Regulatory Concerns about Bank Culture Should Serve as a Wake-Up Call

2-4-15-AlstonBird.pngThe culture inside a bank has received renewed discussion in various forums over the course of the last year. The regulators are now moving from crisis and reaction to root cause analysis of the financial crisis. Regulators have expressed concern that despite the array of new rules, guidance, and enforcement actions brought in the wake of the financial crisis and the Dodd Frank Act, banks just seem to keep turning up problems. Fair or not, and whether you think that this concern is really attributable to the largest financial institutions, the regulators’ signals merit attention for any bank.

Bank regulators, notably the Federal Reserve and the Office of the Comptroller of the Currency (OCC), have contrasted two broad categories of banks:  those that adopt an approach of mere compliance with regulation, where compliance concerns are background noise to be silenced; and those that embrace risk management and compliance programs as an important part of cultural norms. The signal from the regulators is that they look for, and can sense whether the bank is in one or the other of these camps. Supervisory judgment calls are informed by those perceptions.

What is culture? William Dudley, president of the New York Fed, recently stated: “Like a gentle breeze, culture may be hard to see, but you can feel it.” Culture is the norms of behavior that drive the business, including ethical standards above and beyond the rules. This is attributable to the tone at the top set by directors and top executives, but it is manifested (or not) in behaviors throughout the organization. What incentives (compensation and otherwise) drive what kinds of performance throughout the organization? To what degree do risk management concerns get air time alongside financial performance in the board room? Do the board and senior management discuss risk management and compliance in terms of “regulatory burden?”   Worse, do you talk openly about your talented risk and compliance staff as a “burden” weighing on the bottom line?

Increasingly, bank supervisors are beginning to mandate cultural norms. Internationally, the Basel Committee on Banking Supervision has set forth corporate governance principles to assess whether a bank’s board and senior management perform their risk governance responsibilities and establish an appropriate organizational risk culture. The OCC’s heightened expectations for enterprise risk management by the largest banks have emphasized the need for a board to provide what’s known as an “effective challenge” of management, and this has become the gold standard for all banks. The OCC has had open debate with the industry over whether directors must “ensure” rather than only “validate” the effectiveness of a risk management and compliance program. All of the regulators, including the Consumer Financial Protection Bureau, have sent strong signals in the form of enforcement actions, guidance and examination messages.

A key cultural norm is how the bank thinks of its customers. Thomas Watson, legendary leader of IBM, famously said: “The essence of trust building is to emphasize the similarities between you and the customer.” Does your bank consider borrowers as counterparties in a contract, or customers for whom the bank has a shared (fiduciary-like) interest in their success?

Moreover, once a strategic decision is made by the top leaders of the organization, does the company do a good job of challenging the decision when evidence arises that it was wrong-headed, or does the company suffer from confirmation bias, collectively seeking only the evidence that justifies the strategy? Institutional groupthink can result in hidden problems for a bank, whether they are credit concerns, compliance concerns, or lost market opportunities, for example. Does the organization value diverse views that can positively challenge norms?

Examiners assess culture by looking for patterns of behavior, rather than individual instances, just as they focus less on specific loans than on concentrations of credit risk. Distinctions between policies and actual behavior are measurable; exceptions to policy are measurable; meaningfully reviewable management reports should allow detection of patterns. In this sense, examiners and directors are aligned and can be complementary of each other.

Undoubtedly, the audit of risk management or compliance culture is subjective. Are we on the verge of bank supervisors becoming culture police? There is a real concern that supervisors could also suffer from confirmation bias and thereby feed a concentration of cultural norms and fail to appreciate the idiosyncratic nature of institutions and the value of their diversity. Nevertheless, it behooves all boards of directors to look inward and take heed of the bank regulators’ messaging about culture.

The CFPB: How It Impacts Your Bank

1-16-15-Naomi.pngCreated by the Dodd-Frank Act in 2010, the Consumer Financial Protection Bureau (CFPB) represented a seismic shift in federal regulation of the financial sector, an entirely new federal agency created just to protect consumers dealing with financial products. Coming along in the wake of the financial crisis, the CFPB’s mission was to provide a level of protection for individuals in the marketplace that critics felt was missing. The primary banking regulators, sometimes known as prudential regulators, such as the Federal Deposit Insurance Corp. (FDIC), the Office of the Comptroller of the Currency (OCC) and the Federal Reserve, focus on the overall health of the banking industry and the safety and soundness of the financial institutions they regulate. The Dodd-Frank Act moved enforcement of several laws that dealt with consumer protection out of the hands of those agencies and into the hands of the CFPB. Those laws include the Truth in Lending Act, the Truth in Savings Act, the Real Estate Settlement Procedures Act, the Home Mortgage Disclosure Act, the Equal Credit Opportunity Act and the Electronic Fund Transfer Act, among others.

“None of those [laws] are new,” says Jerry Blanchard, a bank attorney at Bryan Cave LLP in Atlanta. “Now, you have somebody applying them in a consistent fashion in banking.”

The CFPB also has the power to enact new regulations to ensure a more transparent and fair marketplace for consumers, and to ensure consumers have timely and understandable information to make responsible decisions about financial transactions. In short, the CFPB is now very much involved in regulating the world in which banks live.

It is also increasingly in the world in which nonbanks live. The CFPB began regulating a whole host of nonbanks that were thought to exist outside of a coherent regulatory system, including payday lenders, mortgage companies, consumer reporting agencies, student loan companies and debt collectors. This could be seen a positive development for banks and thrifts, which often had to compete against players that were not regulated in the same way banks were.

For fiscal year 2015, the CFPB has a budget of $583 million and 1,796 employees, paid for out of the revenues of the Federal Reserve System. The biggest line item both in terms of employees and dollars spent is supervision and enforcement of financial institutions. For banks above $10 billion in assets, that means regular visits and exams conducted by an agency solely focused on consumer protection, which is a new experience for them. For banks below $10 billion in assets, they are not getting examined by the CFPB except in rare circumstances—that responsibility falls to their prudential regulator—but they are impacted by the rules and regulations promulgated by the CFPB.

For instance, the agency finalized a new set of mortgage servicing rules that went into effect in January 2014 impacting any institution that services a mortgage. The CFPB is very focused on mortgage servicing. “It doesn’t matter what size of bank you are,’’ says Blanchard. “If you do a lot of mortgage servicing, you will be dealing with the CFPB.”

The agency implemented a new ability-to-repay mortgage rule and a qualified mortgage standard in January 2014 that some community banks said would negatively impact customers who don’t fit into the standard check-the-box underwriting model for a 15-year or 30-year mortgage. Banks can still offer mortgages outside of the qualified mortgage standard, but they have to keep those mortgages on their books. There also has been concern that offering mortgages outside of the qualified standard might expose the bank to more liability from lawsuits in the future. New rules have also impacted the way banks can pay bonuses to their loan officers. Violations of any of the rules promulgated by the CFPB can have dire consequences. Banks that already have been hit with fines in the millions of dollars or lawsuits include: U.S. Bank, Ally Bank, SunTrust Banks and American Express Centurion Bank.

One area where banks are finding themselves in the hot water in particular has to do with their use of outside vendors. “Banks are looking for more revenues,’’ Blanchard says. “The third party vendors show up saying, ‘We have ways to add a lot more money for you. We can sell these products for you.’” The CFPB, however, is holding banks responsible for the actions of their vendors, including the sale of credit card add-on products that consumers say they didn’t actually order. Some of those products might include identity theft protection or insurance. The bottom line for banks is they need to review and monitor vendors carefully to make sure they are complying with the bank’s and regulators’ expectations regarding consumers.

Some industry observers believe that the CFPB’s focus on consumers has impacted other banking regulators as well, making for tougher enforcement exams pertaining to consumer issues from the FDIC and the OCC. Prudential regulators such as the FDIC have been hitting banks with enforcement actions relating to consumer protection. One area to pay particular attention to in terms of consumer law is unfair or deceptive acts or practices (UDAP). The Federal Trade Commission previously enforced laws regarding UDAP, but Dodd-Frank gave enforcement authority to the CFPB in relation to financial institutions. The law has been expanded to include the term “abusive.” That sounds like a change for attorneys to argue about, but the significance for bank boards is that prudential regulators such as the FDIC are now hitting banks of all sizes with fines and enforcement actions regarding violations under this standard.

For banks that are not examined by the CFPB, the agency’s impact has hit them in a number of other ways. The agency houses a database of consumer complaints available online, so anyone can see, for example, how many complaints a particular bank received and for what general category of complaint, i.e. mortgages, debt collection, etc. The flow of consumer complaints to the agency has been increasing. During fiscal year 2014, it received 240,600 complaints. The agency lists each complaint once a company confirms a commercial relationship with that customer, and notes the company’s response and whether the consumer disputed that response. The CFPB itself can review those complaints and decide whether to investigate further and look for patterns for further investigations.

Attorneys have begun advising banks to keep a database of all complaints against the bank, including those delivered from customers directly to the bank. Banks should track complaints to their proper resolution, as well as look for patterns, to make sure the bank knows of any problems before the CFPB does. Each complaint needs to be taken seriously because you don’t know which one will get the attention of regulators, Blanchard says. Is a complaint alleging a violation of law or regulation? Or is it a matter that could be criminal? Some complaints could be very serious, and it’s important for the board to know the bank has a process in place to vet them and escalate them appropriately.

Understanding the CFPB and its impact on banking is important for any bank board these days. The CFPB has enhanced the level of scrutiny regarding treatment of consumers in the financial marketplace, and its actions and regulations are bound to impact your bank.

Year in Review: Big Profits, but Big Regulatory Fines, Too

1-9-15-Naomi.pngThe banking industry has never seen it so good. Or has it? Bank earnings have returned to record levels, and average return on equity (ROE) is about what is has been historically. At the same time, regulatory fines are huge and banks are contending with increased regulation like never before. Digitization is providing new opportunities for some banks to cut costs and please customers, and yet the surge in technology startup companies poses special challenges for banks. Because of this, management consulting firm McKinsey & Co. concludes in its 2014 annual review that “those banks that have articulated and executed a regulation-savvy, customer-centric strategy are collecting all the surplus value in the industry.”

Improved Profitability
One of the most impressive trends has been the industry’s return to profitability following the financial crisis six years ago. In 2013, U.S. banks above $10 billion in assets made $114 billion in profits, second only to the record year that was 2007, according to McKinsey.Year-end earnings for the largest banks will be released in the next few weeks, but 2014 is shaping up to top $100 billion in earnings again, says Fritz Nauck, senior partner at McKinsey. Improved credit quality and cost cutting were major drivers of the increased profits. Where is this cost cutting coming from? Many banks are cutting branches. Since 2011, U.S. banks have downsized the industry’s branch network by nearly 5 percent. In 2013 alone, that amounted to 1,300 branches, according to McKinsey.“Should that continue, that will drive future earnings and ROE,’’ Nauck says.

Banks now are close to an historical average ROE of 10 percent, calculated since 1980.

U.S. and Canadian banks are doing better than their European counterparts. The ROE for U.S. and Canadian banks went from 8.4 percent in 2012 to 9.3 percent in 2013 and 9.9 percent in the first half of 2014. For comparison’s sake, Western European banks had an ROE in 2013 of only 2 percent. Credit quality is better in the U.S. than in Europe, plus banks trimmed operating expenses and added capital earlier in the financial crisis than European banks, Nauck says.

Increased Regulation
Fines and settlements, however, have put a damper on the banking world’s profitability, both in Europe and North America, with many of those settlements relating to the financial crisis. The top 15 European banks and top 25 U.S. banks paid $60 billion in fines and settlements combined in the first half of 2014, according to McKinsey. From 2010 to 2014, those banks have paid about $165 billion in fines and settlements, and some of that involves regulators stepping up enforcement in areas not relating to the crisis, including money laundering rules, McKinsey says. Without those fines, the banking industry would have been significantly more profitable. In addition, increased regulation is taking more staff time and more hours out of the executive management team. McKinsey estimates that senior executives spend about 20 to 25 percent of their time on regulatory matters.

Driven to Digitization
The trend toward digitization—connecting with customers through apps and websites as well as automation of transactions and personalization of products and services—is transforming banking. McKinsey estimates that there are now more than 12,000 financial technology startups in existence. Fintech companies such as PayPal were first interested in transactions but many of them are now moving into new areas, including lending.

Interestingly, McKinsey sees fintech companies as more of an opportunity than a threat, because banks can set up joint ventures and sometimes acquire them to deepen and broaden their offerings for customers, just like Spanish bank BBVA did when it acquired the innovative online banking startup Simple in 2014.

Banks that have well defined strategies and execute them effectively are outperforming others, McKinsey says. But as the past year has made clear, banks must respond well to enhanced regulation and have a digital strategy in place to be successful.

Do You Need an Anti-Money Laundering Dashboard?

1-9-15-Crowe.pngAnti-money laundering (AML) has been a focus of regulatory and enforcement activities for several years, and, with heightened concerns about the financing of terrorist organizations like Islamic State group, AML likely will continue to be the subject of close scrutiny. Merely establishing an AML program is not nearly enough—banks also must verify that their programs are operating effectively and efficiently. AML analytics dashboards can help bank directors and compliance officers do just that, acting as an early warning system when a program isn’t operating at desired levels.

An AML analytics dashboard is rapidly becoming a necessary tool for bank directors and compliance officers to take a proactive stance toward changes to their institutions’ AML risks and AML system and model performance. Banks can use AML analytics dashboards to improve the agility, efficiency and effectiveness of their AML programs and reduce the risk of fines and other government actions. In particular, dashboards can help banks to accomplish the following critical compliance activities.

  1. Monitor for and Raise Alerts About Risk Profile Changes
    A bank’s AML risks change in response to new regulations as well as to changes in customer base, product and service offerings, and money launderer and terrorist group behaviors. With the rapid pace of such changes, it’s no longer sufficient to examine an AML monitoring system annually—bank directors and compliance officers need the ability to view their AML risks on an ongoing basis.

    An AML analytics dashboard provides bank executives up-to-date information on the bank’s current risks in a format that is easy to digest and further analyze. By continually monitoring the firm’s AML risk indicators, executives can proactively alert management when an indicator reflects a significant change to a component of the bank’s risk profile. The dashboard then allows directors and compliance officers to examine the details of the change so they can determine what triggered it and take appropriate action to mitigate any increased AML risks. For example, an AML analytics dashboard can raise an alert if the number of customer wires to or from high-risk countries increases by a predetermined percentage within a certain period of time.

  2. Monitor AML System Performance
    Banks typically have multiple systems for AML monitoring and compliance, including transaction monitoring systems, customer due diligence and risk scoring systems, and sanctions screening systems. These systems sometimes fail due to technical issues or human errors. In addition, these systems must be periodically tuned and optimized to maintain their effectiveness.

    An AML analytics dashboard can monitor the health and performance indicators of these systems and alert bank directors and compliance managers when potential issues are identified. For example, a spike in suspicious activity alerts produced by a transaction monitoring system could indicate a system issue or an increase in money laundering activity. An AML analytics dashboard also can monitor and send notification about issues related to use of the system and compliance workflows—for example, if suspicious activity reports are not being filed in a timely fashion.

  3. Perform “What-If” Analyses for Changes to Systems, Programs, and Models
    When performing an optimization exercise on an AML system, or implementing a new system or monitoring rule, bank directors and compliance officers must know the cost implications in advance. An AML analytics dashboard allows management to examine the implications of implementing specific system configuration changes and to perform “what-if” analyses. This is particularly valuable when conducting model tuning exercises. For example, compliance managers can evaluate in real time the staffing impact of setting a threshold for an AML monitoring rule to a particular value as compared with an alternative value.
  4. Demonstrate AML Compliance and System Effectiveness
    AML monitoring systems and models must be validated and audited on a regular basis. Regulators will conduct periodic examinations to confirm that the AML systems have been properly configured and optimized to execute the bank’s AML processes. An AML analytics dashboard can be used as part of a conversation with auditors and regulators to demonstrate how the bank’s AML models, systems, and processes are performing in real time. It also can be used to demonstrate effective oversight of the bank’s AML models.

Act Now
Implementing an AML analytics dashboard can prove time-consuming, so banks without a dashboard should start gathering the requirements now so they can reap the benefits as soon as possible. Regulators likely will begin to expect banks to have these systems in place in the relatively near future, and bank directors who want to stay ahead of the curve will make implementation a priority.

Selling Your Bank? How to Manage the Regulatory Headaches

11-19-14-ArnoldPorter.jpgIn considering a merger or sale transaction, the board of directors of a bank or bank holding company must consider a variety of factors in order to fulfill its fiduciary duties, but lately, the potential for regulatory hang-ups has to be part of that mix. Over the years, price has traditionally been the primary factor in a board’s consideration of a deal, however, most state corporate laws contain statutory provisions that allow a board to take into account a variety of other factors when evaluating a sale transaction, including impact on consumers, employees and local communities. Boards are also well advised to take into account the ability of the buyer to complete a transaction in a timely fashion, including whether the buyer may face any regulatory delays. In recent years, a number of transactions have experienced significant regulatory delays, and, in a few instances, transactions have been terminated due to buyer regulatory issues. This phenomenon has raised the stakes for boards that have not properly evaluated the regulatory risks of a transaction.

Identify Existing or Potential Regulatory Issues
For the seller, a protracted regulatory approval process can make it extremely difficult to continue business in the ordinary course and can damage employee relationships and morale.  Moreover, a failed transaction can result in a decrease in the value of the seller’s stock and damage to its ongoing business and reputation.

The seller’s board needs to be aware of any existing or potential regulatory issues facing the acquiring institution. While a few years ago regulatory scrutiny was generally limited to financial stability, capital and liquidity levels and Community Reinvestment Act compliance, today there is an increasing focus on the scope and depth of the acquiring bank’s compliance risk management. Material deficiencies identified in any area of regulatory compliance can derail an M&A transaction. Therefore, before approving a transaction, it is important that the board ensure that management has conducted adequate due diligence on the buyer, focusing on a number of key regulatory areas, including:

  • supervisory history of the buyer and the status and effectiveness of any corrective actions that remain outstanding; 
  • buyer’s record of compliance and the adequacy of its programs, policies and procedures, including “hot button” issues such as Bank Secrecy Act/anti-money laundering laws and fair lending;
  • capital levels and stress test results;
  • potential asset quality issues;
  • buyer’s Community Reinvestment Act record and history of consumer activism; and
  • for larger institutions, the absence of systemic risk resulting from the proposed transaction.

The seller must also be aware of its own problems and not rely on the historical rule of thumb that a strong buyer can assuage regulatory concerns about the seller. Sell-side due diligence enables the seller to proactively identify potential issues and resolve them before they escalate, thereby minimizing uncertainty in the sale process. Buyers will be focused on these issues in the diligence phase as well, with significant regulatory issues being factored into pricing and potentially narrowing the field of potential buyers.

Scrutinize Transaction Documents
The seller’s board should review the key terms of the transaction to ensure that the seller has the flexibility to address regulatory deficiencies that are identified in advance of signing the agreement as well as during the pendency of the transaction. Provisions that limit or restrict the seller’s ability to adequately address these issues can be damaging to the institution, particularly if the transaction cannot be completed. These restrictive provisions could include overly broad negative covenants that require the seller to seek the buyer’s approval before taking an action. The board must also be familiar with any termination and no-shop provisions as they may be overly restrictive if a buyer’s regulatory compliance issues delay a transaction. Any provisions that serve to restrict the flexibility of the seller when the transaction may be in regulatory jeopardy could be viewed as inconsistent with the selling board’s fiduciary obligations.

Engage Independent Counsel
It is axiomatic that when negotiating a merger transaction, the seller should engage its own counsel and not share legal counsel with the buyer.  However, a recent trend has emerged with a seller and buyer jointly engaging counsel for the regulatory application process. While sharing regulatory counsel may decrease a portion of the transaction costs, sharing counsel can create risk of conflicts when the buyer is faced with regulatory delay due to compliance issues.  If the regulatory delay causes a drop-dead date to approach, a seller is well advised to rely on independent counsel for advice on the status of the relevant regulatory issues and on the considerations involved in deciding whether to terminate or extend the transaction.

Compensation Regulation and Dodd-Frank: Where Are We Four Years Later?

9-12-14-McLagan.jpgWhere were you on July 21, 2010? If you were working for a bank, or in compliance for a publicly traded company, you know the world got much more complex on that date. The Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank Act) was signed into law, all 2,315 pages of it. Four years later, it makes sense to ask the status of the various regulations coming out of the Act, especially in one of the most complex areas, compensation.

There were six items in the Dodd-Frank Act that specifically focused on compensation. Of these six, five applied to all public companies; only one was focused specifically on financial institutions—incentive compensation. Four years later, only two of these six have been implemented. While this speaks to the general level of gridlock in Washington, D.C., at our regulatory bodies, it is important to understand what has been implemented, what is coming and how it impacts your bank.

If you are a publicly traded bank, say-on-pay has been with you for four years and has had a very direct impact on executive compensation. This fall, we may get final regulations on the pay ratio disclosure, which requires public companies to report the ratio of CEO pay to the median pay of all other employees. This could go into effect in 2015, which could impact proxy statements in 2016. Also, we may see proposed regulations on clawbacks this fall.

Most bankers are awaiting final regulations on incentive compensation arrangements; a regulatory item that has been in a proposed state for more than three years. However, there is related final guidance on a similar subject—Sound Incentive Compensation Policies. Although this joint regulatory guidance did not come out of the Dodd-Frank Act, it is in effect today and applies to all banks and thrifts, regardless of whether they are public or private and regardless of size.

Section Provision Shorthand Applicability Status
951(a) Shareholder Vote on Executive Compensation Say-on-Pay All public companies Effective, January 2011
951(b) Shareholder Vote on Golden Parachute Compensation Say-on-Golden-Parachutes All public companies Effective, January 2011
953(a) Pay Versus Performance Disclosure All public companies Not proposed
953(b) Pay Ratio Disclosure CEO Pay Ratio All public companies Proposed, September 2013
954 Recovery of Erroneous Awarded Compensation Clawbacks All public companies Not proposed
956 Enhanced Compensation Reporting Structure Incentive Compensation Arrangements All banks and thrifts >$1 billion in assets  Proposed,
May 2011

Say on Pay
In the 2014 proxy season, there were five banks who failed to receive majority shareholder support for their executive pay plans, or say-on-pay. Collectively in the 2012 and 2013 proxy seasons, there were a combined five banks that failed. The frequency of failed say-on-pay votes has increased.

What four years of say-on-pay has taught us is that you don’t want to fail your say-on-pay vote, and compensation that is extraordinarily high will get highly scrutinized. Plus, institutional investors have created their own governance groups and fighting a failed say-on-pay vote is expensive.

If your firm has a less than 70 percent positive vote for say-on-pay you have some homework to do for the next year. Also, having a healthy dialogue with your institutional investors has never been as important as now.

There have been no proposed regulations on clawbacks to date. This section would require that a company recover compensation that should not have been paid because of a restatement of earnings. This applies to current and former executive officers for the preceding three years after the restatement of earnings.

This absence of a proposal is striking given this is already a rule for the chief executive officer and chief financial officer as a result of the Sarbanes-Oxley Act.

Incentive Compensation Arrangements
Section 956 is the one area which specifically focuses on financial institutions. This provision applies to all banks greater than $1 billion in assets—public or private as well as credit unions over a certain size, all farm credit agencies and broker dealers.

The essence of the provision requires reporting to a firm’s primary federal regulator within 90 days of the end of the fiscal year. What has to be reported relates to a firm’s incentive compensation arrangements, primarily a description of all incentive compensation plans (including equity and post-retirement benefits), governance structures in place to ensure excessive compensation is not paid, and changes in incentive compensation from the previous year.

In addition for firms with assets greater than $50 billion, 50 percent of all incentive compensation has to be paid over a three year period.

Interestingly, Section 956 was proposed in April, 2011 it still has not been finalized more than three years later.

Still, banks should get prepared. All banks covered under the rule should have a formal review process of incentive compensation: Identify covered employees, review the plan designs and how compensation is paid over time; and make sure you have proper internal risk controls in place. The compensation committee of the board should oversee this review.

In the end, much of Dodd-Frank has not been finalized, but you can help prepare now by educating yourself about what is coming down the pike.

Assess, Don’t Assume: The Board’s Role in Basel III

With the change in capital requirements quickly approaching, many community banks believe they are well capitalized under the new Basel III standards. Yet most banks have not used the Basel III calculator provided by the regulators to truly assess their capital levels. In this video, Orlando Hanselman of Fiserv shares his thoughts on why the majority of community banks are not ready for this unprecedented shift to the basic banking business model, and outlines what boards should do to ensure their bank is not caught off guard.

For more information, check out Orlando Hanselman’s article on this topic

Managing the BOLI Risk

Bank-owned life insurance (BOLI) is a popular investment asset that can be used as an added benefit for key executives. For example, a portion of the death benefit may be allocated to the executive. The returns can be used to offset employee expenses such as health care or 401(k) plans. The percentage of U.S. banks holding BOLI continues to grow year after year. The percentage increased from 53.4 percent in 2012 to 56.4 percent in 2013, says David Shoemaker, a principal at BOLI provider Equias Alliance. He talked to Bank Director magazine recently about market trends and what boards should know about risk management of BOLI plans.

Why are banks buying BOLI today?
BOLI continues to offer a higher after-tax yield than most other investments of similar risk and duration. The extra income boosts capital and can aid growth or provide higher shareholder dividends. In a standard general account or hybrid separate account BOLI product, there are no mark-to-market adjustments on the bank’s books. BOLI interest rates are variable and will generally follow changes in market rates (but on a lagging basis), making them more advantageous than fixed-income products in a rising interest rate environment.

What are the risks that a bank should pay attention to?
As part of its annual risk assessment review, the bank should review the current and long-term performance of BOLI as well as the financial condition of the carriers. BOLI regulations going back to 2004 state that banks should perform their own analysis and not just rely on ratings. The Dodd-Frank Act highlighted the importance of this as well.

What impact will Basel III have on BOLI?
Basel III will not have any impact on general account BOLI policies, which are backed by the credit of the insurance company and carry a minimum interest guarantee and a risk weighting of 100 percent. However, hybrid separate account policies, which are also backed by the insurance company, offer additional benefits such as multiple investment accounts that are legally protected from creditors of the carrier. Typically, these policies are assigned risk-weights as low as 20 percent or as high as 100 percent. Under Basel III, our understanding is the bank has the option to evaluate each security in the portfolio individually, which would be a time consuming and expensive task, or may save time and money and simply risk weight the BOLI asset at 100 percent.

What are the responsibilities of the board when it comes to risk management of the bank’s BOLI program?
It is the responsibility of management and the board to make sure there is proper oversight of the BOLI program. The bank should have a BOLI policy that details the bank’s purchase limits for one carrier and for all carriers in aggregate. The policy should outline the processes for performing the pre-purchase due diligence as well as the ongoing risk assessment reviews. The board should have a reasonable understanding of how BOLI works and the risk factors associated with it, including credit and liquidity risk. If the bank owns a variable separate account product, additional due diligence should be performed since it is a more complex product.

Regulators are worried about the risk posed to banks by third-party vendors. How does this impact banks with BOLI?
One of the key messages in the regulatory guidance is that banks should adopt risk management processes commensurate with the level of risk and complexity of the third-party relationship. With regard to BOLI and non-qualified benefit plan design and administration, I believe banks will move increasingly to providers that offer a high level of technical support, including CPAs, attorneys and analysts, and that have significant internal support systems to aid in designing and servicing non-qualified benefit plans as well as BOLI. Companies will want to deal with providers that have internal controls independently tested and certified with a report known as Service Organization Control (SOC) 1 Type 2, through the American Institute of Certified Public Accountants’ SSAE 16 standards.

David Shoemaker is a registered representative of, and securities are offered through, ProEquities Inc., a Registered Broker/Dealer, and member of FINRA and SIPC. Equias Alliance is independent of ProEquities Inc.

What You Don’t Know Can Hurt You: 10 Things to Watch When You’re on a Bank Board

8-8-14-alston-bird.pngThe legal and regulatory climate for a bank is changing on a weekly basis. At least in part due to this, the expectations and liability risk of a bank director are not the same as a year ago, let alone five years ago. To help address this, we crafted a list of some broad themes we believe bank directors should be particularly attuned to now.

Enterprise Risk Management
Risk management is a function, not a committee. Boards need to implement a process to ensure that risks are properly identified and addressed in such a way that the board can demonstrate a “credible challenge” to management. And, beyond creating an effective corporate clearing house for risk, boards need to ensure that the bank possesses a management team capable of carrying out this function.

Third Party Risk
Vendor management has become a hot-button for all banks, as formal and tacit guidance continues to emerge. In addition to performing and memorializing due diligence around vendor selection, banks need to be in a position to understand and properly supervise the work of any vendors. This means having a properly qualified and trained management team that addresses the operational, compliance and other risks potentially resulting from reliance on third parties.

Trust Preferred Securities (TRuPS)
Many banks were forced to defer payments on TRuPS in the aftermath of the 2008-2009 crisis period. With the five year TRUPS deferral period now coming to an end, many bank holding companies don’t possess the funds (and cannot compel a bank dividend) to bring the TRuPS current. Further, regulators have insisted that any proposed capital raise be sufficient not only to pay off the TRuPS, but also to result in a composite CAMELS 2 rating for the bank. Your board needs to understand the resulting threats and opportunities.

Deferred Tax Asset Preservation
Bank regulatory agencies have begun to take issue with rights plans that are designed to preserve deferred tax assets (DTAs), citing the safety and soundness concerns that such plans could present by complicating future capital raises. As regulatory guidance on this point appears imminent, your board needs to understand the implications for your bank and your competitors.

Director Liability
Boards should ensure that they have the benefit of up-to-date exculpation and indemnification provisions in the bank’s charter and bylaws, as well as a robust directors and officers (D&O) insurance policy that is not rendered useless by a host of exemptions. In addition, with so much of the recent banking litigation being focused on process, your board should reconsider and redefine the way that your bank makes, records and polices its deliberations and decisions.

Role of Directors in Lending Decisions
Clearly, directors should be involved in defining the scope of a bank’s lending activities, the delegation of lending authority, and the monitoring of credit concentrations and other risks. But should directors serve on loan committees, and make the actual lending decisions? It’s time to reassess this important issue. Directors making day-to-day lending decisions can blur the lines of proper governance and needlessly expose directors to additional liability risk.

Charter Conversions
Each of the banking agencies seems to be developing a different regulatory mood on key issues, such as business plans, consumer compliance and risk-based regulation. In this post-crisis environment, it is important that you consider whether your bank is appropriately chartered in light of its strategy. Put another way, the trends have changed, and you should consider how these changes affect your bank.

Growth Strategies in a Tough Lending Climate
With traditional loan growth being slow, banks continue to reach for less traditional loan products, such as asset-based lending, factoring, lease finance, reverse mortgages, premium finance, indirect auto lending, warehouse facilities, etc. As always, these products must be considered in light of concomitant compliance risks and capital requirements. Directors should ensure that management performs thorough risk assessments alongside their profit/loss projections.

The Effects of Basel III
Depending upon the size and makeup of your bank, the January 2015 Basel III changes will impact your bank’s regulatory capital position. At a minimum, directors need to understand from the bank’s CFO and auditors that there is a plan anticipating what the pro forma capital position is expected to be under Basel III.

Compliance Issues Can Sink a Strategy
Too many banks with solid strategies have seen their bank’s growth hindered by compliance failures. Bank Secrecy Act/anti-money laundering rules, consumer protection regulations, and poor oversight of third parties can result in enforcement actions and derail growth until the issues are remediated, which can take years. Boards must set a tone at the top with regard to the compliance culture of the bank.

The themes above are top of mind for us, but the environment remains dynamic. This list likely will look very different in another year.

Six Tips to Safely Sell Add-On Products

Walking the High WireFinancial services executives face a tough dilemma these days.

Most Americans are satisfied with their primary bank and eager to learn about additional products, according to a 2012 study conducted by the Banking Administration Institute. And it’s no secret that selling add-on products is a great way to increase loyalty, retention and ultimately, revenue. But offering add-on products in today’s regulatory environment can be like trying to keep your balance on a high-wire. How do you sell these products without jeopardizing your relationships with federal regulators?

The key is to sell products that benefit consumers such as credit monitoring, payment protection plans, car rental insurance and identity theft protection. In fact, credit score reporting services and identity theft alerts have the highest growth and revenue potential, according to the 2013 Growth and Revenue Potential of Emerging Financial Services study. The Market Rates Insight study found that credit score reporting has a 71.4 percent potential growth rate, while identity theft alerts have a 70.8 percent potential growth rate.

In addition, some add-on products—like credit monitoring—are not only good for your business, but they’re also good for the economy. Credit monitoring helps educate consumers about their credit reports and scores so they can work toward achieving—or keeping—high scores. This, in turn, makes them better candidates for loans and lines of credit, which not only helps your institution but also helps the economy when these individuals buy cars, homes or start a business.

Regulators, however, not only look at the add-on products, but they also look at how organizations market and service these products. Therefore, organizations need to be honest and forthright during the entire lifecycle of the product.

Below are six best practices for a safe and effective way to market and service add-on products.

  1. Transparency Tops the List
    This is of the utmost importance, as regulators continue to crack down on credit card companies and banks that employ deceptive and unfair marketing practices. To avoid punitive damage, companies need to make sure their marketing materials accurately and precisely describe their products. Marketing materials should be written clearly and designed in an easy-to-read format.
  2. Tread Lightly with Employee Incentive Programs
    It’s okay to offer employee incentive programs to sell add-on products but make sure these programs follow appropriate guidelines. Employees need to realize that honesty trumps incentives or commissions every time and they need to be monitored to make sure they abide by this ethical standard.
  3. Stir Customer Care into the Mix
    Customer care scripts and manuals need to be as transparent and easy-to-understand as your marketing materials. Be sure to conduct quality assurance reviews on a regular basis to assess scripts and training materials to make sure they are fair to your customers. Organizations should also conduct real time monitoring of calls to make sure your employees treat your customers with respect.
  4. Cancellations Must Be Honored
    This is where some companies have gone awry. Cancellation requests should be handled in a manner that’s consistent with your product’s terms and conditions. Don’t mislead your consumers by advertising one thing and doing another. Cancellations should be handled with the same courtesy as enrollments.
  5. Keep a Watchful Eye on Affiliates
    Affiliates and third-party providers aren’t always accountable. After all, they may come and go, but your business is here to stay. If you hire third parties to handle marketing or other functions related to your add-on products, make sure they are held to the same standards as your in-house staff.
  6. Keep a Tight Lid on It
    In order to keep a tight lid on the lifecycle of your add-on products, you need a systematic program of controls, monitoring, auditing and documentation. By implementing a company-wide program you can ensure that everyone is on the same page and that you have documentation and controls in place for auditors and regulators.

Is It Worth It?
At a glance, implementing these measures may seem like a lot of work. But in reality, these measures should probably be implemented for your core products and services anyway, so including the add-ons shouldn’t be too demanding. Plus, the add-ons can add value to your products and help the economy at the same time. Taking care of consumers helps the economy, the longevity of your business, and it pleases regulators, so there is no reason not to do so.

For more information, visit