<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">

Is Your Compliance Program Reactionary or Proactive?

7 min read
Aug 1, 2018

In this post, you'll learn how to tell if your regulatory compliance program is reactionary or proactive! You'll also learn why compliance is still critically important, and ways to improve your lending risk management.

binocularsA couple months ago, we wrote an article myth-busting certain rumors that were floating around the regulatory compliance industry. One of the myths that we highlighted and subsequently “busted” was that “regulating agencies will be more relaxed towards compliance.” In the earlier piece, we discussed what was actually going on with the new legislation and how it isn’t quite the “gutting” of Dodd-Frank that was expected by some (you can read the full post here).

One of the key points was that “some experts have indicated this deregulation may open the floor to other federal agencies  to 'flex their muscles' in order to prove their worth. Furthermore, state regulatory agencies as well as consumer advocacy groups are expected to pick up the slack" and focus on enforcement while the federal regulators focus on rule-making and deregulation."

Fast forward a little more than a month since these words were written, and we’re now seeing that this is exactly what's taking place.

In this blog post, you'll learn the potential risks of not prioritizing compliance, and a few tips for how to tell if your compliance program is reactionary or proactive.

Let's jump into the risks first...

Recent News Shows Risks of Not Prioritizing Compliance

community-fair-housing-groupIn a recent article, journalists reported on how Suffolk Federal Credit Union in New York had to settle its lending discrimination suit after actions taken by consumer advocacy groups. We also wrote about this last week; check out that blog post here.

As we’ve previously mentioned, these consumer advocacy groups appear to be getting more comfortable going after lenders for discriminatory practices by digging into their public data and finding disparities, leading to public scrutiny and settlements.

According to the article:

“The Suffolk Federal Credit Union reached a settlement with a housing group in a case over alleged lending discrimination against African-Americans and Latinos. The federal bias complaint charged the lender with unfairly treating minorities who sought information about mortgage loans....The nonprofit says it looked for discrimination by conducting field tests that involved having an African-American or Latino applicant ask for information about refinancing a loan or buying a first home -- and then having a slightly less qualified white applicant ask for the same information. In its complaint, LI Housing Services said that the white applicants received faster and better service.

The credit union denied charges of discrimination but said it reached a settlement because it was "in the best interest of our members to resolve this matter."

Community groups and local media are paying attention to housing and fairness (keep an eye out to learn more about this next week). Be proactive and make sure that you're conducting risk assessments on time, monitoring your data regularly, operating in a way that reduces risks, and maximizing opportunity and access for similarly situated individuals.

It is possible to achieve simultaneous goals of strong compliance and strong growth. As we've shared time and time again, good compliance is good business. For a real-life example of this, check out this case study, which shows how one compliance professional leverages his Redlining analysis to identify new sales and marketing opportunities.

If you know a community advocacy or fair housing group is looking into your performance...

React quickly! Efforts to improve and address their concerns (before those concerns go to court, if possible), is a sign that you're committed to serving your community. 


Let’s use an example from how punishment works with the NCAA. In the case of an NCAA investigation, for say improper benefits or academic misconduct, the universities under investigation will often impose their own sanctions before the NCAA ruling committee comes down on them. This doesn’t nullify any punishment that might come from the NCAA, although it can in some cases mitigate or lessen a punishment.

Some financial institutions are taking a similar approach by implementing stronger Fair Lending policies and practices outside of a settlement or regulatory enforcement action. These self-imposed improvements may be seen positively by community groups, the media, and the examiners. However, like in the case of universities with the NCAA, these financial institutions may still have to deal with additional penalties, if evidence is discrimination is found.

All of this goes to show that regulators aren't the only ones banks, credit unions, and mortgage companies have to consider when it comes to compliance oversight. These consumer advocacy groups are proving to have real sway.

The Important Difference Between Reactionary vs. Proactive Compliance


There is no hard-and-fast definition for reactionary versus proactive compliance, but you probably have a sense for the difference just based on the language.

In my opinion, a reactionary compliance program does not prioritize the spirit of compliance on its own; rather, it relies heavily on external motivations, like regulatory pressure or the threat of an enforcement action. While a reactionary approach to compliance may successfully address concerns, and may even meet the letter of the law, it does leave the potential for compliance to get de-prioritized when those external motivations change.

On the other hand, I define a proactive compliance program as one that embraces both the spirit and the letter of the law, and believes in the importance of risk management for its own sake. A proactive compliance program is likely to be more nimble and more sustainable, as the goals of the compliance program are aligned with and integrated into the internal goals of the institution as a whole. A proactive compliance program is less motivated by those external factors, and compliance is likely to be prioritized even when no one is looking.

Here are some questions you might ask to learn more about your compliance program:

  • Why do we have a compliance program in place?
  • Do all employees understand and internalize the importance of compliance?
  • Is my Board of Directors interested in compliance risks and how we're managing them?
  • Do my financial institution's senior leaders seem supportive of risk management efforts?
  • What are our compliance goals? Do they map to the overall strategic and growth goals?
  • Does the compliance team have access to enough resources to effectively address risks?
  • Does compliance seem like a valuable exercise?

To be fair, compliance is a difficult and complex burden to bear, so maintaining a proactive compliance program in all areas is extremely challenging. In addition, as we said above, it's possible for a more a reactionary compliance program to get the job done. It's just that as times change and regulatory requirements evolve, it seems that institutions with a proactive approach to compliance navigate those changes with more ease and less stress.

Another Nuance of Reactionary Compliance to Consider

A reactionary approach to compliance is kind of like a game of ping-pong. If you get a consumer complaint, you may focus there for a while. If you get a letter from a regulator, you might focus there. However, compliance pressure and scrutiny come from many sources - regulators, examiners, consumers, community advocacy and fair housing groups, journalists, colleagues, and competitors. For example, even if a regulatory exam goes well, these consumer advocacy groups aren’t going anywhere.


This means that you should always take steps to improve your institution's compliance program in order to prevent significant risks down the road.

There are many ways to have a proactive, conscientious approach to compliance, from risk assessments to monitoring, and more. Just as the community group did in the case of the settlement, some institutions take a proactive approach to compliance by hiring “window shoppers” or "mystery shoppers" who act as undercover agents in their own branches. They use the experience of these people in order to proactively seek out any instances in their process that may or may not be considered discrimination.

On the note of discrimination, it’s also important to realize the disparities don’t always signal discrimination. However, the only way to know is through the analysis of your institution’s data. It’s really the only way to say for certain whether those disparities are evidence of discrimination.

Taking preventive and proactive measures like this can help keep your institution’s cost of compliance low in the short run and the long run. Why risk having to pay a huge settlement or having to potentially close down branches when you can take proactive steps to stay in compliance? If you’re a financial institution, you must be able to tell your institution’s story by analyzing and monitoring your data for risk, and reviewing programs and policies.

Ncontracts Viewpoint: In order to comply and grow, your institution must be proactive and prepared to tell its story at any time - whether it's a journalist, consumer, community group, or regulator who is asking.

Right now, Redlining is an area of a lot of focus. If you haven't yet focused on your Redlining risk, now is as good a time as any to start, and we have just the resources to help you. Click here to see how one of our clients was able to use our Redlining Analytics in order to not only stay compliant but also to find new business opportunities for their institution.


Related: What Is A Compliance Management System And Why Your FI Needs One


Subscribe to the Nsight Blog