When compliance intersects with governance and risk, opportunities can be unearthed.
“Compliance is basic hygiene in today’s risk and regulatory landscape,” said Andy Vanderhoff, CEO of GRC technology provider Quantivate. “Compliance risk management goes beyond correct reporting procedures; it also means understanding your product liabilities, personnel liabilities, and cybersecurity vulnerabilities.”
A risk-based approach to compliance is not new. The building blocks may seem obvious: Identify the most significant risks to your organization and prioritize the associated controls, policies, and procedures. This is familiar territory for risk managers, but compliance leaders may need to reconsider their approach.
Steps credit unions can take to minimize their compliance risk include:
- Develop or implement a compliance management system (CMS)
- Identify any compliance risks associated with the organization’s strategic objectives
- Ensure internal policies, standards, and procedures comply with state and federal requirements
- Train internal staff to discern potential risk
Political and pandemic-related regulatory changes experienced last year and year-to-date in 2021 have appreciably impacted how credit unions operate. They have also required notable transformations in how credit unions manage not only the regulatory change process, but also daily operations.
“It all comes down to this,” said Tony Ferris, CEO of Rochdale. “Your organization must move from assumption-based analysis and implement a quantitative and data driven decision-making, or your risk management program doesn’t mean anything.”
You can dissect, inspect and interpret the data many different ways, but that won’t lead to your ultimate goal. Important questions that need answering include what is important to the credit union and why, what information should be acted upon, and what opportunities do any identified problems present?
Leaders at your credit union need to understand the complexities of these intersections. Learn more by joining risk and compliance thought leaders at CUNA Governance, Risk Management & Compliance Leadership Virtual Conference, presented by CUNA Compliance & Risk Council, September 28-30. All the top categories that fall under GRC are covered to create a comprehensive and essential GRC education.
The conference includes new content covering governance, strategy, risk appetite, cybersecurity, third parties, Enterprise Risk Management (ERM) program management and monitoring and compliance.
Attendees will learn about emerging risks in today’s environment and understand the new realities of governance, risk and compliance. CUNA Credit Union Enterprise Risk Management Expert (CUERME) designees will have the opportunity to recertify, which is required every three years.
“It’s time to change our point of view, to view risk as an opportunity and not a threat,” said Ferris.