The BANK BOARD Letter Edited exclusively for directors of financial institutions and their holding companies march 2016 A SIX-POINT PLAN TO EASE THE COMPLIANCE BURDEN By Pam PErduE T he mere mention of the word “compliance” can incite fear or contempt. But new discoveries about how compliance can be made reliable, transparent, predictable and repeat-able are happening every day, as “regtech” breaks off from fintech as its own category. In a sea of rules, compliance tasks are daunting, but focusing on the six objectives of compliance management turns that chaos into order. Compliance should be a series of repeatable steps that are standardized and interconnected across the banking organization. Yet too many financial institutions use an ad hoc approach to compliance Ð a spreadsheet here, a checklist there and the occasional Outlook calendar re-minder. Compliance isn’t centralized and the institution is constantly scrambling. It shouldn’t be this way Ð and it isn’t for institutions with a good compliance management system. I’m not talking about software Ð though that may be part of the solution. I’m talking about a financial institution’s over-all methodology for managing regulatory compliance. That includes everything from policies, procedures and processes to board and management oversight to regular audits. What does an effective CMS look like? It all boils down to an institution’s ability to meet six key objectives: Then the financial institution needs specific and actionable policies, procedures and processes for each applicable rule. This includes risk assessments, compliance monitoring processes, auditing protocols and other standards. Everything must be reviewed by the board on a timely basis. 2. Keep Up wiTh applicable regUlaTory changes. In the first three quarters of 2015 there were 5,480 pages of regulatory changes. A good CMS has specific procedures and processes in place to quickly and accurately identify and inter-pret regulatory changes Ð avoiding the mayhem of tackling changes on a rule-by-rule basis. Best practices include a cen-tralized, top-down approach with easily duplicated steps that efficiently implement rule changes across the organization. 3. MaKe sUre everyone UndersTands Their regUlaTory responsibiliTies. Employees must understand their responsibilities in meeting regulatory requirements, be trained in the appropriate poli-cies and procedures specific to their positions and execute them properly. In a good CMS, the financial institution identifies every component of responsibility and assigns accountability for compliance to a particular role inside the institution. Every role should be given assignments Ð the actual activities that must be completed, including training, procedures, checks and validations. There also needs to be a visible reporting system where em-ployees are reminded of pending compliance assignments and management is fully aware of which tasks have and haven’t been done. Ideally, employees are assigned responsibilities, compli-ance tasks are automatically cued at the right time and there is proper documentation. 1. UndersTand The regUlaTions ThaT apply To The financial insTiTUTion. There are more than 14,000 citations in the Code of Federal Regulations, and regulators expect each institution to ana-lyze every rule to determine which areas of each regulation apply based on charter, size, complexity and products and services offered. Premium Digital content: 1. Banking marijuana: what Fis need to know 2. community Banks testing Variety of mobile Pay Strategies 3. Fourth-Quarter Bank Profits Rise Nearly 12 Percent 4. ABA Committee Forecasts 2.3 Percent growth 5. CFPB Urges Checking Options to Help Consumers Avoid Overdrafts go to www.theBankBoarDletter.com to reaD the exPanDeD Digital eDition.