<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">

Weigh the Risk Before Cutting These Key Costs, OCC Says

author
2 min read
Nov 19, 2020

Faced with difficult economic conditions, many financial institutions are tempted to cut costs to maintain their margins—but not every cost-cutting measure saves money.

The Office of the Comptroller of the Currency (OCC) is warning banks to be careful when cutting funding for key control functions and processes. These are the areas the OCC says should be maintained to ensure sufficient risk management oversight:

    • Risk management
    • Audit
    • Compliance
    • Staff development

“Cost-cutting considerations need to be carefully balanced with a proper control and testing environment as well as risk management practices that can prevent increased losses,” the agency writes in its Fall 2020 Semiannual Risk Perspective.

Related: Ammo for the Budget Battle: 7 Reasons Why Risk Management Delivers ROI


The OCC says this is especially important as the continuing work-from-home environment has increased “controls risk,” or the risk that controls will fail to detect problems. This is especially true for security controls. (What does the OCC say are the top risks of 2021? Find out).

Emerging Risk Management Issues: New Payments Technologies

Meanwhile, financial institutions need strong risk management to help manage technological and operational changes to their business processes as new and innovative products and business models.

The OCC highlighted new payment channels as an emerging risk, in particular. It notes the movement toward real-time and faster payment offerings are making the operational environment and change management increasingly complex, introducing increased risk in areas such as fraud, terrorist financing, or operational errors. Third-party vendor management in this, and other spaces, will remain an ongoing risk management concern.

“As the processing of payments evolves and new entrants are introduced into the payment ecosystems, it is important that bank’s risk management and controls keep pace with this change,” the OCC notes. Necessary controls will oversee the integrity, timeliness, security, and resilience of payments of all kinds.

Related: What are the Three Lines of Defense in a Compliance Management System?

 

Operational Risk Leads MRA Concerns

While continuing to invest in risk management and controls while operating in an environment of increased risk may seem like a no-brainer, it’s clear not everyone has been getting the message.

A brief look at current Open Matters Requiring Attention (MRAs) broken down by risk shows that operational risk is the leading MSA concern (41 percent) and compliance comes in second (23 percent). A strong audit program is a valuable tool that can help ensure proper risk and compliance management—though it’s no substitute for an effective compliance management system and a good enterprise risk management program.

occ graph-1

Source: OCC

As financial institutions look ahead to these and other developments, sufficient and appropriate risk management will be a necessary tool. From the increased compliance responsibilities created by government efforts to respond to the COVID-19 pandemic to the unknown risks created by today’s uncertain economic and operational environment, risk management will continue to be essential to maintaining safe and sound institutions.

As the OCC warns, “Banks should ensure that their strategic planning and risk management processes are sufficiently robust to be able to adapt to this changing environment and manage, partner, or compete with new entrants as needed.”

Read also: Fair Lending in the Time of COVID: Trends from the CFPB & OCC

Are your strategic planning, risk management, compliance, and audit functions aligned? Download our on-demand webinar Kumbaya: Bringing Together Risk, Compliance, and Other Business Units for best practices on creating a risk

 

management culture and a continuous and streamlined risk management program.M in CAMELS risk management

 

Related: Creating Reliable Risk Assessments


Subscribe to the Nsight Blog