5 Key Insights Every Compliance Officer Should Know
After spending a week with some of the compliance industry's leaders, we learned a lot about the compliance landscape. We've made it easy for you to gain these key insights too, regardless of whether you were able to attend. Here are 5 key takeaways that every compliance professional should implement.
We had a great time at this year's ABA Regulatory Compliance Conference in DC. It's a wonderful opportunity to engage with some of the leaders in compliance and share insights.
After returning to Charlotte, we gathered and reviewed some of the major ideas discussed at the conference. Here, we've summarized the recurring themes we observed into these 5 key takeaways:
1. Know Your Business Model
A good basic reminder has been discussed in several different panels: Know Your Business Before Compliance! Compliance starts with a strong knowledge of the business (product, business line, geography, etc.). Compliance cannot be effective if there is a business knowledge gap. It seems simple, but this “basic business knowledge” can be an overlooked step.
2. Understand Big Data
"Big data" is a popular term, but it has different definitions depending on who is talking and what they're talking about.
At the conference, one session defined Big Data as applying additional non-bank originated characteristics to an individual's profile. For some, this use of Big Data may bring fair lending risk if your institution is using the appended data to market or underwrite. Compliance should work with department heads to clarify the unique definitions of “Big Data” and how its use may impact consumer regulatory compliance (e.g. ECOA).
Again, compliance starts with understanding the underlying business practices.
3. Actively Manage Complaints
The art of complaint management has been mentioned in many of the breakout sessions. If you do not have a formal complaint management policy and procedure in place, now may be the best time to implement one.
The general informal consensus of participants is that the old saying “we don’t have any complaints” won't fly with examiners if you do not have a process to identify and track them. How do you know you don’t have any complaints if you have no training or process to track and report complaints? If you do have a policy in place, how are you testing it? Does your front line truly employ it? How are you monitoring the data and sharing with management?
4. Develop Lines of Defense
Compliance is a team sport. A successful compliance management system and culture cannot be dependent upon a single Compliance Officer or Compliance Department. Successful compliance requires both informal and formal team work. Throughout the conference, this idea was conceptualized as "lines of defense."
Your first line may be the front line staff and their management (e.g., underwriters and underwriter management). The second line may be compliance team, which includes policies, procedures, training, reporting, and review. The third line may be your internal audit.
Each financial institution may have unique definitions for your "lines of defense," but the theory remains the same: creating formal lines of defense creates structure where ownership of compliance is shared well beyond the compliance department. It is up to compliance to empower others to help develop and support the lines of defense.
5. Online Training is Not Enough
It has been stated repeatedly this week. Financial institutions should not rely solely upon online training to help team members to understand the regulations, the firm’s plans to comply, and how it impacts the individual’s role.
We certainly see this issue when we conduct risk assessments with front-line personnel. They are overwhelmed and tend to struggle to understand how to apply the generic training to their day to day activities. Consider: How do you test knowledge? How do you reinforce? How do you test comprehension after the training? Click here to get a sample training hierarchy that may help you with your training plan.
Ncontracts Viewpoint: Maybe the most important observation from the week is how valuable peer conversations can be to all of us. Compliance is not always black and white; there can be a lot of grey. Discussing best practices and sharing observations can expedite the learning curves and improve our efficiencies. Thanks are due to Chris Capistrant and the ABA for a great platform to learn and grow!
These are just a few of our observations from the ABA Regulatory Compliance Conference. Whether or not you attended, we would love to hear from you, and learn more about trends you see in the industry. What are your priorities? What concerns do you have? Click here to get in touch.