Managing your suite of regulatory compliance programs today requires a game day strategy to keep all the moving parts working together to achieve the end goal of meeting the external regulators expectations.
While financial institutions can prepare for examination reviews by assessing published guidance; the hard part is applying the guidance to your own internal teams.
With emerging areas of compliance, including consumer protection, organizations have to be prepared in their compliance game-book to make adjustments.
Gone are the days where looking to the published rule and effective date was sufficient. In today’s landscape, compliance program management requires close monitoring of complaints, enforcement actions, and monitoring CFPB research reports to spot areas of focus even before the rulemaking.
- Structure special teams or risk committees for specific areas of compliance. Can you show how the teams work together?
- Monitor your scorecard with compliance metrics you can use to demonstrate “how” you structured your compliance playbook. Can you tell your compliance story to an auditor?
- Develop oversight mechanisms and designate decision making authority for reviewing your compliance program for effectiveness. Who is your internal compliance umpire?
- Know your audience for board of director and management reporting. Operational metrics are important, but strategic metrics can be game changers in getting approvals for investments. Do you know how to “pitch” your business case?
- Practice with confidence how to share the insights and reasons why you structured your compliance program the way you did. Can you show “why” your meets your compliance risks?
Compliance Program management requires more flexibility today, to adapt to changing rules and interpretations of what is expected.
Single hit wins, and doubles are good, but in the area of consumer protection and operational risk, you need some home runs to succeed over the long term.
If you want to be in the game, play by the rules. Keep in mind the rules of the game will change during play.
Be prepared for your role as your own compliance umpire, and call the shots internally.
Linnea Solem is the Vice-Chair of the Shared Assessments Program and is the Chief Privacy Officer and Director of Business Risk & Privacy Management for Deluxe Corporation. Linnea is a management professional with 20+ years financial services experience in areas eCommerce, technology, business development, marketing, information practices and risk management .She is a Certified Information Privacy Professional and led Deluxe’s compliance initiatives for Y2K, GLB, Check 21, and Red Flags Legislation.
Reposted with permission from Forward Banker