Banking Exchange Magazine Logo

Real-life risk management: "Owning the risk," "tone at the top," and more

A Compliance Conversation with Wolters Kluwer

A few weeks back a group of compliance experts from Wolters Kluwer Financial Services stopped by our new offices near Wall Street, and the conversation turned to "tone at the top."

This can be an elusive goal when the subject is compliance. Having spent a good number of years among CEOs, board members, and compliance officers, we can say with certainty that with one exception among that group, compliance isn't what they wake up in the morning wanting to talk or think about. It's just a fact of life.

Liking something and getting a job done often mean two different things, however. Compliance has become more important than ever to banks. We began discussing a role-playing session at an ABA Regulatory Compliance Conference a year or two back. Compliance officers had sat in a make-believe boardroom and played the part of directors. One, a veteran who has above-average theatrical skills, was playing the part of the board chairman, and hammed it up by wearing a golf hat and gaveling the meeting to order with a putter. Periodically he would grouse about missing his tee time if the compliance stuff took too long.

It happens the faux meeting was a theoretical exit discussion with compliance examiners, and we suspect it was meant as comic relief to a conference that was otherwise quite serious and full of heavy-duty listening.

But they say there's always some true feelings behind a tease. Is there a way to get past the kind of attitude represented here?

Make the message palatable and manageable

Christina Speh, Wolters Kluwer's director of new markets and compliance strategy, had been conducting some recent sessions among clients where the issue of "how do we do tone at the top" came up. She noted that part of what had to be appreciated was that boards want their banks to be in compliance, and that setting an expectation is part of their job. "It's about ensuring that you get what you want," said Speh.

On the other side of the table, she said, compliance officers have to come to the board with a more realistic understanding of what they are there for, as compliance experts.

"As a compliance person, you may think that people have to hear the intricacies of the regs you're there to discuss," said Speh. It's natural for an expert to have a depth of understanding of material that seems essential for everyone.

For the compliance visitor to the boardroom, this is a mistake, Speh believes. Instead, compliance staff should treat their board time more as do the heads of business units. Would the head of a credit function take the board way out into the weeds of loan analysis, if not asked?

Summarize issues and requirements, Speh advised, and devise dashboards that will help board members appreciate quickly how well the bank is complying and how far it has to go.

Compliance and risk management

This discussion was part of a larger conversation about the evolving ways banks are looking at risks, and balancing risk management and compliance duties against the need to earn a buck.

At one time the concern was that banks too often flew by the seat of their pants with compliance. But Speh said the role of risk management and risk assessment has so permeated compliance now that if a bank followed it all into ultimate detail, the biggest risk would be that staff might never get any other work done.

It's a work in progress. But part of the balancing going on in compliance and risk management seems to be a growing realization that a central function can't do the whole job. It can be a rulemaker, policy tracker, and more. But it's something like morality--ultimately it comes down to the individual.

The good news is that the message seems to be spreading. Business units seem to "get it" now, according to Timothy Burniston, Wolters Kluwers' vice-president and senior director of professional services and consulting, risk and compliance.

Again, though, there's that niggling issue of how to get the compliance job done when you've got a business to run. Even where central compliance and business-unit compliance work hand in hand, people are busy.

"You've got to operationalize it," said Speh. It was interesting to hear this because it synchs with the thinking of a community banker who took part in a recent Banking Exchange roundtable, the cover story in our March edition.

Iowa banker Steve Goodenow said in that article that his bank has been exploring ways to automate compliance at the front line, especially, in order to avoid errors in disclosures in lending and the onboarding process.

What's going on out there

We asked the Wolters Kluwer team-Burniston, Speh, and Art Tyszka, director of default services--what they were hearing and seeing overall. Among the points made:

  • • Influence of Consumer Financial Protection Bureau seen. Speh pointed out that the Federal Financial Institutions Examination Council's proposed risk management guidance on social media was notable for a stress on the risks faced by consumers in this sphere. Burniston, who came to Wolters Kluwer after a long career at federal regulatory agencies, sees this as CFPB's influence at work.
  • • Fair-lending warnings. The team said the company has been hearing about an increasing focus by CFPB and the Department of Justice on credit card programs, as well as on student loan programs.
  • • Mortgage lending compliance urgency. Tyszka emphasized the massive compliance challenge that many lenders will have over the course of this year as they work to get into synch with the CFPB's slew of Dodd-Frank-based regulations. Loan origination systems will have to be rebuilt, he explained. "This is going to mean wholesale changes to both technology and processes," said Tyszka.

Burniston added that many clients have been asking the company what tolerance level the new rules anticipate. He doesn't have good news there.

"Our response is that there is no tolerance for these types of errors-the regulators' expectations will be very high," said Burniston, "and the possibilities of noncompliance are becoming really high."

back to top


About Us

Connect With Us



How to get the most out of Data and AI
with Ravi Loganathan from Sardine
and President of Sonar

Wednesday, July 24, 2024 at 11 AM ET / 8 AM PT

In this webinar we will cover:


This webinar is brought to you by:

SardineBanking Exchange