Compliance And Risk Management Basics For Middle-Market Banks

By Michael Deely

compliance and risk managementIn the post-recession economy, banking compliance and risk management requirements continue to evolve and change – often at a pace that many middle-market banks don’t feel they’re able to maintain.

In addition, the ever-changing variables of customer experience, new financial products, novel delivery channels and the growing list of due diligence factors all combine to create an environment in which inefficient overlap or troubling gaps easily occur.

Yet, tackling the challenge of risk and compliance management at your bank isn’t an impossible task. The key to success is making these issues of risk and regulatory compliance everyone’s responsibility.

The New Compliance & Risk Management Model

The days of having Compliance, Risk & Audit Departments whose sole responsibility was to ensure that all required steps or regulations were met are in the past. This approach is outdated and inefficient. A more effective model makes bank regulatory compliance a responsibility for employees at all levels – embedding the requirements into their roles, responsibilities, control points and reporting behaviors.

This new model is broken down into three tiers of risk and compliance tracking:
  1. Business ownership, control and governance – This tier employs the majority of resources in day-to-day risk management, the proactive self-identification of compliance issues and a strong culture of controlling risk.

  2. Risk management – With a medium-level allocation of resources, this level of management has strong governance and subject-matter expertise in various regulations. This tier focuses more on risk themes and quality assurance.

  3. Internal audit – This final tier has the fewest dedicated resources for the most high-level review of processes, reports and policy soundness. If the first two tiers are operating efficiently, this tier should not have to identify individual compliance issues.

Benefits For Middle-Market Banks

Middle-market banks – especially on the smaller end – are slow to implement and adapt to this new three-tier model of risk and compliance management, but there are three key opportunities that every bank should consider in terms of how this model benefits their bottom line:
  1. Streamlined Banking Compliance & Risk Management
    The three-tier model embeds your banking compliance requirements where they’re most relevant: your day-to-day banking operations. This allows your bank to trim unnecessary expense, as everyone is responsible for compliance and risk management – and your processes don’t bloat over time as new regulations come into effect.

  2. Improved Customer Experience
    With a model of embedded risk and compliance management, you ensure that each regulatory issue is dealt with appropriately as the transactions occur, improving both the customer and associate experience from reduced surprises and additional steps.

  3. Proactive Vs Reactive Management
    By embedding the Risk and Compliance activities into the day to day processes, any issues can be captured real-time, which enables your bank leadership to devote more time to proactive risk management instead of merely reactive risk management tied to monthly or quarterly reporting.

Compliance & Risk Management Priorities

While the new three-tier model of risk and compliance management is worth the investment, it’s also a daunting task for many bank leaders when initially starting out. Leaders are often intimidated when they have to review all of their products, services, delivery channels and customer touch points and then embed changing risk and regulatory compliance requirements into the delivery mechanism of each one.

So, to start out, bank leadership should prioritize their issues of greatest risk and inefficiency, including these common areas:
  • Customer touch points (including sales, onboarding, customer service and social media)
  • All high-volume activities
  • Areas in which your current Compliance & Risk Department spends most of its time
  • Handoffs of transactions or information (such as between sales and operations, or between product management and sales)
  • Any area in which the majority of customer complaints intersect
  • All highly regulated products or products with recent regulatory compliance changes (like mortgages or derivatives)
  • Any handoff between manual and automated activities
Middle-market banks have a lot of hurdles to clear in order to keep pace with ever-expanding banking compliance and risk management requirements, all while balancing issues of cost, customer service and process improvement. Banks that keep these risk management principles and practices in mind are able to tackle new regulatory challenges as they emerge while still realizing gains on their bottom line.

Need more ideas on how to effectively implement a new banking compliance and risk management model at your financial institution? Click below to download our free report:

Download Your Free Report - 6 Bottom-line benefits of process improvement for your post-recession middle market bank