Skip to content
BOL Conferences
Thread Options Tools
#1166309 - 04/20/09 01:02 PM Bank Compliance Officer vs. Compliance Auditor
Nick Grant Offline
100 Club
Joined: Sep 2005
Posts: 108
Would anyone venture to define for me the difference between a bank compliance officer and bank compliance auditor. Would it ever be acceptable to be both?

Comments and regulation cites will be appreciate.

Return to Top
General Discussion
#1166325 - 04/20/09 01:44 PM Re: Bank Compliance Officer vs. Compliance Auditor Nick Grant
BrendaC Offline
Power Poster
BrendaC
Joined: Sep 2001
Posts: 6,029
Sweet Home AL
At my previous bank our Chief Risk Management Officer headed up risk, compliance and audit.
_________________________
Life without Jesus is like an unsharpened pencil - it has no point.

Return to Top
#1166330 - 04/20/09 01:52 PM Re: Bank Compliance Officer vs. Compliance Auditor BrendaC
#Just Jay Offline
10K Club
#Just Jay
Joined: Oct 2006
Posts: 14,390
Cheeseheadland
I do both.
_________________________
I don't repeat gossip, so listen closely...

Return to Top
#1166412 - 04/20/09 02:56 PM Re: Bank Compliance Officer vs. Compliance Auditor #Just Jay
RR Joker Offline
10K Club
RR Joker
Joined: Nov 2002
Posts: 20,654
The Swamp
I used to be both until we got too big. Now Internal Audit does compliance audit and I do compliance management.
_________________________
My opinion only. Not legal advice.

Say you'll haunt me - Stone Sour

Return to Top
#1167709 - 04/21/09 10:59 PM Re: Bank Compliance Officer vs. Compliance Auditor RR Joker
Andy_Z Offline
10K Club
Andy_Z
Joined: Oct 2000
Posts: 27,748
On the Net
If I were defining the differences I'd say audit handles the banks accounts, policies and procedures and compliance handles the alphabet soup regs. That is a general definition.
_________________________
AndyZ CRCM
My opinions are not necessarily my employers.
R+R-R=R+R
Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell

Return to Top
#1167735 - 04/22/09 01:54 AM Re: Bank Compliance Officer vs. Compliance Auditor Nick Grant
Richard Insley Offline
10K Club
Richard Insley
Joined: Oct 2000
Posts: 10,179
Toano, VA
The term "compliance officer" is not defined and there is no clear industry standard for the duties associated with this job.

Over the years, regulators have pushed banks to turn the "compliance officer" position into a type of auditor--for their own convenience. If you audit the bank, then their job is much easier. Unfortunately, yours isn't.

Before there can be anything to audit, regulations must be implemented and managed. Managing regulatory risk involves far more than testing for exceptions. A compliance manager watches the horizon for new and changing regs and emerging "hot button" issues. S/he manages the bank's relationship with its regulator(s), including on-site exams. Most importantly, s/he coordinates line managers' efforts to implement and control regs. Often, the compliance officer is responsible for all regulatory policy writing and training.
_________________________
...gone fishing.

Return to Top
#1169012 - 04/23/09 05:30 PM Re: Bank Compliance Officer vs. Compliance Auditor Richard Insley
luvflipflops Offline
100 Club
Joined: Nov 2005
Posts: 150
on a beach somewhere
IMHO - a compliance manager is one that establishes policies, procedures, processes. Or at least proposes them to the decision makers. The CM also has an oversight capacity for the processes that contribute to compliance and is held responsible when/if the compliance auditor finds an issue. The compliance auditor should be seen as the refining tool for the compliance function. They come in with a different set of eyes (and probably a little more perspective) and audits the efficiency, compliance, etc of the policies, processes and procedures that the CM has established and manages.

Return to Top
#1169645 - 04/24/09 01:43 PM Re: Bank Compliance Officer vs. Compliance Auditor luvflipflops
ahou Offline
Power Poster
ahou
Joined: Aug 2002
Posts: 3,094
To me, a Compliance Auditor is independent from day to day compliance activities and mgmt decisions. The audits performed by this person have the purpose of ensuring the BOD that internal controls and bank procedures are adequate to ensure compliance. The auditor serves in a advisory capacity when sitting on committees, rather than being directly involved in mgmt decisions. Sometimes the auditor is called a "Compliance Officer", which seems to be a generic term, whose duties could be anything depending on the bank they work for smile
_________________________
Opinions are my own and not of my employer.

Return to Top
#1170322 - 04/26/09 12:03 AM Re: Bank Compliance Officer vs. Compliance Auditor luvflipflops
Richard Insley Offline
10K Club
Richard Insley
Joined: Oct 2000
Posts: 10,179
Toano, VA
These are all good observations, but it's a design flaw to hold the compliance manager responsible for implementation errors & omissions and for operating breakdowns. I've watched countless C/Os become incredibly frustrated (and been there myself) when they're told "it's a compliance problem...your title is compliance officer so that means you own it." I didn't mind accountability--but not for things I couldn't control.

It's not unusual for the lonely compliance professional to become a dumping ground for any project or problem which can have the "C" word pasted on it. Business managers love to do this because they hate regulations and want to get the monkey off their backs. Also, they know that the cost of compliance stays out of their budgets if it can be pushed into a general corporate cost center. Try walking into a business, and taking charge of human & financial resources necessary to implement a reg. & you'll underscore why you can't be held accountable.

Working under bank counsel, I arrived at a relationship with the major businesses which gave the head of the business a full or part-time compliance specialist. These folks were housed & budgeted in the business, reported to the top business manager (with varying degrees of informal "dotted line" reporting to me), and totally responsive to their businesses needs. Our business heads liked this arrangement because it eliminated a bottleneck---they never had to hear "I'll get to you as soon as I finish ____."

I realize this model can't scale down to banks with only one compliance position, but it's still possible to move a businesses' quality control functions to its servicing unit and "deputize" someone within the business unit to help with implementations, examiners, and other activities that can run you ragged.
_________________________
...gone fishing.

Return to Top
#1184857 - 05/15/09 07:57 PM Re: Bank Compliance Officer vs. Compliance Auditor luvflipflops
Sound Tactic Offline
Power Poster
Sound Tactic
Joined: Feb 2005
Posts: 5,349
Originally Posted By: beachgirlatheart
IMHO - a compliance manager is one that establishes policies, procedures, processes. Or at least proposes them to the decision makers. The CM also has an oversight capacity for the processes that contribute to compliance and is held responsible when/if the compliance auditor finds an issue. The compliance auditor should be seen as the refining tool for the compliance function. They come in with a different set of eyes (and probably a little more perspective) and audits the efficiency, compliance, etc of the policies, processes and procedures that the CM has established and manages.


I totally agree which means I disagree with many of the posters here. A Compliance Auditor is not a Compliance Officer. A Compliance Officer is responsible for the Compliance of the bank, setting policies and establishing risk tolerence. A Compliance Auditor reports to the board the condition of the banks compliance program, including how well policies are being followed. Two totally different positions and should NEVER be the same person. That said, sometimes banks have no choice because of size, etc., however it should never be the same person.
_________________________
If your tagline references disclaimers regarding the nature of political posts, then you should just hit notify.

Return to Top
#1185792 - 05/18/09 08:48 PM Re: Bank Compliance Officer vs. Compliance Auditor Sound Tactic
Dolly Nugent Offline
Diamond Poster
Dolly Nugent
Joined: Nov 2000
Posts: 1,820
Southern California
I am the Compliance Manager at my institution. I am responsible for risk assessments, developing policies & procedures and training.

We have an outside company perform our compliance audits. However, my department also performs "internal monitoring" to ensure that policies and procedures are being observed in between audits. We are regulated by the FRB and they like our program. They especially like that we "self-identify" problems and adjust our procedures.

The compliance auditor reports her findings directly to the Audit Committee. I also report findings related to the internal monitoring performed by my department to the Audit Committee.
_________________________
Dolly Nugent
CRCM
Opinions expressed are my own.

Return to Top
#1185794 - 05/18/09 08:51 PM Re: Bank Compliance Officer vs. Compliance Auditor Sound Tactic
Dolly Nugent Offline
Diamond Poster
Dolly Nugent
Joined: Nov 2000
Posts: 1,820
Southern California
I am the Compliance Manager at my institution. I am responsible for risk assessments, developing policies & procedures and training.

We have an outside company perform our compliance audits. However, my department also performs "internal monitoring" to ensure that policies and procedures are being observed in between audits. We are regulated by the FRB and they like our program. They especially like that we "self-identify" problems and adjust our procedures.

The compliance auditor reports her findings directly to the Audit Committee. I also report findings related to internal monitoring to the Audit Committee.
_________________________
Dolly Nugent
CRCM
Opinions expressed are my own.

Return to Top
#1187089 - 05/20/09 02:23 PM Re: Bank Compliance Officer vs. Compliance Auditor Dolly Nugent
Richard Insley Offline
10K Club
Richard Insley
Joined: Oct 2000
Posts: 10,179
Toano, VA
Regulators always like self-review & don't much care who does it. If you do it, they get to go home early.

From the management perspective, however, if you look like an auditor and quack like an auditor, your business managers will welcome you like an auditor ("oh no, not you again, you couldn't be here at a worse time.") If there's any way to transfer the QC to the business units (usually their servicing support staff), do it. By shifting the never-popular error detection duties to employees under the control of the business head, these busy execs can better control the flow of their businesses. Your auditor can still review the scope, findings, and follow-through for the QC process, and you are still available to help repair things that have broken down.
_________________________
...gone fishing.

Return to Top