<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">
Article

Ncontracts’ Top Risk & Compliance Management Blogs of 2022

Risk & Compliance

Ncontracts’ Top Risk & Compliance Management Blogs of 2022

Posted by Ncontracts on Dec 22, 2022 12:55:18 PM

It’s the quietest week of the year for those logging into work. Few co-workers and even fewer meetings finally give you time to take a breath, catch up on reading, and get ready for the year ahead. (At least we hope it does.) 

In case you missed them, we put together a quick rundown of our most helpful, advice-packed blog posts of 2023. We hope that they give you food for thought and some inspiration to help you tackle the new year with confidence! 

 

Here’s the list. (Continue reading for a summary of each post.) 

Post #1: 5 Areas Risk Management Tools Must Support During a Recession 

Post #2 What Will You Do if Your Compliance Officer Quits Tomorrow?  

Post #3 How to Get a New Risk or Compliance Officer Up to Speed 

Post #4: Want to Up Your Compliance Game? Here Are 5 Things You Should Stop Doing Right Now & 5 Things You Should Do Instead 

Post #5: 10 Steps to a Pain-Free Vendor Management Process   

Post #6:  8 Vendor Management Practices Examiners Are Looking For 

Post #7: How a Company Intranet Can Help Create a Culture of Compliance and Mitigate Risk 

Post #8: How Will the New Cyber Incident Notification Rule Affect your FI? 4 Steps to Update Your Institution’s Incident Response Plan 

Post #9: Business Continuity Planning vs. Disaster Recovery: Understanding the Difference 

Post #10: Why You Need to Assess the Risk of Russian Sanctions on Your Institution 

 

The summaries 

Post #1: 5 Areas Risk Management Tools Must Support During a Recession

Economic uncertainty is strong right now as economists try to understand what rising inflation, interest rate hikes, and low unemployment mean for the economy. As financial institutions try to navigate these challenges, it’s important to pay attention to past downturns and learn lessons from the institutions that managed to thrive during those periods. We look at research studies to uncover the trends. 

What were they? Spoiler alert It was the institutions that: 

  • Focused on risk management and long-term performance  
  • Invested in technology to optimize operations 
  • Looked for growth opportunities while recognizing that return on investment (ROI) should be attractive but doesn’t need to be epic 

Takeaway:  Resilience goes far beyond short-term strategy. It requires big-picture thinking and strategic decision-making that look toward the future. Financial institutions that stick with an informed strategy built on ongoing risk assessments and that continue to make investments in pursuit of those goals will have the advantage during economic recovery and growth because they won’t be playing catch up.  

They’ll have a head start. 

Posts #2 & #3: What Will You Do if Your Compliance Officer Quits Tomorrow? and How to Get a New Risk or Compliance Officer Up to Speed 

Despite some layoffs at tech companies, the Great Resignation continues to impact financial institutions. Top talent isn’t easy to find and can be very expensive, especially in areas like risk management, compliance, and IT.  

In these two posts, we help you prepare for two situations: losing a compliance officer and hiring new risk or compliance staff. You’ll come away with ideas to help everyone work more efficiently and flexibly while reinforcing continuity of knowledge and on-the-job training and support. 

Takeaway: Having a strong risk and compliance management system has value far beyond risk, compliance, and strategic planning. It also helps your institution weather staffing changes. 

Post #4: Want to Up Your Compliance Game? Here Are 5 Things You Should Stop Doing Right Now & 5 Things You Should Do Instead 

When your to-do list seems like it has no end, it’s important that everything you do is done in the smartest, most efficient way. If your task list includes wishing, struggling, and stressing, you’re not making the most effective use of your time. 

Where do a lot of compliance pros miss the mark, and what can they do to improve their performance? 

Takeaways: Sometimes the solution to a problem is to reframe it.  

Posts #5 & #6: 10 Steps to a Pain-Free Vendor Management Process  and  8 Vendor Management Practices Examiners Are Looking For 

It’s no secret that vendor management is a hot-button issue for examiners—and an important control to manage the cybersecurity, operational, and reputation risk that third-party vendors, partners, fintechs, and consultants can pose to a financial institution. 

Whether you are building out a vendor management program or want to make sure that your organization is prepared for scrutiny of your vendor management program, these two posts have you covered.  

Takeaways: Vendor management, like everything else, is simpler when you break it into steps and create an organized process.  

Post #7: How a Company Intranet Can Help Create a Culture of Compliance and Mitigate Risk 

A culture of risk and compliance management is a building block of any enterprise risk management or compliance program. Culture is set by the tone from the top, but how can institutions operationalize it? 

In this post we offer up tips for promoting a company culture and keeping employees engaged.  

Takeaway: Policy learning and awareness helps build a culture of risk management and compliance. It helps align employees with institutional goals and empowers them to recognize and evaluate risk. 

Post #8: How Will the New Cyber Incident Notification Rule Affect your FI? 4 Steps to Update Your Institution’s Incident Response Plan 

Regulatory change is rarely ever limited to the compliance department. It can impact the entire institution. In the case of the Cyber Incident Notification Rule that went into effect May 1, it requires an update to financial institutions’ information security programs, specifically their incident response program. 

This blog post highlights four key areas of your incident response plan to review including: 

  • Updating timelines 
  • Addressing vendor agreements 
  • Reviewing vendors’ incident response plans 
  • Testing your incident response program 

Takeaway: Make sure you have an effective change management program that ensures no aspect of a regulatory change is overlooked. 

Post #9: Business Continuity Planning vs. Disaster Recovery: Understanding the Difference 

"Business continuity planning" and "disaster recovery" aren’t interchangeable terms, even though they are sometimes used that way.  

What’s the difference between them and which one takes precedence in a disaster? Read on to find out. 

Takeaway: A business continuity plan (BCP) is designed to keep critical functions operating. A disaster recovery plan responds to a crisis and is one element of a BCP.  

Post #10: Why You Need to Assess the Risk of Russian Sanctions on Your Institution 

Russia’s invasion of Ukraine was one of the most newsworthy events of 2023. The U.S. government levied sanctions on Russia and financial institutions had to keep up with the changes. 

In this post, we dig into the ways Russian sanctions could create risk for financial institutions even those that don’t have relationships with foreign correspondent banks including: 

  • Sanction implementation 
  • Knowing your customers 
  • Regulatory scrutiny 
  • Cyber attacks 
  • Economic impact & inflation 

Takeaway: Don’t be quick to write off a risk as irrelevant to your institution. Consider all the angles. 

 

Want advice on what examiners will be looking for in 2023? Our regulatory compliance team breaks it down in our webinar Regulatory Expectations & Enforcement in 2023. 

REGISTER NOW

 

Topics: Risk & Compliance

Share This Page
Search Blog
    subscribe to nsight blog