CUs' Approach To Rules Must Change
DES MOINES, Iowa-The heated pace of regulatory change demands that credit unions rethink how they approach managing and planning for compliance within the credit union, numerous analysts are recommending.
CUs have deployed all manner of strategies to lighten the compliance workload, relying more on leagues and trade associations to help decipher new rules and explain proper actions to take, and collaborating with other credit unions. But what may be the most important step to get the growing regulatory burden under control, compliance gurus suggest, is ensuring compliance is included in the credit union's strategic planning process.
Something has to be done to elevate compliance within credit unions, explained Andrea Stritzke, VP of regulatory compliance for PolicyWorks, a wholly owned subsidiary of the Iowa CU League that provides compliance services to CUs nationally. "It's not just the pace of the regulations coming down causing issues within credit unions, there's more to the problem than that."
Stritzke said PolicyWorks hears from CUs almost daily that are confused over the language and the intent of numerous regs. "For example, Dodd-Frank says compliance takes effect on one date, and then the final rule says the date is another. So which controls the action for the credit union?"
Not only is there confusion created by voluminous regulatory documents filled with cumbersome regulatory language, there is not a lot of time being given to comply, added Sam Kilmer, VP of market development for Harland Financial Solutions in Lake Mary, Fla. "There is a rapid-fire-rapid change mentality that is going on in compliance. There is just a diminished period of time from when lawmakers and agencies are considering new rules, when final rules are released, and when implementation deadlines must be met. And we are often talking about rules that impact operational change within the credit union."
Steve Van Beek, NAFCU director of regulatory compliance, shared as an example that credit unions had been scrambling to meet a July 21 deadline because the Fed released the final rule on adverse action notices and risk-based pricing notices late. "Overall, credit unions have been getting the compliance job done, but they are doing it by putting out fire after fire."
Many within the credit union community, the Credit Union Journal has learned, say the situation has become dire. That's why, sais Stritzke, the answer is to insert compliance into the strategic planning process.
"We believe the really big issue for credit unions is that not all CUs have realized that compliance demands have become so great, and the burden so large, that compliance has to be part of their strategic planning. So many credit unions are trying to take on these rules one at a time without an overarching plan."
That "piecemeal" approach to compliance is not the right solution, warned Stritzke. "Many credit unions are not thinking out far enough ahead, saying, 'We know these rules should be issued within the next six months, we assume they will be finalized in the next 18 months, what will we have to do? For example, should we even keep doing mortgages?' Compliance just needs to get moved to a higher priority within the credit union so they can be proactive rather than reactive."
Stritzke warned that a short-term reactive approach to compliance could also leave the CU budget dollars short if it eventually finds it needs to hire additional resources and make system changes to adapt to a new rule.
Quarterly Reviews Needed
Harland's Kilmer agreed that credit unions must push compliance higher in the long-term strategic planning process because new regs can require significant changes to credit unions' systems, business processes, and workflows. Kilmer suggested that not only should compliance have a long-term plan, but the credit union should meet often during the year-even quarterly-to see if the plan needs tweaking. "I am saying that if the process is to meet once a year and plan for a five-year plan that is probably not taking into account the rapid-fire rapid-change dimension of compliance now."
Digging into tactics, Stritzke said one of the first things credit unions should do is look at how the CU's compliance program is set up. "Do we have a compliance officer? If we don't we're probably doing compliance by committee, which is not always the best solution. You need to have someone quarterbacking your compliance program, watching the changes, figuring out who should d be involved and getting necessary vendors involved-bringing the right people to the table at the right time."
But small credit unions, which struggle most with compliance, often don't have the luxury of employing a full-time compliance person and much of the duties fall on the shoulders of the CEO, as Nancy Mattox told Credit Union Journal last year (Nov. 8, 2010). "Hiring staff to address compliance won't likely happen with budget concerns, said the CEO of $7.5-million Priority FCU in Russellville, Ark., who added that small CU CEOs will continue to wear numerous hats, including compliance officer. "The compliance task gets very cumbersome and affects your ability to grow. You simply don't have the time to focus on the things you need to do to grow the credit union," she said.
A similar discussion occurred recently among small CUs at NAFCU's annual meeting.
Will compliance move higher on more credit union's radar? For now, many CUs are tackling this challenge in standard fashion, shared Kathy Thompson, CUNA SVP of compliance. "Credit unions are coping with an increased compliance load the way they always do-rolling up their sleeves and doing what must be done."