Committee Can Help Manage Compliance
By Tom Thomas
As the focus on compliance increases, bank executives should rethink their compliance management structure – and strategy. The goal should be to find the most cost-efficient ways to ensure that the ever-rising expectations of regulatory authorities are met.
Perhaps surprisingly, the committee approach may be your best bet:
• The days of centering compliance management on one individual are gone;
• Compliance efforts must be enterprise-wide and risk-based to avoid regulatory criticism, potentially costly penalties and reputation risk from bad publicity; and
• Compliance management will remain a key component of your overall risk management efforts. In fact, the stakes keep getting higher.
What matters, of course, is a convergence of bank compliance strategy – i.e. a combination of how you will approach federal compliance requirements and the amount of risk you are willing to accept – and compliance oversight and management. (As many CBA members know, TCA can help bankers develop a cost-effective, risk-based compliance management strategy. Just call our toll-free Compliance Hotline, (800) 934-7347.)
Finding better ways to align your bank’s compliance management and strategy will help ensure that your bank’s compliance program is recognized by federal examiners as proactive, dynamic and comprehensive. Examiners in particular like the “proactive” part.
Compliance committees, although not a novel idea, can be a surprisingly good way to bring appropriate managers together to focus on the compliance aspects of their jobs – and the overall compliance risk for the institution.
Your compliance committee should consist of key staff members selected by management and, where appropriate, management itself. Committee members should have lending, retail banking, operations, finance and human resource expertise that will help the compliance officer during periodic reviews – and help implement corrective procedures if deficiencies exist.
Although the concept is a bit intangible, the compliance committee typically is charged with the task of helping to instill a compliance culture throughout the bank. TCA has found that the compliance culture happens naturally, as the compliance officer and the committee raise awareness of federal compliance requirements and the bank’s commitment to an effective compliance strategy.
The compliance committee should be responsible for providing regulatory guidance, designing compliance procedures and assisting independent compliance consulting firms such as TCA. Although it is the compliance officer’s responsibility to ensure that regulations are implemented in a timely manner, the compliance committee is an effective way to delegate responsibility to where it may be needed.
The committee should meet at least quarterly. Minutes should be forwarded to the secretary of the board of directors or to the board’s audit committee for review and inclusion in the board package. Review of the compliance committee minutes by the board should be noted in board minutes.
The committee setting is also an excellent forum for compliance-related education – for both general knowledge of issues that affect a particular operations area, and as a means to keep management and staff up-to-date with evolving or new regulatory requirements. In fact, compliance training often starts with committee members.
We believe that educating staff is an important, often overlooked function of compliance management. One way to enhance the compliance education process is to have the compliance officer provide the committee with information about one compliance regulation or rule per meeting. The compliance officer should prepare a write-up on each topic; the write-up should include the following:
• A summary of the regulation,
• A description of how the regulation affects the bank’s operations,
• A description of the risks associated with non-compliance,
• A review of the bank’s approach to compliance with the regulation being discussed, and
• Suggestions for updates or changes to the bank’s approach.
This information should then be taken back to individual departments. This “trickle down” form of education will help keep compliance in the forefront, increase knowledge at the department head and staff level, and help get people thinking about ways compliance management is affected when procedures change or new products are introduced.
The compliance officer also can call upon the institution’s compliance committee to help:
• Develop and implement policies and procedures designed to prevent compliance violations;
• Develop and implement ongoing monitoring systems to identify, log and report to department managers, the president and directors any violations of laws, rules and regulations, and other noncompliance with the bank’s compliance policies and procedures;
• Develop and implement a process which assures the timely correction of identified violations of all applicable laws and regulations;
• Develop and implement a training program which assures that appropriate staff maintains a satisfactory level of knowledge of laws, rules and regulations; and
• Develop and implement a communications process that assures the dissemination, collection and reporting of compliance laws, regulations and compliance policies and procedures to the appropriate department manager.
Whether your bank is creating or reviving a compliance committee, the guidelines here will help to ensure that you get maximum return for your efforts.
Tom Thomas is managing principal and CEO of TCA, the Thomas Compliance Assoc., based in Chicago. For more information, call (800) 934-7347.