Reputation risk and corporate ethics are top of mind for Boards of Directors and Executive Management. However, expectations for financial service organization’s “compliance manners” are getting a makeover in responsible business conduct based on a recent bulletin from the Consumer Financial Protection Bureau (CFPB).
The CFPB has set out a menu of protocols that come into play prior to an enforcement action. The nature, extent, severity of a violation + the past record of the organization combined with the actual/potential harm, equate to how harsh the penalty or action could be.
There’s no magic grading formula, but organizations that clearly demonstrate a proactive commitment to prompt corrective action, may be given extra credit but only if their actions exceed the standards required by law. To get an “A” in compliance manners, organizations need to structure compliance management systems for consumer protection to include: Self Policing, Self Reporting, Remediation & Cooperation.
While the regulations provide the curriculum for testing compliance, the etiquette or compliance attitude or tone at the top are just as important.
Grade your compliance etiquette by thinking about these questions:
- What’s your organizations compliance culture grade?
- Has your organization had repeat offenses?
- Are mistakes or violations isolated or pervasive?
- How quickly are violations detected & corrected?
- Do you have mechanisms to self-test your procedures?
- Does the organization take proactive measures to self report, or wait until they are examined?
- How thoroughly do you implement preventative measures?
Grading on the curve will only get organization’s so far in meeting today’s consumer protection report card.
Organizations need to align not only the right answers, but the right etiquette and protocol for how they handle consumer protection today. So mind your compliance manners and remember to say thank you; you’re welcome; pretty please, and when needed, I’m sorry.
Linnea Solem is the Vice-Chair of the Shared Assessments Program and is the Chief Privacy Officer and Director of Business Risk & Privacy Management for Deluxe Corporation. Linnea is a management professional with 20+ years financial services experience in areas eCommerce, technology, business development, marketing, information practices and risk management .She is a Certified Information Privacy Professional and led Deluxe’s compliance initiatives for Y2K, GLB, Check 21, and Red Flags Legislation.
Reposted with permission from Forward Banker