Proactive Risk Management Essential for Success
Compliance Monitoring and Testing Challenges
The changing regulatory landscape continues to be a challenge for compliance. Although many of the large changes to regulations have been implemented within the banking industry, banking enforcement actions within industry and other regulator guidance continue to shape and increase expectations for bank compliance. Continuous review of products and services for compliance with regulations as well as for expectations set forth in enforcement actions and regulator guidance is necessary for an effective compliance management program. As a best practice, a bank should incorporate reviews of banking enforcement actions and regulator guidance as a part of their compliance monitoring and testing plan.
"A clear understanding of the role of the first line of defense, the business, and the second line of defense, Compliance, is critical to establishing an effective compliance risk management program"
Understanding Responsibilities for Better Communication
Clear roles and responsibilities as well as robust communication with business lines are essential. The importance of front line risk management within the business, the “first line of defense,” is integral to effective compliance risk management. A clear understanding of the role of the first line of defense, the business, and the second line of defense, Compliance, is critical to establishing an effective compliance risk management program. We often say that compliance is a “village approach,” meaning that each line of defense must play its role to ensure that compliance risks are adequately managed. Once roles and responsibilities are understood, ongoing robust communication between the first and second lines of defense is essential.
Bridging the gap between Compliance and Technology
In order to bridge the gap between Compliance and Technology, it is important that processes are in place for the inclusion of compliance guidance in technology solutions. In a mature compliance risk management model, processes are established for the provision of compliance guidance for significant technology implementations and other projects affecting core business platforms. Ideally, Compliance engagement at a pre-implementation stage would occur to enable compliant technology solutions for the organization at the time of launch.
Advice to fellow CCOs
In order to have a successful compliance management program, the program must be proactive. Often times, banks are struggling to put out fires and are not at a place for proactive compliance risk management. Turning the corner to proactive compliance risk management is essential for success. In my experience, spending the time to develop and implement a robust compliance risk management program assists with proactive compliance management.
Check out: Top Risk Management Solution Companies
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sergey Cherkasov, CIO, PhosAgro
By Pascal Becotte, MD-Global Supply Chain Practice for the...
By Stephen Caulfield, Executive Director, Global Field...
By Shamim Mohammad, SVP & CIO, CarMax
By Ronald Seymore, Managing Director, Enterprise Performance...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
By Jim Whitehurst, CEO, Red Hat
By Clark Golestani, EVP and CIO, Merck
By Scott Craig, Vice President of Product Marketing, Lexmark...
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
By Amit Bahree, Executive, Global Technology and Innovation,...
By Greg Tacchetti, CIO, State Auto Insurance