• Home
• About Us
  • History
  • Meet Us
  • Contact Us
• Services
• Reviews
• Products
  • Seminars
  • Compliance Manuals
  • Other Products
• Seminars
• Compliance Resources
  • Newsletters
    • Newsletter Archives
      • 2007 Newsletters
      • 2006 Newsletters
      • 2005 Newsletters
      • 2004 Newsletters
      • 2003 Newsletters
    • Register
  • Compliance Links
  • Free Downloads
• Contact Us
• Blog
  • Proof of Flood Insurance - Part 1
  • Proof of Flood Insurance - Part 2
  • Late EFT Errors
  • FACT Act Red Flags and Address Discrepancies
  • Changing Late Payment Fees
  • CIP and Loan Officers
  • Consumer Complaints
  • SAR Filings Skyrocket
  • HELOC Renewals & Extensions
  • Consumer Help or Banker Headache?
  • "Government Made Easy" Yeah Right! (aka HUD's New RESPA Proposal)
  • An Update from a FDIC Field Examiner
  • Flood Answers...or More Questions? It's Your Time to Speak Up!
  • Flood Zone Discrepancies
  • SAR Tips
  • Regulator Hotline
  • FEMA Resolves Flood Zone Discrepancy Issues
  • The Best Compliance Manual
  • Office Fire
  • Flood Reform
  • Continuing To Share With Affiliates
  • Flood Insurance & Insurable Value
  • What I Learned at the ABA's RCC
  • ID Theft Prevention Program
  • Flood Insurance at Loan Closing?
  • UDAP (Unfair and Deceptive Acts or Practices)
  • ABA RCC Flood Issues
  • BSA Risk Rating
  • HMDA: What is Your HMDA Data Telling You?
  • Compliance Officers - Risk Rating & Prioritizing
  • New & Emerging Compliance Issues
  • Free OFAC List Searches
  • HMDA Getting It Right Updated
  • Paying A Bonus On Deposit Accounts
  • HMDA Plus
  • Right of Rescission
  • Flooding and a Bank's Reputation
  • Extension of the NFIP
  • New FDIC Insurance Increase and Signage
  • OTS Adverse Action Notices
  • FACT Act Exam Procedures
  • OFAC Searches
  • FTC Delays Red Flags Rule
  • FTC Red Flags Delay Update
  • Advertising Closed-End Loans
  • Application vs. Inquiry
  • HUD (or is it DUH!) Final Changes
  • RESPA Final Rule Issued

Blog

Compliance Officers - Risk Rating & Prioritizing

By David Dickinson

I'm still providing you with my notes from the ABA's Regulatory Compliance Conference.  I attended a session on Risk Rating and Prioritizing tasks as a Compliance Officer.  Below are my notes from this session:

Gone are the days of checking off tasks.  Now you must risk assess everything.  Apply a risk approach to everything.  What issues are facing your bank?

Getting Organized:

Design a "Issues Status Report"

Be sure to list the responsible office and responsible officer/manager. (These people will want their name off the list - so it becomes a priority for them).

            If past due, change the color (yellow or red).  This will get a faster response.

Design a "Project Status Report"

Showing the schedule, process and completion status of tasks.  This is a great way to report to senior management and/or Board.

Risk Rating/Prioritizing:

Lower risk = lower priority

For example, check some disclosures once per year (such as the Cosigner notice) to make sure verbiage hasn't changed.

"Don't let the Compliance Tail wag the Banking Dog"

            If you under manage, issues will arise.

            If you over manage, you risk profits.

It's not a "compliance culture". It's a "Risk Culture."

            Risk management starts at the top.

            Many senior people don't like the term "compliance". Use "risk".

Auditing & Risk Rating: 

For example, not all of Reg E is a high risk: 

Issuing access device (205.5) vs. initial disclosures (205.7) vs. error resolutions procedures (205.11). 

Same with Reg D, yet Reg D doesn't have the same monetary penalties or seems to receive less examiner scrutiny.