Today, we're presenting a guest blog post from our friends over at Credit Union Resources. Steve Gibbs, CUCE, BSACS, AVP Shared Compliance, shares the top five credit union compliance myths.
The Dodd-Frank Financial Reform Act as well as other recent changes to regulations, including those initiated through the Consumer Financial Protection Bureau (CFPB) has added additional emphasis to the impact of penalties and negative sanctions. These regulatory directives, including the SAFE Act, have been put into place to spotlight the seriousness with which these issues are viewed. There is still an element in the industry that chooses to cling to old ideas and attitudes about dealing with compliance issues. The following are some fallacies related to understanding compliance and how it is managed.
1. Our Attorney Should Be Able to Manage Compliance
Response: If your attorney has compliance certifications or experience, then he/she may well be able to handle your compliance questions and issues. Many credit union managers assume that because someone is an attorney, they have added knowledge of compliance and related situations. Unless that person has had the additional training and experience, this is not the case.
2. Our Internal Auditor Also Serves as Our Compliance Officer
Response: The question you should ask yourself is, “Can an auditor audit their own work?” The Compliance area is subject to audit in the same manner as lending, deposits, accounting and other operational areas. Additionally, as in the discussion of attorneys (above) and compliance, an audit background does not necessarily imply compliance knowledge. Many auditors work with compliance issues, however unless there is specific training, you cannot assume compliance knowledge or expertise. The appointment of a compliance officer is a requirement of the USA PATRIOT Act. That person should independent and have authority to perform their duties.
3. That’s not a Problem, the Examiners Have Never Written It Up
Response: This mentality has turned on many credit union CEO’s and cost them valuable ratings points with examiners.Often, examiners (and auditors) will not catch violations due to a reduced scope examination (or audit) or time constraints. This does not prevent an examiner from coming in at a later date andwriting up that violation. This is a perfect reason for conducting self-audits within departments or supporting a solid internal audit program. If you can find problems within your credit union’s system, most regulations allow for “curing” (or fixing) the violation.
4. If Responsibility Isn’t delegated to One Person – The Examiners Can’t Hold Anyone Responsible
Responsible: Examiners, in general, want to have a single party to discuss issues with regarding various areas (ex., lending, deposits, compliance, accounting, etc.). Separating responsibilities in a way to makes the chain of command appear more complex than need be or overly confusing will elicit negative comments from examiners.
5. If I’m violating any regulations, I’ll just pay the fines and continue with what I’m doing.
Responsible: You may pay penalties once or twice but continued blatant disregard for regulations can result in additional sanctions (letters of understanding, cease and desist orders) or even more punitive measures (removal and prohibition orders, criminal charges – for gross negligence).