Gaining Ground with Bank Management
How often is the input of the compliance manager brushed off with, "Oh, that's just compliance," or "If it weren't for compliance..." These are natural reactions to the often delivered the message of examiners and compliance auditors alike that any violation is of equal importance. Compliance reviews often treat violations such as a mistake in calculating several APRs and a failure to identify compliance implications in a new product as having equal importance.
In addition, compliance is easily seen as an topic that is forced upon banks but not central to the business of banking. Banking is about taking deposits and making loans, not about calculating APRs and APYs. The risks involved in compliance are often missed by bank management, and the compliance manager can encounter difficulty getting needed resources and authority needed to manage that risk at acceptable levels.
Congress and many state legislatures have concluded that compliance is important to the business of banking. In fact, the legislation they have promulgated clearly rests on the proposition that customer service and fairness to consumers is central to the business of banking.
To make these customer service concerns a reality, Congress created consequences for failures to comply. These consequences become risk for the bank. This legislated risk is every bit as real to the bank as risk from interest rates, market activity, and fraud. Bank managers understand risk. As we turn the corner into the next century, risk is the watchword of the day. Bank managers now think and talk in terms of risk. The newspapers and magazines they read include numerous articles on risk. Bank managers are approaching planning and problem solving in terms of risk.
Bank supervisory agencies are also on the risk bandwagon. Bank supervisory agencies are developing and testing risk based examinations. Many of these risk management principles are familiar to compliance managers. In fact, they are old news. It is time for compliance managers to look at their programs with fresh eyes, adopt the language of risk, and use this approach to communicate to their bank management. To communicate effectively, you must be understood. You must speak "executive-ese." Executive management's expertise is in making business decisions. Therefore, the compliance manager is most effective when explaining compliance issues in business terms. Explain the problem in terms of cost, risk, and gained or lost opportunity. Use numbers.
Explain the proposed control or procedure by tying it to the bank's business strategy, and identifying opportunities. (Remember - it is always legal to use compliance to sell!) Identify the costs or the risk of not complying. Use the experience of other banks to illustrate or support your points.
Risk - with numbers to support it - is a concept that can be quickly understood. It is the catchword of the moment. It is how to get out of the corner and into the boardroom to gain support for the bank's compliance program.
Copyright © 1996 Compliance Action. Originally appeared in Compliance Action, Vol. 1, No. 7, 4/96
First published on 04/01/1996