Combating Complacency Through Strategic and Operational Planning

For many banks, 2020 and 2021 had surprising results. Liquidity and capital were strong, loan growth escalated from pent-up demand and income levels were favorable.

These positive trends could lead many management teams to become complacent – which can lead to risk. In its 2022 Fiscal Year Bank Supervision Operating Plan, the Office of the Comptroller of the Currency (OCC) listed guarding against complacency as a top priority for examiners. Complacency, by definition, is a state where one’s satisfaction with their own achievements leads them to be unaware of potential danger. Heeding the OCC’s warning to address indications or perceptions of emerging risks, we’ve identified five focus areas for boards and management teams.

1. Strategic and Operational Planning
Executives and boards should evaluate strategic planning in the context of the current environment. Post-pandemic, banks have increased opportunities for growth including, but not limited to, mergers and acquisitions. The key to strategic planning is to be strategic. Shape your strategic planning sessions to consider new industry opportunities and threats. Approach each opportunity and threat methodically – whether succession planning, mergers or acquisitions, fintech partnerships, changing demographics, the shift in the regulatory perimeter or another area relevant to your institution.

Operational planning is just as critical. Crafting a well-established plan to profitably service your bank’s target markets remains a balancing act of priorities for directors. Consider new products and services to meet the needs and expectations of your evolving customer base. Thoughtfully evaluate your bank’s target market, planned growth, the potential for enhanced products and services and any prospective investments to maintain profitability. Allow talent, technology, and financial resource risk assessments to guide your institution’s operational planning process, asking, “Where is my bank growing and am I ready?”

2. Credit Risk
We continually hear about the great credit quality that banks have experienced thus far in the post-pandemic period. Yet, credit risk remains a critical priority for banks and regulators, especially since coronavirus relief funds may have dramatically changed the financial view for borrowers.

Covid-19 relief funds served a temporary purpose of keeping businesses operating during the peak of the pandemic. However, high levels of inflation and continuing labor and supply chain disruptions has put continued pressure on many small businesses and may have a yet-to-be-realized impact on the credit quality within your bank.

Now more than ever, remaining engaged with your borrowers and looking past traditional credit metrics to identify issues could reduce future losses for your financial institution. Credit risk monitoring tools like stress testing remain relevant with the prospective of rising interest rates.

3. Cybersecurity Risk
Cybersecurity risk, like credit risk, is here to stay. Executives must stay focused in this area as risks increase; the instances of public attacks across all industries reflect a relentless pursuit by cybercriminals to steal data for financial gain. The most recent reminder of this are Russian state-sponsored cyber threats. As banks gather and maintain more and more data, it’s paramount to have experienced talent and protocols for protection of customer data.

Bank management teams should be able to show evidence of their institution’s capability to respond or recover from destructive cyberattacks that are increasingly routine. The bank’s risk assessment process is a critical component of managing its cybersecurity risk, and should incorporate any processes or controls that may have changed as result of a new strategic or operational plan.

4. Compliance Risk
Compliance matters are always evolving, and regulatory emphasis on applicable laws and regulations is only increasing. The focus on Bank Secrecy Act and anti-money laundering rules, fair lending, Community Reinvestment Act and overall prioritization of compliance management are not shifting.

Compliance risk management requires banks to have a strong internal system. It also requires a deep understanding of the various rules and proficiency in identifying, implementing and auditing the changes. It has never been more critical for banks to have strong independent review systems to account for updated rules and regulations.

5. Management and Board Education
The operational and strategic landscape of banking is changing. Management team and board members must be informed and educated. As you decide how your bank will adjust to this new environment, identify industry-specific third parties to meet with your management team and board to provide a strong foundation to strategic planning.

We see numerous opportunities and areas of focus for banks in 2022. If we’ve learned anything during this time, it’s that banks need to look at risk differently in this ever-changing environment. Now is not the time to be complacent.

The information contained herein is general in nature and is not intended, and should not be construed, as legal, accounting, investment, or tax advice or opinion provided by CliftonLarsonAllen LLP (CliftonLarsonAllen) to the reader. Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor.