As the number of regulatory requirements increases, financial institutions are spending more time than ever with their primary regulators – be it the Securities and Exchange Commission, Federal Deposit Insurance Corp., Office of the Comptroller of the Currency or Consumer Financial Protection Bureau.
Headlines regarding enforcement actions – and matters requiring attention, memorandums of understanding and written agreements – have become the norm instead of the exception. While some of these are the result of the financial crisis, many are the result of incomplete or ineffective processes and programs. Since the regulators "publish" the rules of engagement, it comes as a surprise that there are so many banks struggling. In most institutions – especially the large ones – regulators are onsite throughout the year performing their examination duties.
I believe the outcome of these exams depends largely on the nature of the interactions between the financial institution and the regulator before, during and after the examination. With the regulators and the financial institutions motivated to achieve a positive outcome, one has to wonder: why are so many institutions flunking their examinations?
In my interactions with various financial institutions, I have observed that they perceive regulators in one of two ways: regulator as ally or regulator as enemy.
Institutions that perceive regulators as the enemy don't care about building a good relationship. When a regulator requests information, they submit minimal or incomplete data, and not always on time, which gives the perception of mis-management. During an exam, they may relegate the examiner to the basement where there is limited Wi-Fi or Internet access. They might also argue the results of the exam. I've even heard of instances where examiners have been asked to leave a meeting because they didn't "understand" the business.
On the other hand, there are those financial institutions that treat regulators as an ally. They are well-prepared to submit regulatory information on time, and their files and documents are neatly organized and easy to review. When examiners arrive, they are given an office space that is easily accessible, secure and well-stocked with printers, paper shredders and power cords. Kick-off meetings and one-on-one sessions are scheduled to acquaint them with the organization and the compliance material. In addition, quarterly meetings are organized before and after the scheduled exams to discuss the impact of upcoming laws and regulations, as well as best practices for compliance. On-going communication is the norm.
Clearly, the latter approach to regulatory interactions is more time-consuming and costly than the former. But in the long run, it is more beneficial because it helps financial institutions avoid regulatory misunderstandings and inaccurate compliance assessments, which can otherwise result in costly fines, penalties and reputational damage.
When it comes to improving regulatory interactions, regulators also have a part to play. They must be able to clearly communicate their expectations to financial institutions so that there are no misunderstandings. To that end, new or inexperienced regulators must be trained on how to ask the right questions, and capture the right information.
Regulators should also be able to coordinate their requests for information so that financial institutions aren't bombarded by separate, but similar requests from different regulators. Another important practice should be to release a comprehensive calendar of regulatory information requests and exams for the year, so that financial institutions can plan ahead, prepare and ensure that their internal compliance and control review processes are completed on time.
One of the biggest pain points for financial institutions – particularly insurance companies – is sifting through numerous consumer complaints databases, as each U.S. state has a different complaint logging system. Adding to the complexity, each regulatory agency has its own complaint database. Sometimes, a single complaint gets published in multiple databases. This makes it tricky for financial institutions to sort through disparate databases to track complaints, and then respond to regulators and consumers in a timely manner. The chances of errors and missing data are quite high. It's up to regulators, therefore, to find ways to automate and integrate these complaint databases so that it becomes easier and quicker for financial institutions to track and address consumer complaints. Isn't that the objective?
And finally, just as it is important for financial institutions to be examined by regulators, it is equally important for regulators to be examined and audited. Independent audits of a regulator and their work can help identify and minimize inefficiencies, and optimize the value of regulatory exams. I know of numerous institutions that have been subject to a rogue examiner set to leave their mark, so to speak. I believe that financial institutions would benefit from a complaint database that allows them to provide confidential feedback on their examiners and the examination process.
Relationship building is a two-way street. With that in mind, regulators and financial institutions need to approach regulatory exams with an attitude of collaboration. They must listen to each other, work together and make it easier to do the right thing – which is to protect the interests of customers and stakeholders. Only then, will they be able to build a safe and sound financial system.
Susan Palm is vice president of industry solutions for MetricStream, a provider of enterprisewide governance, risk, compliance and quality management solutions.