expected)? • Where are the risks to the institution? • Which risks are higher priorities? These are at least some of the questions that must be answered in this initial assessment phase. Actually, the needs assessment should be an ongoing, dynamic process since neither the institution nor the regulatory environment is stagnant. One result of the needs assessment will be a list of laws and regulations that must receive particular emphasis in the compliance training to come. This list will likely include Truth in Lending (Regulation Z), Fair Lending (Regulation B and the Fair Housing Act), Real Estate Settlement Procedures Act (Regulation X), flood insurance and other laws and regulations for lending training. Deposit and operations topics likely will include Truth in Savings (Regulation DD), Expedited Funds Availability (Regulation CC), Electronic Fund Transfers (Regulation E) and the Bank Secrecy Act (BSA), among others. Another product of the needs evaluation will be a listing of departments, functional areas and job positions that should be targeted by compliance training. This list should include loan officers, underwriters, originators and other customer-contact and loan documentation staff in the lending area. Deposit personnel who need to receive compliance training, include customer service representatives, tellers, new accounts staff, bookkeeping personnel and all other customer-contact staff. Choosing Format and Media Once the “what” and “who” have been ascertained, then you can move on to how you will do it. Here you have a wide variety of choices and decisions: • Will you handle the training internally, or will you use outside trainers or events (seminars, schools, etc.)? • Will you use online programs, classroom-style sessions or individual consultations? • Will compliance training be presented separately or integrated into other job-related instruction? The teaching method selected will depend a lot on the culture of your institution. Is individualized, on-the-job type training Education of the bank’s board of directors, management and staff is essential to maintaining an effective compliance program. 20 In Touch
RkJQdWJsaXNoZXIy ODQxMjUw