<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">

11 Can’t-Miss Compliance Management Tips From Top Compliance Officers

4 min read
Sep 24, 2020

Happy National Compliance Officer Day to all our readers in the compliance department! We’ve been celebrating your contributions all month long with a comic, blog posts (7 Ways to Cut Costs & Still Stay Compliant, Top 10 Reasons Compliance Officers Deserve to Be Celebrated), and a giveaway.

We even got one of your favorite cast members from The Office to present you with a Dundie!

Now we’re closing out the month with some of the top takeaways from our webinar Ask Me Anything Q&A: Compliance Managers Tell All.

What are your compliance peers seeing? What are the latest tips and tricks for making compliance more effective?

Here are 11 key takeaways: 

  1. When it comes to monitoring, touch on every regulation at least once a year. Create a compliance monitoring schedule based on regs and every month sample test specific regulations. Some regulations are high risk or relate to exam or audit findings or comments and require daily or monthly monitoring. Others are low risk and only need to be looked at once a year. If there’s a new rule, make sure to revisit it more often in the beginning just to make sure the changes stick.

  2. Keep up with training. It’s important to receive as much training on key regulations as possible. Even if it’s an old regulation, regulators often have a different focus each year as they find hot new areas. When it comes to Fair Lending, HDMA, Truth in Lending, and flood, there can never be too much training. Try to set aside an hour a week just for training.

  3. When it comes to documenting oversight, regulators love minutes. One compliance officer provides a summary compliance monitoring report to either the compliance committee or the board’s compliance committee each month. It includes a summary of findings, any root causes, and recommendations for courses of action. It also addresses CRA and BSA dashboards, regulatory complaints received, and actions taken. Make sure someone is taking minutes from these meetings and that person knows what regulators will be looking for in those minutes. Make sure the minutes document the reaction of the board and management.

  4. If you’re having trouble getting the budget you need for technology and tools, give management a cost-benefit analysis. Management responds to hard figures. Conduct a cost-benefit analysis to show bottom-line savings in dollars and efficiency gains. Take efficiencies, equate them to hours, and then equate them to dollars.

  5. CRA and privacy are two areas where compliance officers would like to see some rulemaking or guidance. The web of state privacy laws is cumbersome and scary for compliance departments, which compliance officers have to track and implement. CRA could also benefit from more consistent guidance.

  6. If management ignores your recommendations, document the decision and move on. You don’t need to go to battle with them. Management ultimately makes the call on compliance. If their decisions contradict your recommendations, document their decision for your protection.

  7. When trying to balance innovation with compliance, someone always seems to ask what would happen if the FI violated a rule. The best answer is to walk them through the ROI calculation on noncompliance. Present the penalties for ignoring a rule using as much factual information as you can find. If you do ROI calculation on noncompliance, 99% of the time they will find the cost of violating a regulation, whether its reputational risk in the community or actual cost of litigation, findings, and resolution, will exceed the cost of proper controls to mitigate noncompliance. Some compliance officers have had luck reviewing the budget and asking how many settlements and judgments the FI can afford. Before decision-makers go forward, make sure they understand where the risks are and state that they are willing to accept them.

  8. When you make a mistake, disclose it to the regulators. There are two types of violations: willful disobedience and honest mistakes. When your FI makes a mistake, own the mistake and show what was done to fix it. The consequences are much worse if you don’t tell examiners and they find the problem. Regulators understand violations happen and would rather you be open about them.
  1. Examiners say they will give grace when it comes to needing time to get materials together, but compliance officers aren’t seeing any change in monitoring requirements. The trend observed by compliance officers is that regulator demands for documentation haven’t changed.
  1. Compliance officers need to keep an eye on the compliance ball because management is focused on other areas right now. Management has an especially full plate, including working through deferment requests. Compliance is probably not top of mind. Be the compliance eyes and ears your management team needs to make sure compliance remains at the forefront. When it comes to credit quality, regulators are saying they won’t criticize decisions as long as they are well thought out and documented.
  1. Start reviewing CFPB exam manuals if you are anywhere close to $10 billion in assets. The CFPB is an exacting regulator with a very granular exam scope. From marketing materials to BSA and especially for consumer protection, if you think you’ve seen it all, you haven’t.

    Prepare for CFPB oversight by looking at the CFPB exam manuals to see the products and services effected and ensure your FI is complying with how the CFPB wants to see things. It’s especially important to have controls in place and are strengthening enterprise risk management (ERM), compliance, and internal audit programs so the three lines of defense are ready.

New call-to-action


Related: What Is A Compliance Management System And Why Your FI Needs One


New call-to-action

Subscribe to the Nsight Blog