bsns-maze.jpgWhen it comes to compliance, the first step in preparing for the year ahead is to look at the immediate past. Regulators now have higher expectations. There is very low tolerance, if any, for regulatory infractions. Banks face a high degree of pressure to keep residual risk in check while still conducting business profitably. There will likely be mistakes, but the mistakes must be kept to manageable ones that do not fundamentally affect consumer rights. Examinations are tougher. The supervisory focus is on fairness to consumers. Regulators scrutinize data for accuracy and meaning.

The consequences of noncompliance are severe.  In 2011 and 2012, we saw financial institutions reach settlements with the Consumer Financial Protection Bureau (CFPB), the Department of Justice, and the prudential bank regulators for violations of consumer protection and other laws in excess of $1 billion. Not only are the settlements larger than ever, but they include refunds to affected customers as well as penalties. Even more than in the past, the reputational damage from enforcement actions can take years to recover from.

The Year Ahead

The year 2013 will bring continued concern about the daunting challenges posed by regulatory change for U.S. financial institutions. Of the nearly 400 rules required by the Dodd-Frank Act, only about one-third have been finalized, and another third have yet to be proposed, according to Davis Polk & Wardell LLP.  The new requirements are likely to trickle out for years to come. They, along with the adjustments financial institutions must make to accommodate the newly-formed CFPB, will surely test the mettle of even the strongest companies and keep continued pressure on the bottom line. During the year ahead, this consumer-focused scrutiny will take the form of not only deeper and more probing examinations, but more expensive penalties for noncompliance. 

High Risk Areas with Increased Vulnerability

Indications are this trend of focusing on consumer risk will continue in 2013.  We will continue to see supervisory interest in a number of key areas, such as:

  • Fair and responsible products and services
  • Mortgage origination and servicing
  • Treatment of consumer complaints
  • Data integrity
  • Servicemembers Civil Relief Act issues
  • Lender compensation
  • Overdraft protection programs
  • Student lending
  • Reverse mortgage lending
  • Compliance management systems

Governance Guidance for 2013

Successfully navigating the consumer-focused scrutiny in 2013 will depend on whether your institution adopts an integrated, proactive approach to compliance risk management.  To get started, directors must set the tone. First, take responsibility and ownership of your bank’s risks. Know where your bank’s risks are. Understand what your data says about you—including consumer complaints. Wherever possible, control and prevent problems; be confident that you will know where the next problem will surface. And we can’t emphasize this point strongly enough: Manage risks on an integrated basis across the enterprise.

Five Prong Approach to Preparing for 2013

There are a number of actions institutions can take to prepare themselves for 2013 and the regulatory and supervisory deluge to come. We recommend a five-prong strategy for preparing your institution to successfully meet these challenges.

One: Compliance Culture.  Instill a culture that embraces a consumer-centric, principles-based regulatory model. 

Two: Compliance Management System.  Build an integrated system of compliance management with board oversight, a comprehensive program, complaint management, and compliance audit.  

Three: Risk Assessments. Assess risk to the institution as well as the impact of products and services on the consumer.

Four: Fair Lending Risk Assessments. Subject lending data to in-depth statistical analysis, and give products and practices intensified review.

Five: Enterprise Reporting.  Implement a system of compiling information across the risk spectrum on an integrated basis and reporting the right level of detail to the right audience.

Understanding risk is an essential component of any proactive program. When it comes to predicting what will happen in 2013, we can all reasonably expect today’s trends to continue into the foreseeable future. The best strategy is to proactively prepare.

Christina Speh