Over the years, I have talked to financial institutions about their policies and often the compliance officer will proudly pull out a big binder filled with numerous policies. They proceed to tell me how the Board reviews and approves them each year, or as new regulatory requirements occur. And, that’s a very good start.

But, do you know what your policies actually say? Do you know who is identified within each policy as being responsible for various aspects of the policy? Do you know what the policies say you will do related to that policy?

If those questions make you a little uncomfortable or even a little panicked, you are not alone. I know many compliance officers who feel the same way. In the day-to-day business of trying to keep your credit union in compliance with a myriad of regulations, it is not unusual to push policy review to the back burner. If you have not conducted a thorough review of your policies, make time now to do it. But, where do you start?

The simplest way is to start with a spreadsheet. When you look at a policy, pull out any sentence that states a responsible party, any specific statements about what the credit union will do, any audit that will be conducted of the area and the timing, and training that will be provided to employees and the frequency, etc.

continue reading »