5 signs of a strong compliance culture at your credit union
How strong is your compliance culture? It’s a question that gives many community financial institution leaders pause. In the chaos of keeping up with 13,000+ regulatory requirements, the notion of “culture” often gets lost. And, like many aspects of the regulatory landscape, there is a lack of clarity and precision around how it’s defined and created (much less measured).
While a hard and fast definition of what constitutes a strong compliance culture remains elusive, examiners and regulators are quickly formalizing their expectations around the topic. Federal Reserve Board Governor Daniel Tarullo provided some guidance in October 2014 when he loosely defined it as the “set of norms that appear to inform behavior of those within the organization, even in the absence of explicit and specific rules or instructions.” Numerous enforcement actions levied against credit unions have pushed for a systematic, top-down approach to compliance activities. Finally, examiners are taking a closer look at the behavioral factors that increase fast, effective response to regulatory change.
To build an effective culture of compliance, community financial institution executives must first understand what it looks like. Here are five principles and characteristics that strong compliance cultures share:
- Pervasive. Compliance isn’t compartmentalized into a department or a separate set of activities. It’s everywhere. Compliance and risk officers take an active leadership role across the entire business, interfacing with leaders of all business units and departments. They are involved in all major business initiatives including strategic planning, new revenue determination, marketing and beyond.
- Invisible. Compliance may be everywhere, but it’s nonintrusive. It’s baked into every business process. Take lending, for example. Using data from a loan origination system already in use, loan officers can automatically determine whether a loan is under-reportable. Instead of being a separate, ad hoc activity, it’s ingrained.
- Dynamic. Strong compliance cultures are built to anticipate change. Changes in regulatory requirements aren’t viewed as a roadblock between progress and performance. Instead, the financial institution has a standardized, systemized approach to identifying areas that have to change due to new requirements and implementing those changes in the least disruptive manner possible.
- Business-aware. No matter how much time and money is spent, it’s impossible to achieve 100 percent compliance across every transaction. Yet, many financial institutions try to accomplish just that – often at the expense of business growth. Exemplary compliance cultures are built around driving revenue and growth while minimizing exposure to illegal and high-risk situations. Instead of aiming for 100 percent compliance, the credit union will set a more realistic and affordable goal that falls within its risk tolerance profile.
- Outcome-centric. Strong compliance cultures are outcome-focused rather than rule-focused. As mentioned earlier, they don’t view regulatory requirements as roadblocks to success or reasons to say “no” to new business initiatives or tactics. Instead they see compliance as an aid to conducting business in a safe and sound manner. They ask how they can best meet their business objectives in light of what the rule requires of them.
Building a strong culture of compliance around these principles is a marathon – not a sprint. For many community financial institutions, it requires a shift in mindset, focus and management approach. “Are we compliant?” is no longer the end-all, be-all success metric. Questions like “How well are we effectively managing the process?” and “Do we have the right tools and expertise?” have equal footing. Community financial institutions must set their sights not on perfect compliance – but practical and effective compliance. That means achieving their goals at the lowest practical price point with few or no examiner criticisms.
As a proven enabler of the aforementioned principles, compliance automation plays a critical role in this process. Today’s compliance management systems provide a centralized and standardized way to process, implement and monitor change as regulatory requirements evolve. They are inherently designed to minimize the intrusiveness of compliance activities and engineer them into existing banking business processes. They also provide a platform for evaluating and balancing compliance risk in a way that’s unique to the tolerance of each financial institution.
The pace of regulatory change isn’t slowing down. The volume of regulatory changes will grow in 2015, especially as new rules go into effect and rollback measures and clarifications are issued for existing requirements. The best defense against this mounting workload and cost is creating a culture that responds to change with swiftness and efficiency. Agility has always been a strong advantage for credit unions, and embracing a true culture of compliance will help sustain that advantage. The rewards of doing so will go well beyond higher compliant transaction rates and fewer examiner criticisms – it will be an integral part of business growth.
Need a blueprint to building an effective culture of compliance within your financial institution? Download Continuity’s whitepaper on “How to Create a Strong Compliance Culture.”