Problems for the Future
In planning your compliance program strategies for the future - or at least the next several years - there are issues that we can see coming. These should be front-burner concerns for your compliance program.
Each time a compliance development occurs, we seem to have less time to implement it. Congress gets impatient and so do the regulators. But one of the biggest driving forces in this acceleration process is consumers. They seem to be intolerant of delays. They also seem to be better at knowing exactly what is - or is not - going on.
The information age means that news travels faster - much, much faster. As a result, we don't have the luxury of waiting for things to happen. We need to anticipate trends and prepare for them - even prevent them on occasion. Banks cannot continue to be laissez-faire about compliance. The days of functioning as an information resource are over. Now, compliance works with, develops, and uses information systems to get the job done.
When news travels faster, it also means that things happen faster. Thus, we see trends in examination findings and enforcement that move in accelerating cycles. It now takes very little time for word of a newly discovered violation to make the rounds among examiners. When this occurs, you can count on it becoming an issue in your next examination.
Compliance managers need to shift from the information resource/knowledge management role into that of risk predictor. The successful compliance manager needs to see change coming. There are several areas that you should be able to see coming, even if you have vision problems. These include the obvious issues of privacy, fair lending, RESPA, and data collection. But the real challenge is to know what to do before they hit full force. This is pro-active compliance. Here's what the pro-active compliance manager should be working on.
Who owns what information about whom and what is likely to be the biggest legal, regulatory, and turf war of the next decade. Any resolutions to this issue will necessarily involve establishing clarifications or changes to the law, development of practices involving the use of electronic information, and increased sensitivity to customers as a key competitive factor.
To develop a protocol - or body of law - on privacy with positive results, the banking industry - and many other industries - needs to take a fresh look at how our legal and regulatory system has developed and implement some changes in direction.
Our commercial law system is built on the assumption that the most important thing a legal system should do is to make certain that commerce can function. For centuries, this has involved protecting business interests to provide predictability for commerce. We therefore have doctrines that support commerce such as holder in due course and ownership of customer lists as a trade secret.
There is an important difference, however, between owning the list and owning the customer. There is also an important difference between owning the list and owning the information. In the competitive crush, and with the help of what now seems to be limitless capability to implement new uses of whatever we find at hand (such as information about a customer's account) many businesses, including banks, have stretched the concept of list ownership to total ownership of the information. The consequences of this way of thinking have already hit U.S. Bank and will soon hit others.
The privacy debate is driven by two forces. First, the increasing ability of almost anyone to tap into and use electronically stored data. It is so easy to do that there needs to be a powerful counterweight (such as legal prohibitions) to prevent violations of consumer privacy.
Second, we are now facing the question of who has what ownership and use rights over data that happens to be sitting on someone's computer. The old saying, "possession is nine tenths of the law" can lead to serious trouble when applied to consumer information. Possession creating ownership rights overlooks the circumstances around how the information got there.
In determining policies and practices for customer privacy, banks may need to give closer attention to the customer contract. Every piece of data sitting on a computer or in a file has a reason for getting there. The reason relates to a bank-customer contractual relationship by opening a deposit account or applying for a loan. Before deciding to use customer information for any other purpose than supporting the product, the bank should look to whether any obligations are created by this relationship and whether any ownership is transferred. The bottom line: the customer owns the information about himself or herself and the bank has permission to use that information for specific purposes.
Reporting Credit Performance Information On All Customers
This issue has ties to both privacy and the concept of who "owns" the customer. Refraining from reporting information to the credit bureau has the short-sighted effect of limiting information about good customers that is available to competitors. It may also harm the customer by limiting their ability to build a credit record and demonstrate their reliability as a financial customer.
Perhaps the most significant issue that may develop from this practice relates to the ability of a consumer to determine when information about them is available and when it is not. This relates to the question of who owns the information.
First, there is the question of the customer's right to privacy. The developing trend in privacy is that the customer has specific rights over information relating to them. Electronics make this more feasible.
Second, using and selling information also brings out the natural tension between what a customer wants kept private and what information a customer wants to be available for use. Timing and context are everything.
So far, the only guidepost available resides in Regulation B. What Regulation B says is that the consumer has a right to put forward information about themselves that explains or demonstrates their credit history. This rule, Section 202.6(b)(6), gives the consumer the right to put forward this information and the burden of proving that the information is accurate and relates to them.
If creditors follow this guidance, it seems fairly clear that the consumer, not the creditor, should have the right to determine whether information gets reported; and the creditor does not really have the right to choose to withhold information to support its own goals.
Fairness and Nondiscrimination
Fair lending and fair treatment of customers under any circumstances, will be a leading issue for the foreseeable future. Specific fair lending concerns continue to emerge. For example, we are now dealing with the issue of whether the bank is responsible for discrimination by a dealer when the bank purchases the loan. Secondary market issues, particularly relating to underwriting, will probably be looked at more closely. This involves using banks as the discrimination traffic cops of the credit world.
On a broader scope, fairness may invade more than the way in which credit decisions are made. Fair treatment of customers in all banking relationships and services is likely to be a consideration in what services are offered, and how they are offered.
Unfair and Deceptive Trade Practices
This one is both old and new. Some unfair and deceptive rules, such as the preservation of consumers rights in certain credit transactions, go way back. Other rules, including Regulation AA are more recent, but still relatively esoteric from a bankers perspective.
In the next decade, (or this one, depending on how you measure decades) banks should take a long and lingering look at banking in the context of unfair and deceptive trade practices. In some respects, this simply means looking at and anticipating compliance.
Most of what we call compliance regulations are fundamentally specific rules that regulate practices to prevent unfairness or deception. Truth in lending ensures that the customer is able to understand the costs and terms of credit before signing on the dotted line. Regulation E ensures that customers get information concerning electronic transfers and that the bank take responsibility for resolving problems because the bank, not the consumer, has the ability to do so. ECOA and other fair lending laws provide each consumer with equal access to credit without regard to who they are or what they look or sound like.
Specific unfair and deceptive issues have been raised as possible topics for rulemaking, including treatment of dormant accounts, and unauthorized use of customer information.
The trend is clear: banks must consider the fairness of their practices, looking at them from every angle including the consumer's perspective. Self-regulation may be the only way to slow down regulatory burden. Self-regulation means avoiding practices such as placing 30-day holds on checks, paying interest only on the investable balance of an account, or advertising teaser rates for loans.
Fees: To Fee Or Not To Fee
Customers have already begun to duke it out with banks over fees. Banks face increasing challenges to fees in the coming years. What fees are fair? What fees are appropriate for the service and the circumstances? Perhaps most important, what fees will consumers accept?
California started us off with an analysis of the actual cost of returning a check. This was only the beginning of questions about what goes into fees - especially when the service used to be free. Banks will need to give close attention to the actual cost of delivering services and what products or services should be included as part of the overall deal, i.e., the rate of return on a deposit or the interest charged on a loan.
The furor over ATM fees has become a focus of the fee debate. The fundamental question, as seen by the consumer, is whether a consumer should be charged for a service, such as using a teller or an ATM.
As the consumer sees it, you can't do banking without an ATM or a teller or both. So being asked to pay for the service that enables the customer and the bank to conduct a transaction is a bit like being asked to pay a fee for the use of a cashier at a grocery store in order to purchase groceries. Consumers express the belief that this service should not be based on a fee - it should be a part of the product the bank delivers. In other words, the service performed by a teller or an ATM should be paid for through the product itself rather than be a separately calculated fee.
This debate also illustrates the difficulty of changing the nature of how business is done. For decades, the cost of tellers has been included in the cost and return of banking. It has been a part of the rates set for interest earned and interest paid. But the pressure for increasing the bottom line has led bankers to look at fees as a source of additional income.
Setting fees is a much larger issue for banks than the impact on the bottom line. Setting fees goes to the very nature of banking products and the relationship of banks with customers. How banks go about setting fees may determine their future. The very existence of fees directs the consumer's attention to cost. Fees become an invitation to shop around for other providers of the same or similar services - and not necessarily banks.
The Emerging Electronic World
When and how to deliver disclosures may be the simplest of the problems. So far, the agencies have made clear that banks are to follow the timing rules contained in the admittedly paper-based consumer regulations. The Federal Reserve will be providing specific rules, including guidance on disclosure format, storage, and the consumer's ability to save or print.
But as electronic banking develops further, there are more complex questions that grow with it. Most of the banking laws have been established with certain fundamental assumptions. The most significant of these are that the bank has a physical presence, and that the bank sees its customers. That is changing and the rules must evolve with this change. Several questions loom large on this particular horizon.
First, how is a bank to know its customer ("KYC")? The traditional method of looking the customer in the eye, checking two pieces of information, and asking a few questions (well, OK, a lot of questions) simply won't work on the Internet. Reviewing the consistency of the information provided by the customer and the pattern of transactions will clearly become a first step that replaces looking at a picture. For the rest, the industry can take the lead in opening the path to KYC of the future. It is likely to involve more work than the simple ID process.
Second, what is the bank's market or assessment area and how should the bank provide service to its community or assessment area? This is a much larger question than CRA. Electronic banking can fundamentally change the nature of banking and what a bank is. As we enter the age of electronic banking, we are fundamentally reinventing banking. This shouldn't be an impossible task. After all, the industry was completely reinvented in the 1930s.
The questions, however, are now different - and posed on a much larger scale. For example, when the federal savings and loan system was being established, the stated congressional goal was to have an S&L in every county of the United States. The idea was that this would ensure that everyone in the U.S. would have access to one.
Physical access is no longer the concern. In recent decades, the attention of consumers has changed from gaining access to financial services (except for issues involved in CRA and fair lending) to getting products and services from financial institutions at a fair price. Electronic banking offers this opportunity. Expect consumers to take advantage of this.
Third, and most important, is the future of the bank's relationship with its customers.
Customer loyalty is usually based on service, particularly personal service. How to deliver this in the electronic world is tomorrow's challenge.
Speed, ease of use, security, and reliability will all be important considerations. Keeping these in mind and using a lot of common sense should keep you moving in the right direction.
Electronic banking may also generate new ways for banks to succeed and fail. Customer service - almost a theme of this issue - is the key selling point for banks. As financial service product offerings become more diverse and those offering them become more diverse, banks must look for ways to stay ahead and keep their customers.
There will be new rules about electronic disclosure and electronic banking practices in the near future that will give specific guidance on how to carry out consumer disclosures. But banks will be left to themselves to figure out how to give customer service - the kind of service that keeps customers and wins new ones. Banks will need to keep in mind that customers can get out of an electronic banking account as fast as they got into it - faster, in fact. So there is more at stake here than compliance.
- Review your last four or five compliance examinations. Identify the problems that examiners found.
- Consider what these problems tell you about your compliance program and your bank.
- Use these findings and the predictions in this issue to map out your plans for the coming year and decade.
- Use customer service and common sense as guideposts.
Copyright © 2000 Compliance Action. Originally appeared in Compliance Action, Vol. 4, No. 17 & 18, 1/00
First published on 01/01/2000