By Darlia Fogarty
The board believes the compliance officer has been given adequate policies, training and staff to ensure the bank will not encounter any issues when the regulators arrive for the compliance exam. So the exam should be a non-event right?
Let’s talk about the process of an onsite visit. For the staff involved, the onsite regulatory visit can be painful to endure, but it is necessary to ensure the safety and soundness of the bank. An overlooked mistake could be minor in the overall scheme of things; however, in the worst-case scenario, it could cause major penalties up to and including personal liability for the board.
So how do you know whether your bank is ready for an exam? How do you determine whether you’re conducting the proper periodic maintenance and routines to keep your compliance programs as effective as possible? The answer is simple by examiners standards: by exercising proper oversight of these programs at the board level. If only there was a definite way to determine what the regulators deem “proper” oversight. Oversight is carried out by reviewing the right reports with the right content at the right times.
The board must ensure that they are being given solid, accurate information to carry out their fiduciary duties as well as to make informed decisions. One way to do this is to demand quality reports at specified intervals. Reports that are inaccurate, incomplete or delivered too infrequently may conceal weaknesses that should be addressed. Reports should occur at three basic intervals: monthly, quarterly and annually.
Monthly reports should focus on the execution of the board’s policies by delivering performance data and metrics. These reports should cover frontline activity and clearly demonstrate whether the day-to-day work of compliance is being done on time and accurately. Monthly reporting should expose where weaknesses may exist, and state the corrective actions being taken to remedy the deficiencies.
Quarterly reports should focus on trends and analytics that demonstrate whether risk exposures are increasing or decreasing. The quarterly report gives insight into how the compliance program is functioning over time. These reports should contain information about regulatory trends and upcoming or changing rules in addition to considering the environmental and operating conditions that could affect the bank’s progress and performance.
These reports should also summarize the results of compliance monitoring activities that occurred during the quarter and which activities are planned in the quarter ahead. This data allows directors to conclude what, if any, internal events or changes will influence the bank. In general, these reports show the up-to-the-minute state of preparedness for exams and audits.
Finally, annual activities such as audits or third party reviews generate reports on the compliance program’s effectiveness. This annual look-back reflects how well the bank kept its risk exposures to acceptable levels. These types of reports often detail the overall effectiveness of the senior management team and compliance management in carrying out their responsibilities. These reports take an independent look at the program to gauge its effectiveness, efficiency and performance over a historical period.
That being said, remember that, if the reports are not accurate or are considered to be inadequate, the reports will be of no benefit. When reviewing your bank’s reports, keep in mind the following signs that should alert you to ineffective reporting:
- Reports that are too long or too detailed. Key points cannot be extracted when the volume of information presented buries the real meaning.
- Reports that state only facts but provide no analytical statements or ratings. The board needs to understand whether the data being presented is positive or negative.
- Reports that fail to identify the root causes of weaknesses. Failure to identify the root cause delays the implementation of corrections.
- Reports that identify the root causes of deficiencies, but do not suggest appropriate corrective action. Solutions should be offered in reports.
- Reports that only emphasize weaknesses and ignore strengths. Focusing only on the negatives may inappropriately exaggerate the scope or materiality of an identified problem.
- Reports that do not reflect the materiality or severity of an issue. Treating every issue uniformly is a sign that perspective may be lacking. The report should clearly identify whether or not the issue is systemic or isolated.
Oversight of a compliance program that can withstand not only regulatory scrutiny, but the changing economic environment and regulatory conditions is a tough assignment. Proper reporting ensures proper maintenance of the compliance program, and a well-maintained program that can be clearly communicated to examiners is the key to passing the exam.
Compliance Alliance is committed to providing resources for our bankers to assist with compliance; from keeping up with the changes, all the way through the reporting. Contact Darlia directly at (888) 353-3933.
Darlia Fogarty is the director of compliance and COO for Compliance Alliance. Founded in 2011, Compliance Alliance is the only banking industry compliance resource that is owned, operated and managed by 28 State Bankers Associations.
Based on the needs of community bankers, Compliance Alliance provides its members an all-inclusive set of bank compliance tools and services that help them stay up-to-date with consumer and regulatory requirements.
Members of Compliance Alliance receive:
- Access to an extensive collection of community banking compliance resources created specifically for them by industry experts.
- A hotline for compliance-related concerns.
- Reviews of company advertising or marketing campaigns, policies, procedures, disclosures and new products.
Compliance Alliance is the only banking compliance resource in the market today that includes all of our products and services in our annual membership fee with unlimited access to all member employees of our subscribing banks.
