The shifting focus of regulators is indeed a concern for bankers and bank boards these days. The creation of the Consumer Financial Protection Bureau (CFPB) has impacted almost all banks and thrifts, not just the $10-billion-plus financial institutions that are subject to CFPB exams. The CFPB is publishing new rules monthly about topics such as fair lending, mortgage disclosures and even the interest rate banks can charge for residential loans. Plus, regulatory exams that end badly can have serious negative consequences for banks, so it’s a good idea to keep tabs of what regulators are thinking about your bank.
At Bank Director’s Bank Audit Committee Conference in Chicago last month, Deputy Comptroller Bert Otto in the central district in the Office of the Comptroller of the Currency (OCC) joined David Van Vickle, assistant regional director at the Federal Deposit Insurance Corp. (FDIC) and Molly Curl, bank regulatory national advisory partner at Grant Thornton LLP, in a discussion of what regulators are looking for in exams. John Geiringer, a partner at law firm Barack Ferrazzano Kirschbaum & Nagelberg LLP, moderated the discussion.
Otto said strategic risk is one of the things his office is most worried about right now. Banks are focused on improving earnings, but he would like bank boards to look at the risk involved in their strategic plan and any new products or services offered by the bank.
He said regulators are focused on risk: What are the bank’s risks and is the bank leadership identifying them? “The focus of all the regulators going forward, at least at the OCC, is really risk on a forward-looking basis,’’ he said.
Van Vickle agreed that this is a focus for his agency as well. Examiners are asking: What is the bank’s tolerance for risk? What are the key indicators of risk? In terms of mitigating risk, Curl said banks should have a full risk profile with risks rated from highest to lowest, and a plan for how to mitigate those risks. The risk line of defense then involves the compliance department, as well as internal audit, which will review at least annually the internal controls to see if policies and procedures are being followed. A bank can opt for yet another line of defense: an outside firm to review the bank’s risk profile and procedures for mitigating risk.
Banks frequently use outside vendors of various sorts, but they can actually be a source of risk as well. Note recent news about the CFPB crackdown on Minneapolis-based U.S. Bancorp over subprime auto loans to military service members, which were provided to U.S. Bancorp through a vendor. Van Vickle, speaking in general and not about U.S. Bancorp, said: “We will hold the bank responsible for a lot of what those service providers are saying, if they are approaching customers and making promises and not making appropriate disclosures.”
Compliance risk can also hinder acquisition plans, as it did in M&T Bank Corp.’s purchase of Hudson City Bancorp this year, when regulators delayed the closing date of the sale amid questions about M&T’s compliance with anti-money laundering rules. The Bank Secrecy Act (BSA) and anti-money laundering laws are now more significant in regulatory exams than in years past because a bank’s compliance track record now impacts its safety and soundness rating, Curl said.
“BSA should be a critical element to any products you roll out,’’ Geiringer said. “It used to be the compliance officer came in at the end, and was Dr. No.” Nowadays, the compliance officer should be involved in the beginning of the process of rolling out new services and products, he said. Consumer compliance is a new focus of regulation, Geiringer said. The Dodd-Frank Act expanded consumer law in the form of UDAAP (Unfair, Deceptive, or Abusive Acts or Practices) to include the term “abusive.” Ask yourself: Would you sell the bank’s products to your mom or dad? Does your bank board set the right tone in reacting to compliance issues? If new regulations are mentioned at a board meeting, do you roll your eyes? How does that impact management if they see board members doing that?
There has been a shift in banking regulation and it’s worth paying attention to. The regulatory panel at the audit conference made that clear.