On the second anniversary of the Dodd-Frank bill, the technology to handle its stipulations is far from complete. That stands to reason, given how few of the rules and regulations implementing the sweeping reform bill have been written.
"There's a tip-of-the-iceberg issue here," says Jason Marx, vice president and general manager for residential and indirect lending at Wolters Kluwer. "A fair amount of work has been done on the regulations, but the market still hasn't seen the full scope of the regulations as a result of the legislation."
Many software vendors use the phrase "Dodd-Frank" in their marketing messages and websites, and software exists for specific aspects of the bill, such as trading compliance, but few traditional banks have invested extensive IT resources in Dodd-Frank compliance because so much of the regulation is still up in the air.
Large banks are building or modifying homegrown software to accommodate the new rules. Bank of America is developing a software platform to handle international remittance processing, which is subject to section 1073 of the Dodd-Frank bill.
The new rules call for disclosures to the consumer at the point of placing an order, with estimates of taxes and fees that will be charged by all banks along the chain of an international payment. The rules also make banks more liable if a customer makes an error in an order, providing the wrong account number, say.
Bank of America is developing technology to manage the tax and fee information. It is also building linkages from that repository to the branch system and other programs to retrieve that information in real time. The bank hopes to have its platform ready by November.
"With 1073, the time frame for implementation between when the rule was made final and when it became effective was no more than 13 months," says Greg Murray, global product manager for Bank of America Merrill Lynch's USD Clearing and Banknotes businesses. "I'm not certain the technology providers had sufficient time to be able to create an off-the-shelf solution. The tenets of the regulation were still in a fair amount of flux until February of this year. Some banks will choose to build their own solutions and others may choose to talk with other banks that are building their own solutions as well as tech vendors."
At the $330 million-asset Bank of Marion in Illinois, the answer so far has been to shift some of its compliance work to vendor Continuity Controls. The bank hands its compliance policies over to the vendor, which compares them to a database of new regulations and staff interpretations it maintains. Continuity Controls suggests policy changes, which are reviewed by bank officers and the board.
"Instead of us trying to figure out all those changes and interpret them, they do that," says Ray Altmix, president and CEO. The vendor also automatically audits the policies and procedures. The cost of the vendor's services is about half a compliance officer's salary, he says.
Altmix says less than 20% of his bank's IT resources are currently devoted to Dodd-Frank-related compliance work.
"What we see out of Dodd-Frank is that there will be a never-ending stream of new regulations and descriptions of old regulations we'll have to relearn," he says. "It's a little scary. That's why we went a different direction than a single compliance officer and support staff."
The hardest part of complying with Dodd-Frank from a bank IT perspective is keeping up with the velocity and complexity of change, Marx says. "The last time the lending industry faced changes of this magnitude was in 2009 when they had a Respa change. There's a lot for banks to keep up with. The proactive ones are out there seeking information and technology to automate a lot of these processes and remove the manual risk and human error in the process."