Implementing Compliance: Key Principles & Practices

April 29, 2024

By: Bill Elliott, CRCM, Director of Compliance Education at Young & Associates

There is no question that laws and regulations materially change the way banks do business. The recent new laws and regulations have, more than ever before, crossed over the consumer protection regulatory line and into bank management. This complicates your life, and the starts and stops do not make it easier. 

Consider the “1071 Rule,” which amounted to HMDA for commercial loans, with even more invasive questions. The underlying law was passed in 2010 (the Dodd-Frank Act), and the CFPB took almost 13 years to implement it, only to be stopped by the courts for stepping way beyond the requirements of the law. The updated CRA regulation is also now being challenged in the courts. 

Compliance does not happen in a vacuum. Many of the regulations cover multiple disciplines within the bank, and many departments have to be involved in implementing the solution. This article discusses some of the basics of implementing compliance within your organization, as well as an approach that we believe is critical to the success of any bank. 

The Key Ingredients

To establish a successful compliance program, the following ingredients must exist:  

  • Board of Directors support 
  • Management support 
  • Staff development 
  • A viable and structured compliance network (compliance council) 
  • Compliance monitoring  

Board of Directors Support

The board is ultimately responsible for the success or failure of the compliance program, just as they are for any other aspect of the bank’s risk management. The board needs a flow of information to assist them in understanding the compliance function and the current status of the program. The board must also understand the stresses for compliance and ensure that there are adequate resources to facilitate success. 

Management Support

Management must be actively involved in the development of the compliance program. Although management may not design and develop the program, they should provide direction and ensure that there are resources to support its establishment and maintenance. Management must stay involved by monitoring the progress of the program through requiring periodic reports. 

Staff Development

Staff development involves providing staff with the necessary background to understand the purpose of compliance, the structure to support the program, and the technical skills to it out effectively. Management must direct the designated person or council and allow them the resources, including the resource of time, to fully implement the compliance program. 

A Practical Solution: The Compliance Council

In order to address the compliance burden, we believe banks should use a compliance council. This is NOT a committee. It is a reporting mechanism, where each area of the bank is responsible for the compliance duties that impact their jobs. At the council, they report progress or lack thereof in meeting those requirements.  

The results of the compliance council meeting are reduced to writing. Those minutes then go to management and the board so that they understand the current compliance situation in which the bank finds itself. A compliance council aids the institution in the following ways: 

  • The compliance council is comprised of representatives from each major area of the institution, thereby building continuity into the program. 
  • The compliance council builds compliance into the daily operational procedures of each area so that the institution can function from a practical and preventive focus. 
  • The compliance council incorporates comprehensive compliance coverage through its composition, i.e., lending, customer service, and operations. 
  • The compliance council establishes a compliance link to planning for new products and services. Each area of the institution can establish the compliance details during the planning and implementation stages. 
  • The compliance council allows the institution to include monitoring procedures in the daily workflow that integrates compliance without creating unnecessary work burdens i.e., the use of checklists and most common concern policies. 
  • The compliance council enables the institution to create an effective training and communications channel for all compliance issues. The council members will be able to take information back to their respective areas. 

Choosing the Compliance Council

The compliance council’s objective is to spread the duties among a small group of individuals to reduce the burden on anyone and increase coverage of the compliance function. Compliance has expanded far beyond just “letting the compliance officer deal with it.” 

The persons who are chosen might be representatives from: 

  • real estate lending, 
  • consumer lending, 
  • customer service, 
  • deposit operations, and 
  • compliance administration. 

Of course, banks are free to add others, such as BSA, branch administration, etc. 

The use of management in an advisory capacity can help to ensure accountability. It is difficult to say “I did not have time” or something similar in front of a senior manager. But hopefully, this is not necessary in most banks. The “minutes” of the meeting become a useful tool for management and the board to understand the current compliance position of the bank. 

If there is a regulatory change that involves multiple disciplines, then and only then does the “council” become a “committee” to address the common issue. 

Authority and Credibility

It is important for the compliance officer and the compliance council to develop sufficient authority to operate within the bank. Without this authority, the officer and the council will be ineffective.  

Assuming that the board of directors and executive management have clearly granted the compliance officer and the compliance council sufficient authority with which to operate, the compliance officer and the compliance council must ensure their own credibility to retain any authority that the board of directors and management have granted them. 

The compliance council’s biggest barrier involves establishing credibility with the bank’s employees. For example, if in the eyes of the employees, the compliance council is an informational source to help them do their job, the council will succeed. If communication channels are established but never work, the council will fail. The key to the success of the compliance council is to establish, implement, monitor, and enforce the compliance function throughout the bank. 

Effective Compliance Implementation

Navigating the dynamic landscape of banking regulations requires proactive strategies and a collaborative approach across all levels of an institution. As the regulatory environment continues to evolve, compliance becomes increasingly complex, necessitating a robust framework, dedicated oversight, and effective implementation to ensure adherence. 

Empowering Banks for Regulatory Compliance Success

At Young & Associates, we understand the challenges banks face in implementing and maintaining effective compliance programs. Our team of experts is committed to providing tailored solutions that empower banks to navigate regulatory requirements with confidence and efficiency. 

Ready to streamline your compliance efforts and fortify your institution against compliance risk? Partner with Y&A for comprehensive regulatory compliance consulting services. Contact us today to learn more about how we can support your bank in alleviating regulatory burdens. 

Get Our Insights

Connect with a consultant

Contact us to learn more about our consulting services and how we can add value to your financial institution