June 27, 2022
If you’re responsible for regulatory compliance at your credit union, you probably often feel like Dorothy at the beginning of the Wizard Oz. Caught up in a whirlwind, unsure of what is going to happen next, and just trying to hang on to your little dog. Here is my little dog, Marigold, for reference.
There is a lot swirling around us right now. The CFPB is taking a more aggressive stance towards regulatory compliance. Overdraft programs and fees are coming under more scrutiny. The law is still unsettled around websites and ADA accommodations and requirements. The economy is reeling and lurching like the twister mentioned above.
How do we keep our heads (and our little dogs) about us?
An integrated and robust relationship between your risk management practitioners and your compliance team is a great place to start. No compliance decision is made in a vacuum. External and internal risks affect how the Board and Senior Management will react to regulatory changes, the priority of response to those changes, the resources available for response, and the level of compliance achieved.
Let’s take one upcoming regulatory change as an example of how this cooperation between risk management, regulatory compliance, and relevant operations departments may help reduce stress and encourage proactive navigation of important and unavoidable regulatory change.
The October 1, 2022 mandatory compliance date for the revised definition of a General Qualified Mortgage is fast approaching. Prior to that date, lenders are allowed to use the original definition of General Qualified Mortgage (DTI of no greater than 43%) to take advantage of the Ability to Repay safe harbor. After October 1, the safe harbor will only be available to lenders that instead use the new pricing method for determining ability to repay.
This change will affect your mortgage, IT, finance, risk, and compliance teams. Policies may need to be revised, systems updated and tested, and these changes communicated. Underwriting guidelines and procedures, if not included in the policies, will need to be revised and the staff that use them will need to be trained. The Board and appropriate committees (such as the ALM, Loan, and Credit Committees) need to be informed of the change, the reasons for it, and how it could affect the Credit Union’s mortgage operations and the health of the mortgage portfolio. Even though the changes may be positive, they still take work and will affect the Credit Union’s operations and risk profile. This is where cooperation comes in. It is important that Compliance remains engaged throughout the entire change process. DO NOT simply communicate the deadline for the change.
Regular and open communication between the Compliance Department and all other relevant stakeholders is vital to ensuring that there is time to learn about, evaluate, discuss, and decide how any change will affect the Credit Union. Start early and check in often. If your Credit Union has a Compliance Committee, use it as a de facto project management team. If not, convene the department leaders or their delegates as soon as possible. The different perspectives from each team leader will serve to create a proactive, strategic, and unified approach to a mandated change. Taking the initiative gives your team the power. While it is true that a final rule is not negotiable, how your credit union responds to it is.
Vital to this synergistic effort is a clear, well-communicated, and internalized enterprise wide understanding of risk appetites and tolerances. Those, along with the Credit Union’s all-important mission, are the scaffolding upon which all regulatory compliance responses should be built.
The regulatory and economic whirlwind shows no signs of abating. Change happens frequently and sometimes quickly. With the proper scaffolding in place, your Credit Union’s response to change becomes a differentiator. Team up, take charge, fulfill your purpose.
