<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">

3 Lessons Learned from the ABA Regulatory Compliance Conference

7 min read
Jun 19, 2019

Learn three essential trends shaping the compliance industry we've discovered after speaking with industry pros, compliance officers, lobbyists and regulators! These three key takeaways are important for every banking compliance professional to consider as they move forward in a rapidly changing regulatory environment.

It’s been one week since the ABA’s annual Regulatory Compliance Conference in New Orleans, and what a wonderful conference it was. We’ve now had some time to process, reflect, and internalize some of those lessons learned, and we're excited to share them with you!

In this post, we will share 3 essential insights gained from the annual ABA Regulatory Compliance Conference.

If you were with us in New Orleans, we’d love to know what you think of these 10 takeaways. Do they align with what you experienced? Even if you didn’t attend, we’d still be very interested in hearing from you about how these trends relate to your role. Please leave your thoughts in the comments section below!

1. New Roles for Compliance Pros

Throughout the conference, we heard compliance professionals and speakers discussing the changing role of compliance in financial institutions nationwide. In general, it appears that compliance professionals are taking on a more strategic and integrated role in their financial institutions.

The incredible Patti Blenden, CRCM, gave a smart and savvy presentation about the tools compliance professionals need to be successful in a changing environment. One of her main points was that, no matter how much the regulations change, you will need the same skills to navigate them. These skills – including persistence, positivity, pluckiness, and preparedness – are absolutely necessary for you to continue to manage the challenges of your role.

Other sessions, such as “Next Gen Compliance Management Systems: This Ain’t Your Grandma’s CMS,” discussed how compliance professionals’ mindsets must evolve as the approach to compliance also changes.


It was also interesting to hear from compliance experts that, even with deregulation in some areas, compliance remains a priority for the agencies and financial institutions. In this ecosystem, more and more financial institutions appear to be evaluating compliance less as a cost center, and more as a valuable safety resource in their growth planning.

As mentioned above, this changing compliance role is also reflected in the new approach to compliance management. We’ll discuss that changing approach next.

Related: 7 Tips for How to Respond to Bad Compliance Exam Results

2. Changing Approach to Compliance Management

There were a few different sessions on the changing approach to compliance risk management at the #ABARCC19. Many of these focused on your Compliance Management System, or CMS.

According to the FDIC Examination Manual, your CMS is how your institution:

  • Learns about your compliance responsibilities.
  • Ensures that employees understand those responsibilities.
  • Ensures that requirements are incorporated into business practices.
  • Reviews operations to ensure responsibilities are carried out and requirements are met.
  • Takes corrective action and updates materials as necessary.

In the “Ain’t Your Grandma’s CMS” session mentioned above, the following key takeaways were presented:

  • “The future of CMS will see new roles and specialties emerge, as greater emphasis is placed upon organizational culture, behavior and outcomes and technology enables a more data-centered view of risk management.”
  • CMS technology will continue to mature as more institutions embrace standardization and automation of their governance, risk and compliance management efforts.”

However, this was certainly not the only session dealing with CMS strategies and change management. A central concept in these sessions is the Third Line of Defense.

The Third Line of Defense framework is a new way of conceptualizing your CMS. The three lines of defense are:

  • First Line: Front-line employees who must understand how their roles, responsibilities, and actions relate to risk. They are expected to follow a systematic risk process, apply internal controls, and more to address the risks associated with their transactions.
  • Second Line: The compliance and risk functions are the second line of defense, providing independent oversight of the first line’s risk management activities.
  • Third Line: The third line of defense is the internal and external reviewers and auditors who report independently to senior committee(s) responsible for representing the stakeholders on risk-related issues.

The Three Lines of Defense are important for ensuring that your institution has a healthy culture of compliance and efficient, streamlined risk management approach.

Implementing a successful CMS with three lines of defense can be challenging and frustrating. (That became very clear in speaking with the bankers during the ABA RCC.) However, there are certainly ways to make it easier and more palatable for everyone. One tip: focus on risk exposure, and start where that exposure is the greatest. That way, it’s easier for all employees to understand why the three lines of defense truly matter.

We’ll be spending a lot more time talking about CMS strategies and the third-line of defense in future posts. If this is of interest to you, please let us know!

Now that TRUPOINT and Ncontracts joined forces, there are a plethora of ways that we can serve you. From Fair Lending analysis software to a brand-new CMS tool, we have the solutions you need to ensure compliance success.

[News Alert: Ncontracts just released a new CMS tool, called Ncomply! Read the press release here.]

3. Major Changes to Fair Lending and UDAAP Compliance

We weren’t necessarily expecting to focus so much on Fair Lending compliance during this ABA RCC, but looking back, it seems somehow inevitable. Many of the sessions dealt with Fair Lending compliance, directly or indirectly.

business documents on office table with smart phone and digital tablet and graph financial diagram and man working in the background

Below are a few of the super-hot compliance topics that related back to Fair Lending. To keep this short and sweet, we’ve provided updates in bullet points:

  • Challenges and Risks with the New HMDA Data
    • Without peer data, conducting Fair Lending analysis can be difficult. However, you can create your own peer information for internal purposes.
      • We will be publishing a post about how HMDA Analytics uses peer data in this new regulatory environment soon. Bottom line: we will use updated peer data for your ongoing monitoring and analysis.
    • With the new HMDA portal, anyone can access your HMDA LAR without your knowledge. This means you won’t have any warning if a journalist or community group is looking at your data.
  • Digital Advertising and Fair Lending Risk, with a Side of Redlining
    • Digital advertising presents risk particularly in how you target your audience.
    • It is especially important to document your risk and how you manage it in this area. The documentation should be substantive and reflect your true understanding of digital marketing risks.
    • Spend time with your marketing technology vendors. Often, they don’t understand banking compliance risk and it’s your job to help them.
    • It’s wise to have a policy outlining employee social media use and monitoring.
    • Analyze your ads for risk consistently. If an ad campaign excludes a certain group or part of your market, consider running a gap campaign to address that group.
    • Digital Redlining is a persistent risk with digital marketing and advertising.
  • Updates to the Fair Debt Collection Practices Act
    • The FDCPA is getting updated after 40+ years.
    • The CFPB is focusing on providing “consumers with clear protections against harassment by debt collectors and straightforward options to address or dispute debts.”
    • There would be clear thresholds for the number of calls that debt collectors may make to reach consumers on a weekly basis, and other standards for how communication is permitted.
  • Regulatory Reform of the Fair Housing Act
    • HUD is working to update the Fair Housing Act, and the CFPB is probably going to follow their lead.
    • The President directed the Secretary of Housing and Urban Development to reform HUD’s programs, the FHA, and the Government National Mortgage Association (GNMA).
  • CRA Modernization is (Still) on the Horizon
    • Regulators are now working on a Joint Proposal, which indicates alignment. This is a positive sign for CRA modernization.
    • This Joint Proposal is expected later in the summer.
    • CRA is also a topic of interest for Congress, and interest tends to be business-focused even among Democrats. Congressional focus could also mean that interesting pieces of reform piggyback on other legislation.
    • Community groups are pushing for Community Benefit Analysis before any M&A activity. They’re also focusing on gentrification.
  • Consumer Complaints Highlight Fair Lending and UDAAP Risks
    • Most of the UDAAP and Fair Lending sessions stressed the importance of complaint management. This includes monitoring, tracking, trending, and responding to consumer complaints.

  • Maxine Waters and the New Left Wing
    • Representative Waters (D-CA), Chair of the House Financial Services Committee, is focused on promoting diversity and inclusivity. She created a subcommittee to support this agenda.
  • Redlining Remains a Focal Point in Exams
    • Some examiners are asking for non-reporters’ HMDA data to evaluate Redlining risk.
      • If you’re a smaller institution, you may want to consider TRUPOINT Redlining Analytics so that you’re as or more knowledgeable than your regulator.
    • REMAs continue to attract a lot of attention. It’s important to make sure your REMA is not contributing to Fair Lending or CRA risk
  • Consider "Conduct Risk Assessments"
    • Your financial institution’s employees could present risks to your financial institution, including Fair Lending risk, based on their conduct.
      • For example, if a loan officer is posting racially charged content to their personal or professional social media accounts, it could present risks to your financial institution.

And those are just a few that spring to mind. We could spend an entire blog post on each of the above topics – and we still might!

An important takeaway is that, even though Fair Lending enforcement has seemed quiet in 2017 and 2018, that may change in 2019 and beyond. We’ve already seen two Fair Lending-related actions this year:

(We’ll be writing more about those in the future).

Remember that we specialize in Fair Lending, HMDA, CRA, and UDAAP compliance. Even as HMDA data undergoes changes, it is absolutely essential to know your Fair Lending and Redlining risk! With Fair Lending Analytics and Redlining Analytics, our compliance analysis software, we can help.

Fair Lending was certainly not the only area seeing major changes. There were a lot of regulatory hot topics discussed at this conference. Some of the hottest topics discussed were:

  • Cannabis Banking
  • Flood Insurance
  • Conduct Risk Assessments

We also will be doing deeper dives into each of these areas in the coming weeks. Keep your eyes open for those posts!

Tell us what you think of these major trends and changes in the comments below! We had a ball spending time with you all in New Orleans, and are so grateful to have the chance to serve you.

Discover even more about Regulatory Compliance Management Systems, including why your FI needs one!


Subscribe to the Nsight Blog