Compliance management – put a focus on the foundation
When it comes to regulatory compliance, most of the spotlight is given to “what’s new” – whether it’s new laws, regulatory changes or recent enforcement actions. But ignoring the importance of tried-and-true foundational elements can pose equal or greater risks to a credit union’s compliance performance.
Addressing “what’s new” is only one part of the compliance game. Effective compliance management systems must be built on managing the core elements of risk assessment, policies, procedures and disclosures (for simplicity’s sake we will refer to these as governing documents). And even if regulations stay static, these core elements can be affected by other changes in your environment, such as introducing new products or services, working with new vendors, or from technological advances that make prior methods obsolete.
The most successful credit unions have a compliance culture that pays attention to these foundational elements, not just at the time they are initially adopted, but through an ongoing cycle of oversight, monitoring, updates and enhancements. What do these high-performing organizations have in common as they manage each of these areas?
Oversight
In a high-performing compliance culture, policies, procedures and disclosures are mapped to their corresponding regulatory requirements. That way, when a rule changes, the corresponding governance documents can be quickly identified and updated. Every governance document also has a clearly assigned “owner” – a management official responsible for ensuring that it is kept up-to-date and accurate. These clear linkages and accountabilities enable strong oversight.
Monitoring
Top performers keep all governing documents clear, concise, easy-to-understand and widely disseminated. Lengthy, complex policies and procedures are banished and commingled policies and procedures are a mortal sin. Why? Hefty documents increase risk – risk of needing Board approval for even minor changes, risk that the staff won’t find what they need buried in hundreds of pages and risk of overlooking mistakes. The “keep it simple” principle is at play here.
Updates
When it comes to a strong foundation for a compliance culture, the high performers reject the “once a year” or “every so often” mentality. They employ an ongoing, real-time approach to maintaining governing documents. Electronic means are used in a unified approach across all compliance areas to make edits, identify issues, and disseminate information. The result? Addressing new regulatory requirements can take minutes or hours – not days or weeks and the efficiency gains are felt across the entire organization.
Enhancements
Leading community credit unions embrace change and view it as an opportunity to make business improvements. Compliance is no different – they have established compliance management systems that allow a consistent methodical means for evaluating risk, making decisions and implementing proactive improvements to meet changing business needs.
With regulatory compliance, managing change is inevitable. For some credit unions, the “new” is stimulating and anticipated with enthusiasm. For others it’s tougher to embrace change, but by taking a systematic approach that addresses the areas above, you can make the required compliance changes and progress less painfully and more predictably. Top performing credit unions, such as Bethpage FCU, Greensboro Postal CU and SECU have embraced technology automation to build a compliance foundation that supports ongoing change so that compliance does not create an adverse impact on serving their communities and members.
