Strengthening Relationships With Credit Score Monitoring

Customers want to improve their financial wellbeing and save money. Banks want to create sticky digital relationships.

Here’s something that can help both groups: credit monitoring.

Having a safe and easy way to keep an eye on their credit enhances consumer financial wellbeing in a variety of ways:

  • Makes it easier to find and stop fraud. According to the Federal Trade Commission, American consumers lost more than $5.8 billion to fraud in 2021, which was a 70% increase over 2020. When customers have a safe, convenient way to monitor their credit, they’re more likely to uncover and recover from fraud more quickly.
  • Helps uncover and correct credit report mistakes. Credit report errors are much more common than many people realize. According to a 2021 Consumer Report investigation, more than a third of consumers who participated in a voluntary credit report check found errors. And these errors are more than a nuisance. Negative impacts can include being uncorrectly charged higher interest rates on a loan or credit card or being turned down for a job or a place to live. 
  • Can improve credit scores and consumer financial wellbeing. Based on internal research SavvyMoney has conducted with partner financial institutions, we’ve found that consumers who monitor their credit data see strong improvements in their credit scores. Across all score ranges (except the 750 to 850 range), there was a 30% improvement in six months and a 39% improvement in 12 months. In the 300 to 649 score range, the improvements were even more dramatic: 32% in six months and 41% in 12 months.

Score improvement can mean significant savings for bank customers. Most importantly, consumers who improve their score can see a stark difference in interest costs on their loans. According to a study from LendingTree, borrowers with “fair” credit scores, which range between 580 and 669, could end up paying over twice as much interest on personal, auto and student loans, and 97% more on their credit cards.

Most consumers don’t currently monitor their credit. But that could change if they monitor it through your institution. Because credit monitoring is a soft pull, customers can check their credit data as often as they want without any impact to their credit score. That can help them get a better handle on their current financial health and areas where they could improve. And banks can add in personalized education and loan offers based on their score, creating a virtuous cycle of better credit, better lending rates and improved overall financial wellbeing.

Unfortunately, most people don’t monitor their credit. According to LendingTree’s annual customer survey, only a third of American consumers take that step. A big reason why: Consumers are understandably reluctant to provide their personal information.

This is where giving customers access to credit monitoring helps your financial institution too.

Consumers’ reluctance aligns with a key finding from SavvyMoney’s financial institution partners: 75% of users want to be able to check their credit score from inside their trusted financial institution. If their credit data is available through a single sign-on through your financial institution’s online or digital banking, they won’t have to.

Use a credit monitoring service that updates credit files more frequently — the best offer the option of daily updates — allows customers to track if they’ve moved into a new range and be alerted when their most up-to-date score qualifies them for lower rates.

Look for companies with solutions that integrate with your digital banking platform. That allows your customers to safely and easily monitor their credit score right from your online or mobile banking, driving engagement with your website or app. As the chart below captures, that additional engagement can drive an uptick in a wide variety of products and services, including checking penetration, which is often seen as a proxy for primary financial institution status.

Source: SavvyMoney partner case study

Credit monitoring is good for both your customers and your bank. If your financial institution isn’t currently making it easy for customers to check their credit with you, it’s a service worth investigating.

The Current Status of Dodd-Frank Act Compensation Rules

dodd-frank-8-17-15.pngWe have waited for five years since the Dodd-Frank Act became law and we are now seeing consistent movement to finalize several compensation provisions of the law.  

Meetings started in October with President Barack Obama gathering the heads of U.S. financial regulators and urging them to finish the Dodd-Frank rules. To date, we have already adopted Securities and Exchange Commission (SEC) rules that include shareholder votes on executive compensation (Section 951 on say-on-pay and so-called golden parachutes), and on independence of compensation committees (Section 952). Remaining Dodd-Frank provisions, designed to regulate behavior encouraged by compensation structures, are Sections 953, 954, and 956. Already, many institutions have implemented more stringent variable pay plans since 2010, with more compensation tied to longer term performance. The current status of the rules is highlighted below.

Pay Versus Performance Disclosure, Section 953(a)
The proposal for section 953(a) is intended to provide compensation information to augment the say-on-pay vote for public companies. The proposal highlights a new form of realized pay versus reported pay as well as a comparison of the company and peer group total shareholder return (TSR) over several years. The proposed disclosure reflects the SEC’s attempt to help shareholders gain a better understanding of how executive pay compares to company performance by comparing named executive officers’ total compensation as described in the summary compensation table to what the SEC is now defining as compensation actually paid. As an example, the vested value of equity will be incorporated into the actually paid definition versus the value of equity at grant date. Also, the new rule uses total shareholder return (TSR) as the performance measure comparing performance to compensation “actually paid,” and using TSR of a company’s peer group to provide additional context for the company’s performance. In addition, companies will be required to provide a clear description of the relationship between the compensation actually paid and cumulative TSR for each of the last five completed fiscal years.

Current Status of Rulemaking: We expect either a final, or re-proposed rule, by fall, 2015.

Pay Ratio Disclosure, Section 953(b)
The SEC finalized this rule in August, 2015, with implementation deferred to fiscal years beginning on or after January 1, 2017. The rule requires that public companies disclose the ratio of the CEO’s total compensation to the total compensation of all other employees. For example, if the CEO’s compensation was 45 times the median of all other employees, it can be listed as a ratio (1 to 45) or as a narrative. Total compensation for all employees has to be calculated the same way the CEO’s is calculated for the proxy. All employees means all full-time, part-time, temporary and seasonal employees.

Current Status of Rulemaking: The SEC finalized the rule on August 5, 2015. The first disclosure is expected for 2017 fiscal year as shown in proxy statements filed in 2018.

Clawbacks, Section 954
Section 954 is often referred to as the “clawback” provision of Dodd-Frank and applies to all public companies. The proposal requires companies set policies to revoke incentive-based compensation from top executives with a restatement of earnings if the compensation was based on inaccurate financial statements. The company has to take back the amount of compensation above what the executive would have been paid based on the restated financial statements. This rule applies to public company Section 16 officers, generally any executive with policy making powers. Variable compensation that is based upon financial metrics as well as total shareholder return would need to be clawed back, and there is a three year look-back for current and former executives.

Current Status of Rulemaking: Expect final rules in fall, 2015; once final from SEC, stock exchanges will create the listing rule and an effective date (expected late 2016 or early 2017).

Enhanced Compensation Structure Reporting, Section 956
This rule was proposed in April, 2011—more than four years ago. This rule applies to financial institutions, specifically banks greater than $1 billion in assets. The rule is primarily a codification of the principles as found in joint regulatory Guidance on Sound Incentive Compensation Policies, which stated that compensation needs to be:

  • Balanced to both risk and reward over a long-term horizon
  • Compatible with effective controls and risk management, and
  • Supported by strong corporate governance.

In addition, there is an annual reporting requirement and for large banks (greater than $50 billion in assets), there is a mandatory deferral of incentive pay. Given that there have been four years since the original proposal, we are expecting a number of changes as the global regulatory structures have changed greatly since 2011.

Current Status of Rulemaking: Originally proposed in April 2011, changes are expected to be re-proposed in 2015.

What are the Rules and Guidelines for Director Independence?

Manatt-DC-WhitePaper.pngExecutive Summary

In the last ten years, significant legislative or regulatory requirements for director independence have emerged.  In some cases, specific metrics were introduced. There’s a rule, for example, that all federally insured depository institutions above $1 billion in assets must have audit committees filled exclusively with outside, independent directors. The directors of publicly traded companies must disclose certain relationships. Even the public stock exchanges have their own rules. In other situations, less formulaic approaches were adopted.  In many cases, a board of directors was left to make its own judgments. This article will discuss the rules and parameters of director independence and define fiduciary duties for board members, as well as what constitutes a conflict of interest.  


It should come as no surprise that a crisis in the business world often gives rise to new legislation designed to prevent a future crisis or to preclude the occurrence of the events thought to have been the source of the crisis.  In the recent past, the banking failures of the late 1980s and early 1990s were met with the enactment of the Federal Deposit Insurance Corporation Improvement Act, which was signed into law by President George H.W. Bush in 1991.  After the corporate scandals of Enron, Tyco, WorldCom and others, Congress overwhelmingly passed the Sarbanes-Oxley Act in 2002, which was promptly signed by President George W. Bush.  Finally, on the heels of the Great Recession of 2008-2009, Congress adopted the Dodd-Frank Act, which President Obama signed in 2010.  Each of these statutes was designed to restore public confidence by reforming aspects of our economic system that were thought to have been damaged by the identified crisis. Interestingly, each of these legislative efforts at so-called reforming the business environment contained a pronouncement of a required level of “independence” of directors of business entities. 

Your Fiduciary Duty as a Board Member

The fiduciary duty of a director includes the requirement that  the director engage in decision-making free from any conflict of interest or even the appearance of such a conflict and, in all cases, that the conflict be clearly disclosed and apparent to the other members of the board of directors.  Fiduciary duty often has been subdivided into three distinct duties, namely, the duties of obedience, of care and of loyalty.  The duty of obedience requires that the director act in a manner that does not extend the entity’s activities beyond those authorized by the entity’s organization document and by law.  The duty of care requires the director to be informed with all the material information concerning any issue before the board in advance of making a business decision.  The duty of loyalty raises the expectation of director independence and the lack of any conflict of interest.  Adherence to these pronounced duties provides the basis for the presumption that any decisions taken by the director in good faith are entitled to the protection of what’s called the business judgment rule against a challenge from regulators, creditors or shareholders.

Duty of Loyalty

Since this duty requires the director act solely in the best interests of the business entity, it is important that the director identify and disclose whether he or she has other interests that could conflict with the interests of the company, either directly or through family or other material affiliations.  Thus, the director should be able to show that any decision taken was free from any actual conflict or the appearance of a conflict.

Independent Audit Committees with Independent Members

The Committee of Sponsoring Organizations (made up of professional accounting and financial executive organizations) promoted the concept of internal controls for business organizations, including the independence of an audit committee made up of independent directors.  The Federal Deposit Insurance Corporation Improvement Act of 1991 took some of the COSO concepts to the next level by mandating that each depositary institution (unless exempted by regulatory determination because of demonstrated hardship) have an “independent audit committee entirely made up of outside directors who are independent of the management of the institution. . . .” but that was later clarified in FDIC guidance. Institutions aren’t required to have an audit committee if they have less than $500 million in assets.  Banks and thrifts with between $500 million and $1 billion in assets must have an audit committee, and all must be outside directors, but only a majority must meet the definition of independence.  Still, good governance concepts suggest that an institution have a fully independent audit committee without regard to the institution’s size as one of the appropriate checks and balances to ensure the institution’s safety and soundness. The FDIC standards for independence say an individual must not have served during the immediate three years as an employee, advisor, consultant, legal counsel or underwriter or otherwise participated in the institution’s financial statements during that period.  Also, precluding appointments are situations in which an immediate family member (broadly defined as someone living in the same household) was involved with the institution in specific instances set forth in the regulation.  Generally speaking, the regulation takes great pains to exclude persons from serving only if their existing relationships might raise eyebrows.

The Rules of the Public Exchanges

The highly publicized corporate scandals of the 1990s were the impetus for the Sarbanes-Oxley Act of 2002, which applies to all public companies in the United States. Specifically, all members of the board’s audit committee have to be independent but the law granted the SEC the power to delineate the meaning of “independence.” Following on the adoption of Sarbanes-Oxley, the New York Stock Exchange Euronext, with the approval of the SEC, adopted changes to its Listing Manual designed to establish standards for director independence and duties for the audit, nomination and compensation committees of the boards of companies listed on the NYSE Euronext. The rule required that a majority of the members of the board of directors and all members of key board committees be independent.  Rather than set categorical standards for independence, the rule mandated that the board must affirmatively determine independence based on factors such as any material relationship with the listed company (other than as a director).  Banking relationships were clearly contemplated to be material in this context. The Nasdaq OMX adopted similar rules requiring, among other things: a majority of the members of the board of directors be independent; independent directors meet regularly in executive session; and independent directors have oversight of executive compensation.  For Nasdaq OMX purposes, a director would not be considered independent if that director has a relationship which, in the opinion of the board of directors, interferes with the exercise of independent judgment in carrying out the responsibilities of a director. The Nasdaq OMX rules also disqualify a director from being independent based on that director’s previous service as an employee, or otherwise receiving compensation of the company in excess of certain threshold amounts during a three-year look back period.

SEC Standards of Director Independence

The SEC sets forth those matters which would require specific disclosure. Regulation S-K addresses director independence by calling for disclosure of those relationships which could potentially give rise to a conflict of interest for a director and thereby compromise the director’s independence. For example, the rule requires disclosure of a transaction between a director or a company with which the director is affiliated and the company in question, if the transaction has a value of $120,000 or more. Similarly, the rule requires disclosure if the transaction involves indebtedness to the company in question, though banking relationships in the ordinary course of business and without preferential features for the director historically have been viewed as permissible and not a conflict.  The rule also includes disclosure of these sorts of transactions by directors’ family members, such as spouses, children, siblings, parents and in-laws.  Yet another required disclosure is of a business relationship between another company which receives material amounts of compensation or value (more than 5 percent of the company’s gross revenues) from the company in question, and if the director is an executive officer or owner of more than 10 percent of the equity interest in that other company. In addition, the rule also casts a fairly wide net over any other transactions or dealings which would be material to investors. At the same time, recognizing the critical importance of the audit committee in establishing confidence in a public company’s financial reporting and internal control, the SEC sought to distinguish transactions with board members which could compromise their independence from transactions with audit committee members, in particular. To that end, a director is prohibited from accepting, directly or indirectly, any consulting, advisory or other compensatory fee from a public company in order to be able to serve on an audit committee, notwithstanding the monetary thresholds discussed above. While Regulation S-K applies only to public companies in the United States, nevertheless, it remains a useful guide for all business entities desirous of operating in a good governance environment.

Recent Pronouncements

The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 added another requirement relating to the independence of public company compensation committees and their advisers. The SEC directed exchanges to develop rules ensuring each member of the compensation committee is independent, as defined by the exchanges. The NYSE and NASDAQ have done so, and the rules on director independence take effect in 2013. Also, the committee may hire compensation consultants but the board must disclose any conflicts of interest on the part of these consultants to shareholders. Thus, we have seen in the last ten years some statutory and regulatory attempts at setting strict standards for independence of directors, at least in the area of audit, nominating and compensation committees.  There also has been some recognition that strict and detailed standards may be too burdensome for some companies to follow, or may be inappropriate for broad application, and therefore that a more flexible approach may be in order.

Questions to Determine Independence of a Director

Proper board governance procedures suggest that each director and each proposed director provide answers to a series of questions designed to elicit information that could be seen as a conflict of interest and a compromise of director independence:   

Business or professional connections with the company including company perquisites:

  • Are you or any member of your family (which would include spouse, parents, children and siblings, whether by blood, marriage or adoption, or anyone residing in the director’s home) employed by the company or any affiliate of the company?
  • Do you or any family member (as defined above) have any professional or business dealings with the company, including any dealings through another company with which you or a family member is affiliated?
  • Have you or any family member received any compensation from the company of any kind, including company perquisites?
  • Have you or any family member engaged in any transaction of any kind with the company?

Affiliations with the company through stock ownership or other control:

  • Do you own any stock, debt or other interests in or of the company or any options to acquire same?
  • Do you exercise any control over the company or any part of the company or have the means to influence any decision-making by the company by reason of participation in major policy-making functions (other than as a director)?

Existence of interests possibly adverse to those of the company:

  • Are you an executive officer or director of, or a person who controls, another business entity which is a customer of the company or competes with the company or is otherwise engaged in activities which might be viewed as being adverse to the interests of the company?

Required level of skill, expertise and physical health for the exercise of independence:

  • Have you ever served as a director of a company?
  • Do you understand the responsibilities of being a director and your role as a member of the company’s board of directors?
  • Do you have an understanding of the nature of the company’s business and the sources of its revenues?
  • Do you understand financial statements relating to the company’s business activities, including balance sheet, income statement and cash flow statement?
  • Are you able to devote significant time and resources on working on matters which are the responsibility of the board?
  • On how many boards of directors do you currently serve?

Prior occurrences that might give rise to issues of credibility and trustworthiness affecting independence:

  • Have you ever been convicted of a felony?
  • Have you ever filed for, or had filed against you, a petition for bankruptcy or other insolvency-type proceeding?
  • Have you ever been the subject of disciplinary proceedings by any professional organization or association?
  • Have you ever been the subject of a court or regulatory agency order or judgment that relates to your ability to participate in the affairs of the company, including the raising of capital or otherwise precludes your participation in certain businesses? 

Banks Dodge Superstorm Basel— for Now

storm.jpgThe entire U.S. banking industry breathed a collective sigh of relief recently when the three federal bank regulatory agencies postponed indefinitely the effective date of the Basel III capital and liquidity rules, which had been set for Jan. 1, 2013. The proposed rules, which would have applied more or less equally to all institutions—from the country’s largest bank, JPMorgan Chase & Co., to very small community banks in out-of-the-way rural locations—set off a firestorm of protest throughout industry.

Following their release in June, the proposed rules reportedly generated more than 2,000 comment letters from bankers as both the American Bankers Association and Independent Community Bankers of America orchestrated letter writing campaigns. Members of the U.S. Congress, including 53 senators from both parties, also expressed their concern during the comment period. And one prominent federal regulator—former Kansas City Federal Reserve Bank President Tom Hoenig, now a board member of the Federal Deposit Insurance Corp.—even urged that the entire proposal be scrapped and replaced with a simpler plan.

Community banks in particular were not objecting to higher capital levels per se since many of them—a great percentage of which are privately owned—have traditionally carried higher levels of capital on their balance sheets than large publicly owned banks, which tend to be more highly leveraged. But they did object strongly to certain Basel III provisions, such as a fairly stringent risk-weighting system that would have required them to put higher levels of capital against certain kinds of assets, including mortgage loans, commercial loans and even U.S. government securities. Basel III also would eliminate a highly popular form of Tier I capital at many small banks—trust preferred securities—from consideration, forcing them to raise new capital at a time when many investors, both public and private, are wary of banks generally. 

Some community bankers stated flatly that the new rules would force them to sell out if they couldn’t raise fresh capital. Others worried that the risk-capital weighting for mortgage loans would effectively shut them out of that business, negatively impacting their profitability and possibly the home buying market itself.

When announcing the postponement, federal regulators did not indicate how the Basel III rules might be modified or when they would take effect. The least likely outcome is that the feds will actually lower the overall capital requirements for banks, including very small ones, because there seemed to be widespread consensus in Washington coming out of the 2008 financial crisis that the banking industry needed to have a stronger balance sheet. A more likely outcome might be that the regulators create a simpler and less onerous risk weighting system for small banks, and then give them ample time to come into compliance with whatever approach they adopt.

One thing is for sure: Bankers often fuss and fume—with more than a little justification—that the regulators in Washington never listen to their complaints about the regulatory burden, but this time the feds heard them loud and clear.

Basel III: How the New Standards Will Affect Your Bank

rules-help.jpgBasel III is bearing down upon us. The U.S. bank regulators issued their final proposals to adopt Basel III capital standards on August 30, 2012. Numerous members of Congress, the industry and even senior officials at the Federal Deposit Insurance Corp. (FDIC) and the Comptroller of the Currency have expressed concerns about these proposals.On the other hand, the Basel Committee has expressed concerns about timely, consistent implementation of Basel III around the world.  The U.S. bank regulators announced on November 9 that they would further consider the Basel III proposals, and that these would not become effective on January 1, 2013, as originally contemplated.

The Basics

The new rules will affect all depository institutions, depending upon how the Federal Reserve separately implements rules under the Dodd-Frank Act for intermediate holding companies established by commercial entities controlling thrifts. Although the Federal Reserve will not apply the Basel III capital rules to bank holding companies with less than $500 million in assets, the Collins Amendment, Section 171 of the Dodd-Frank Act, requires holding companies to maintain the same types and levels of capital as FDIC-insured depository institutions. Therefore, the proposed new rules will affect all depository institutions.

Among other things, the proposals:

  • contain specific, detailed required terms for each type of eligible capital instrument; (For example, to be eligible as “common stock,” such shares must, among other things, be the most subordinated claim in an insolvency and cannot be redeemed without prior regulatory approval, or contain any incentive for the issuer to redeem such shares.)
  • add a new common equity Tier 1 risk-based capital ratio;
  • add a capital conservation buffer of 2.5 percent, where noncompliance reduces the permissible amounts of dividends, stock buybacks and discretionary management bonuses;
  • increase capital minimums;
  • phase out trust preferred securities as Tier 1 capital for all holding companies, except those with less than $500 million in assets;
  • change risk weightings, especially the treatment of residential mortgage originations, sales and servicing, construction and development loans, deferred tax assets and nonperforming assets; (For example, higher risk weights will be assigned to non-traditional residential loans outside specified criteria such as interest-only mortgages or mortgages with balloon payments. Higher risk weights will also apply to certain “high volatility” commercial real estate loans.)
  • increase capital for off-balance sheet items such as warranties for real estate loans sold by banks to investors, and loan commitments of not more than a year; and
  • require capital be adjusted based on the current market value of held-for-sale securities.

The New Minimums

The new capital minimum ratios will be phased in over several years until they reach the following in 2019, with the 2.5 percent conservation buffer:

  • common equity Tier 1 capital – 7.00 percent (new)
  • Tier 1 capital – 8.50 percent (4-5 percent today)
  • Total capital – 10.50 percent (8 percent today)

The capital conservation buffer amounts will not be considered in determining whether depository institutions are “well capitalized” under the prompt corrective action (PCA) standards of Section 38 of the Federal Deposit Insurance Act. The PCA standards will change to reflect the proposed new capital measures, however, and will include the common equity Tier 1 capital ratio.


Banks will have to hold more equity. Common stock and perpetual, noncumulative preferred stock will be most valuable. Voting common stock must remain the majority of equity. Access to capital markets will become more essential.

Estimates of the amount of additional capital required under the proposals vary widely. The American Bankers Association anticipates that up to $60 billion of new capital will be needed. The actual amount will depend upon banks’ internally generated capital from profits, and their rates and types of asset growth. Federal Reserve actions to maintain low interest rates for an extended period will challenge interest margins and the industry’s ability to generate capital through earnings.

The proposals are complex and implementation will heavily tax smaller institutions with limited staff, which are also confronted with a deluge of Dodd-Frank Act and Consumer Financial Protection Bureau rules. Traditional banking, such as residential mortgage origination and servicing, will be especially affected by all these factors.

Banks will have to consider more carefully the returns on asset classes adjusted for the new capital levels and costs. Some lines of business may become unsustainable given the level of capital they require, and some segments of the economy may see diminished credit availability. Exactly how this will play out is hard to say.

Returns on capital, which will be less levered than currently, will be important in attracting and maintaining appropriate capital. Public companies, with greater size and access to capital, should have effective shelf registrations, and consider how to best take advantage of the new offering rules under the JOBS Act.


Basel III makes capital planning more important for banks of all sizes. All institutions should plan capital actions in light of Federal Reserve Letter SR 09-4. The Comptroller of the Currency’s Guidance for Examining Capital Planning and Adequacy, OCC 2012-16 (June 16, 2012) is also useful. Stress testing may become more prevalent as regulators seek better risk analyses, even where not mandated by the Dodd-Frank Act or Basel III. (See Community Bank Stress Testing, OCC Bulletin 2012-33, October 18, 2012.) It is unclear whether recent discussions of “reforming” the Basel III proposals will have any meaningful impact, especially given the pressures for consistent global implementation of Basel III. We suggest preparing for the proposals in their current form. The proposals, together with increased regulation, low top-line growth rates, and interest margins and profits squeezed by monetary policy, may be drivers of industry consolidation into banks that can best allocate capital to obtain growth with attractive risk-adjusted returns.

Part I: Built to Last – Compliance Lessons from the Construction Industry

House_Ruler.jpgIf you’ve ever observed a house being built, you’ve no doubt been struck by the way that millions of details must all come together to form a habitable dwelling. One board out of place or a line that’s not level can wreak havoc and doom a structure that may have stood for centuries. An overlooked element can mean the difference between passing or failing a required inspection. The devil, as they say, is in the details. 

Similarly, details are the devils of the compliance realm. There are literally tens of thousands of details to consider in ensuring compliance. Just like building a house, it takes careful design and planning, timely and well-coordinated execution and attention to detail to build an effective compliance program. Just as building codes dictate there is a right way to build a house—there is a right way to build a compliance program and passing examinations means making sure your program is up to code. 

I’ve been privileged to work alongside some of the industry’s finest minds during my career as a banker, examiner and consultant. Together, we’ve observed common themes among compliance programs that succeed and those that don’t. So, what do the most effective programs have in common? How are they similar to construction projects? 

They have a blueprint, a foundation, and a framework—ensuring consistency across the organization and all regulatory requirements.  

The Blueprint
When contractors (or board members) are charged with oversight, if a clear blueprint is not in place from the beginning, it can be difficult to keep up with change. Remember the wise adage “measure twice, cut once?” With a daunting number of compliance details and no strategic plan, it’s easy to fall into the trap of having a series of tasks but no one looking at the big picture, thus compromising the program.

When designing a compliance program blueprint, it’s important to identify different types of risk: credit, operational, market, legal and reputational. However, risks do not occur independently from each other. Most activities encompass all risks in some form or fashion. For this reason, regulators are starting to take a holistic approach in their examinations. They want to break down the silo perception of risk—because risks rarely fit into just one bucket or another. Since oversight is integral to a financial institution’s overall success, board members need to be sure that everyone is doing their part to ensure that the blueprint is being followed.

The Foundation
A durable building starts with a sound foundation, designed to prevent structural risks. Periodic maintenance is required to ensure that the structure does not become compromised. If flaws are noted, they must be addressed to prevent further deterioration. 

In the world of compliance, a sound foundation is built by establishing a chain of responsibility and a standardization of process. Maintenance, in the form of periodic reports, ensures that the program does not become compromised and any weaknesses are addressed. A defined hierarchy of accountability and standardization increases visibility, minimizes risk exposure and ensures an institution is running efficiently.  

The Framework
After the foundation is laid, four walls and roof are constructed to ensure a sturdy building. On top of the compliance program’s foundation of accountability and standards, a well designed controls environment needs to be built. The “building code” for this framework includes risk assessments, policies, procedures, monitoring and audits. 

Well-run compliance programs incorporate these controls across all key areas of compliance oversight. By focusing on what’s the same about every implementation (i.e., the process, the blueprint, the framework, the controls) an institution can cut its overall workload, costs and frustrations for the compliance program. 

The Inspections
How can you inspect a structure, or your compliance program, in the absence of the foundation and framework? Without standards for building foundations, they’d collapse, crack with frost, fail to shed water, be unable to bear the necessary weight, etc. It takes a plan, the blueprint, to lay the foundation and build the framework providing the well-run compliance program an accountable standard. Built to this standard, we can evaluate adherence and gain comfort knowing that things were done right.

Using lessons learned from the construction industry, financial institutions can maintain compliance accuracy, efficiency and effectiveness. Applying these principles, you can administer your compliance program with less worry, less conflict and at a lower cost than traditional methods will allow. In our next installment in this series, we’ll discuss how to maintain your compliance “house” through effective reporting and oversight.

How to Win the Regulators’ Approval

As banks are expected to follow more strenuous regulations and requirements, one thing that can help ease the load on the board is having a good relationship with the regulators. There are simple ways directors can improve in this area, and as with most relationships, it comes down to two main principles: communication and engagement. 

What steps should bank boards be taking to ensure that they maintain a good working relationship with the regulators?

Ralph-Sharpe.jpgTransparency, honesty and timeliness are essential; never hide or sugarcoat bad news. Provide realistic projections—better to understate and over-perform. Be engaged; welcome opportunities to meet with examiners—with or without management, and in and out of board meetings. Ask questions, and listen to the answers. If you disagree, do so respectfully.

Stay informed and keep up with regulatory developments. Read the Office of the Comptroller of the Currency’s Director’s Book (available online) and attend regulator outreach sessions when offered. Assign a regulatory liaison to ensure timely and complete responses are provided to examiners for things such as Matters Requiring Attention (MRAs), but don’t bury examiners in paperwork.

Finally, learn the business of your bank. Know the difference between being a director instead of an investor.

—Ralph Sharpe, Venable

geiringer.jpgAs a former regulator, I find that I sometimes need to remind directors that examiners are people too, and that how they are treated during examinations can directly impact your bank’s ratings. Directors need to set the “tone at the top” that everyone at the bank should treat examiners with courtesy and respect, take seriously any reasonable suggestions that they make, and handle any disagreements with as much civility as possible under the circumstances.

Directors themselves can build better relations with regulators by sending representatives to key meetings with examiners and occasionally requesting executive sessions with them to discuss issues outside the presence of management. Of course the best way for a bank board to maintain a good working relationship with regulators is to oversee a safe and sound bank.

—John Geiringer, Barack Ferrazzano

Cliff-Stanford.jpgMeetings with regulators, such as exit meetings, are crucial opportunities to listen and to seek clarification of points raised by the regulators. This does not mean that directors should be passive or should not register concerns or objections to factual inaccuracies. However, arguing and cementing a position on a “judgment call” issue during a meeting with examiners can often lead the examiners to cement their own in return, hurting the chances that directors can influence the perception of the bank’s performance.

Remember the placard from the British Government during World War II– “keep calm and carry on.” Examiners will have findings, sometimes in the form of Matters Requiring Attention by the Board, but often there are simple (not necessarily easy) steps to be taken. Directors will show much good faith and earn credibility with examiners by concerted engagement to drive management to address key regulatory concerns promptly.

Finally, remember that regulators have bosses and careers, and operate in a fast-moving regulatory environment just as banks do. Directors that show an appreciation for the challenges faced by regulators will create a store of goodwill that can only help their bank.

—Cliff Stanford, Alston & Bird

Angelee-Harris.jpgBuild your own communication lines with regulators. Rather than relying solely on management to maintain primary contact with regulators, authorize your chairman, audit committee head and perhaps your compensation committee chairman to meet face-to-face with primary regulatory contacts. After that, be sure to maintain consistent communication on behalf of the board.

Be honest with regulators and seek their guidance. When regulatory issues occur, alert regulators early and disclose all known facts—no matter how negative. There is oftentimes a tendency to downplay negative details or dribble out full details over time. These actions erode a regulator’s trust. Instead, talk early and often to regulators. Admit when you need to get back to them with more facts. Do not assert facts you cannot support. Regulators are a key resource, so be open to ask them for advice and guidance.

Try to see issues from a regulatory viewpoint. Like banks, regulators work in an environment of heightened scrutiny and could be called to task for failure to conduct full diligence or take proper action. Anticipating and offering to provide the proper access and information a regulator needs to fulfill her duties will go a long way to maintaining good regulatory working relationships.

—Angelee Harris, Manatt Phelps & Phillips

Do Small Banks Need a Risk Committee?

fwd-thinking.jpgDoes your board need to set up a separate risk committee to manage all of its bank’s exposures? If your institution is large enough, that question has already been answered for you. The two-year-old Dodd-Frank Act, which was Congress’ answer to the financial crisis of 2008, will soon require that all banks with $10 billion in assets or greater have a board level risk committee, and also that the committee have at least one director with risk management experience.

The new rules on risk committees have been proposed but are currently in a comment period, so it’s unclear when they will take effect or what the final requirements will look like, although it’s a safe bet that all banks north of $10 billion have already begun the process of organizing a risk committee. The more interesting question is what institutions below the $10 billion cut off point should do. The answer would seem to be, “It depends.”

Christina Speh, the director of consulting services at Wolters Kluwer Financial Services, says it’s the job of the board to set the institution’s risk appetite based on its strategic plan, and then make sure that the executive management team stays within the boundaries that the board has laid out. At its simplest, these boundaries are expressed in the form of various metrics—the level of non-performing assets, or service quality complaints, for example—and also as institutional values, such as honesty or customer responsiveness.

When it comes to the risk governance process, Speh says that it’s particularly important that boards be “forward thinking” in their approach—which is perhaps the best argument in favor of having a separate risk committee. “I would say that [risk management] is not really an audit committee function regardless of the size of the institution,” she says. “Audit committees look backward. The role of the risk committee is strategic and forward looking.”

Bert Otto, a Chicago-based deputy comptroller for the Central District at the Office of the Comptroller of the Currency, agrees with Speh that boards need to have a forward thinking perspective when it comes to risk governance. Otto says he asked his staff to identify those institutions that emerged from the 2008 financial crisis in relatively good shape and identify what they had in common. An important characteristic that many of these banks shared was a board that was keenly focused on emerging risks, which enabled them to spot problems at an earlier stage in the downturn than many of their peers.

“The institutions that weathered the storm better than others had that [forward looking] process, whether they had a risk committee or not,” says Otto. That said, Otto believes the presence of a risk committee makes it more likely that a board will be focused on future risks—although he stops short of advocating that all banks should have a risk committee. For Otto, the important considerations are factors like the institution’s business model and product mix. “Vanilla institutions just serving their communities in a small town in rural America, we’re not saying they have to have a risk committee,” he says.  Larger, more complex institutions with a more complicated risk profile—even if they are below the $10 billion threshold—might benefit from a having a separate risk committee, Otto adds.

For smaller institutions, more important than whether responsibility falls to the audit committee or a separate risk committee is the perspective that the board brings to the activity of risk governance. “My concern is that if no one is looking at it, [the bank] is going to be late to the dance when something happens,” Otto says.

Dodd-Frank Round-Up: Where We Are and What Needs to Be Done

future-signs.jpgIt’s been two years since the Dodd-Frank Act was passed, and regulators have published 8,800 pages of regulations ironing out the details of the law. Many rules still have not been written, leaving huge portions of the Act in limbo. This article takes a look at the status of major pieces of the legislation with an eye towards the impact on commercial banks and the banking system.


About: The recent financial crisis highlighted risks taken by individual companies in a highly interconnected financial sector. Dodd-Frank established a framework for monitoring and regulating this systemic risk. 

Past Developments: The newly created Financial Services Oversight Council released its final rule for designating nonbank systemically important institutions. The top banking firms recently released their “living wills,” or plans to unwind themselves in the event of failure without government or taxpayer assistance. 

Future Developments: The Federal Reserve will finalize capital requirements for large institutions as well as the specific rules for implementation of Basel III, an international agreement that strengthens capital requirements and adds new regulations on bank liquidity and leverage.

—From: Weil, Gotshal & Manges LLP, “The Dodd-Frank Act: Two Years Later,”  For access to their full report, click here.



About:  The Durbin Amendment part of Dodd-Frank, which caps debit card interchange fees for banks above $10 billion in assets, has likely had the greatest immediate impact on the banking industry, as it went into effect in October of last year.

Past Developments:  The impact on banking revenues has been swift. The industry reported a $1.44 billion loss of revenue in the fourth quarter of 2011, resulting in an annualized $5.75 billion loss if this pattern holds, according to Novantas LLC, a New York City-based consulting firm.

Future Developments:  It is still uncertain whether banks under $10 billion in assets will be able to charge more for debit card interchange than bigger banks in the long term, but so far, the smaller banks haven’t reported a loss of income in aggregate.


About: Dodd-Frank requires institutions to show that their incentive arrangements are consistently safe and do not expose their firms to imprudent risk. 

Past Developments: The Securities and Exchange Commission implemented rules last year requiring publicly traded companies to take advisory shareholders votes on executive compensation, also known as “say on pay.” It also implemented rules on the independence of compensation committees and compensation advisors, as well as on “golden parachute” payments to executives.

Future Developments: Dodd-Frank included a provision that instructed agencies to issue guidelines on incentive compensation. Although proposed more than a year ago, they have not been finalized.

—From the Securities and Exchange Commission and Deloitte LLP’s “Dodd-Frank Act Two-Year Anniversary: Seven Takeaways on Dodd-Frank’s Impact on Compensation.”  For access to their full report, click here.


About:  The CFPB is the first federal agency focused solely on consumer financial protection, and it holds responsibilities previously managed by several other regulators.  The CFPB has examination authority over banks, thrifts and credit unions with $10 billion or more in assets, as well as some large nonbank financial service companies that previously escaped federal regulation, such as payday lenders.

Past Developments: With a new director in place, the CFPB has not simply been implementing rules it inherited from other regulators, but promulgating many new, substantive rules. 

Future Developments: Further rulemaking may help illuminate the meaning of “unfair, deceptive and abusive” acts and practices, which the CFPB is tasked with eliminating, especially in the context of mortgage servicing and origination. New mortgage disclosure documents are in the process of being finalized.

—From Weil, Gotshal & Manges LLP,  “The Dodd-Frank Act:Two Years Later.”  For access to their full report, click here.


About: Dodd-Frank amends the residential mortgage portions of several federal housing statutes. Among other things, mortgage originators now owe a duty of care to borrowers.  

Past Developments: Creditors are now required to make a reasonable and good faith determination that a consumer has a reasonable ability to repay a residential mortgage.

Future Developments: The CFPB is considering rules to implement provisions of Dodd-Frank that would address mortgage loan originator qualifications and compensation. 

—From Morrison & Foerster’s “Dodd-Frank at Two.”  For access to the full report, click here.


About:  The Dodd-Frank Act is designed to provide a comprehensive framework for the regulation of the over-the-counter derivatives market to provide greater transparency and reduce risk between counterparties.

Past Developments: The Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have both been missing statutory deadlines.

Future Developments: It is yet to be determined specifically how these provisions will be applied across borders and to what extent they will cover U.S. operations of foreign firms. 

—From Deloitte LLP’s “Dodd-Frank Act Two-Year Anniversary: Five Takeaways on Dodd-Frank’s Impact on Derivatives.”  For access to their full report, click here.


About: The Volcker rule prohibits banks and bank holding companies from engaging in proprietary trading or owning private equity and hedge funds, with some exceptions. It is considered one of the most controversial aspects of Dodd-Frank.

Past Developments: The Fed, FDIC, OCC, and SEC jointly issued the proposed rule, which further defined key terms such as “banking entity,” “proprietary trading,” and “covered fund,” as well as outlining exceptions to the rule’s prohibitions.  If proposed in its present form, many investment products having nothing to do with private equity or hedge funds will be prohibited.

Future Developments: Lawmakers and regulators are pushing for the final rule by the end of the year, but affected financial institutions will have until at least July 21, 2012 to conform to the rule.

—From Weil, Gotshal & Manges LLP, “The Dodd-Frank Act: Two Years Later.”  For access to their full report, click here.


 About: Based on “lessons learned” from the financial crisis, regulators are examining more critically the quality of capital held by U.S. banking organizations as well as credit risks. 

Past Developments: In early June 2012, the U.S. banking agencies published for comment a series of three regulatory capital rulemakings in accordance with the international Basel III agreement, two of which would substantially revise the current regulatory framework. Comments on the proposals are due September 7.

Future Developments: Many of the new capital guidelines and rules haven’t gone into effect and will be gradually phased in over a period of a year or up to a decade, depending on the size of the bank and the rule.

—From Morrison & Foerster’s “Dodd-Frank at Two.”  For access to their full report, click here.

Dodd-Frank Enters Its Terrible Twos

two-yrs-old.jpgI’ve been writing about the banking and financial services industry since the mid-1980s and during that time, only the Federal Deposit Insurance Improvement Act of 1991, which was enacted after an earlier banking crisis, and the Sarbanes-Oxley Act of 2002, which was a byproduct of corporate accounting scandals such as Enron, come close. But those reform laws were much narrower in their focus, and much less ambitious. I don’t believe that even the Glass-Steagall Act of 1933, the historic Depression-era law that separated commercial and investment banking, was nearly as broad in scope as Dodd-Frank, although banking and the capital markets in the 1930s obviously weren’t as large and sophisticated as they are today.

And that might be why the federal regulatory agencies that were tasked to write nearly 250 new rules have fallen well off the pace that Congress set for them when it passed Dodd-Frank. According to a recent analysis by the Davis Polk law firm, approximately 63 percent of the required rules whose deadlines have passed have either not been proposed or not finalized. “The deadlines were always ridiculously unrealistic, which is something I tried to say at the time,” says former Comptroller of the Currency John Dugan, now a law partner at Covington & Burling in Washington.

“Some of the regulatory agencies just don’t have the staff resources” that are required to write a blizzard of new rules, adds Brian Gardner, senior vice president for Washington research at the investment banking firm Keefe, Bruyette & Woods. Gardner says that in particular the Commodity Futures Trading Commission has struggled to write new rules for how the derivatives market will be regulated going forward, although it has made progress.

Dugan, who finished his five-year tenure at the Office of the Comptroller of the Currency just three weeks after President Barack Obama signed Dodd-Frank into law, believes its greatest impact has been the Durbin Amendment—which allows the Federal Reserve to regulate the amount of debit card interchange fees that banks may charge—and the establishment of the Consumer Financial Protection Bureau (CFPB).

I would concur with Dugan’s assessment. According to the consulting firm Novantas LLC, Durbin-inspired restrictions on debit card income will cost the industry upwards of $5.75 billion in annualized revenue—and this at a time when many banks are struggling to grow their top lines because of poor loan demand. And by creating the CFPB, Congress established a new regulatory regime for the consumer financial services marketplace. This new regulator, which I wrote about in our second quarter issue, potentially could have an enormous impact on the banking industry over time.

Interestingly, Gardner says the bureau has moved more slowly to exercise its enforcement and rule making authority than he would have expected at the two year mark. He also believes the presidential election could have a significant impact on the bureau’s future. You’ll recall that CFPB Director Richard Cordray received a recess appointment from Obama when Senate Republicans blocked his confirmation over their displeasure with how the bureau was structured.  Should Obama lose to Mitt Romney and the Republicans also take control of the Senate, a President Romney would be able to appoint a director more to his liking—presumably, one less inclined to meddle in the industry’s business. “You could see the bureau taking a different direction,” Gardner says.

There is still a lot of work ahead for all those beleaguered federal regulators, including the writing of the hotly debated Volcker Rule—which would severely restrict the proprietary trading activities of commercial banks. Also yet to be finalized or in some cases even proposed are new rules on securitization, new capital requirements for banks and several very important initiatives in the mortgage area. The CFPB has been tasked by Dodd-Frank to develop a qualified means test to determine whether a borrower has the ability to repay a loan. A group of federal regulators has also been working on a new risk retention rule that would require lenders to retain 5 percent of the loans they sell into the securitization market, although an initial proposal would have exempted securitizations made up of qualified mortgage, commercial or auto loans from the requirement. These rules have not been finalized yet and until they are, mortgage originators who sell their loans to third parties that securitize them won’t know how much capital (if any) they will have to set aside to meet the requirement.

The House Committee on Financial Services will be holding hearings this week on Dodd-Frank, and if you didn’t already know how House Republicans feel about it, all you have to do is go to the committee’s website (, where you’ll see a full throated attack on the law. Repealing Dodd-Frank is a dream that many Congressional Republicans have, but that’s as unlikely as the country going back on the gold standard. Even if Romney beats Obama and Republicans hold the House and regain the Senate, Congressional Democrats might still have enough strength to frustrate their plans. “I think it would be very difficult to get a full repeal of Dodd-Frank,” says Dugan.

And that means, like it or not, the most detested financial reform law of all time will probably be around to celebrate many more birthdays.