Watch the recent Congressional hearings, or continue reading.
The recent Congressional hearings should be required viewing for all bankers. Without addressing those specific facts, we believe that the hearings highlighted numerous risk management issues that we would expect bank regulators to evaluate more closely, and plaintiffs’ attorneys to attempt to exploit. For those who have neither the time nor the inclination to watch those unusually bipartisan hearings, below are some important takeaways.
Fair & Responsible Banking
Banks must review their practices to determine whether they could be considered unfair, deceptive or abusive. Asking "Would I treat a close relative this way?" or "Could I justify this behavior to a Congressional committee?" would be a good place to start when bankers evaluate the various ways in which they interact with their customers, whether through disclosures, sales calls, product terms and conditions, or otherwise. Banks also should ensure that their disclosures tightly match their operations and that they effectively monitor third parties interacting with customers on their behalf. The Unfair or Deceptive Acts or Practices by State-Chartered Banks guidance from the Federal Reserve and the FDIC has a useful checklist to help all banks avoid potential UDAAP issues.
If not carefully structured, compensation programs can incentivize risky and inappropriate behavior. Recent guidance from the regulators makes clear their concern with the relationship between compensation and risk management. Although mainly targeted at larger banks, that guidance prohibits incentive-based compensation practices that encourage inappropriate risks. Stay tuned for our upcoming client alert describing these issues in further detail.
Customer complaints can be the proverbial canary in a coal mine. Having a strong and centralized complaint management system is crucial to a bank's operations, particularly when unveiling new products and services. Effective complaint trend reporting to risk managers, senior executives and directors, coupled with appropriate follow-up, can help banks contain and resolve problems before they metastasize. The Consumer Complaint Management Best Practices Handbook from the Conference of State Bank Supervisors contains helpful advice in this area.
If you see something, say something. Banks should maintain and publicize a 24/7 mechanism through which customers, employees and third parties can confidentially report fraud at their banks without the risk of retaliation. Any reported fraud should be properly evaluated, disclosed and addressed. The FDIC's Guidance on Implementing a Fraud Hotline provides useful recommendations on maintaining such a mechanism.
Lines of Defense
With respect to risk management, banks need multiple lines of defense. The OCC's "heightened expectations" guidance, which targets larger national banks but can be useful for all banks, describes three lines of defense - front line units, risk management and internal audit - that are necessary to establish an appropriate system to control risk taking. These elements should be tailored to a bank's size, complexity and risk profile.
Internal Investigations must be carefully orchestrated to be effective. There are a myriad of issues that banks must consider when conducting internal investigations, such as the scope of the investigation, maintaining the attorney-client privilege, addressing employee disciplinary and other corrective actions, how to approach the regulators and many more.
We Can Help You
We have worked with many clients addressing the concepts described above, which we believe will receive increased scrutiny in the near future. Banks that are proactive regarding these issues usually find that the investment is worth the effort. Please contact any of the key contacts listed below or another member of the Firm, if you have any questions or would like additional information.
- FDIC-Issued Unfair or Deceptive Acts or Practices by State-Chartered Banks Guidance (FIL-26-2004)
- The Consumer Complaint Management Best Practices Handbook
- FDIC-Issued Guidance on Implementing a Fraud Hotline (FIL-80-2005)
- OCC Heightened Standards for Large Financial Institutions (NR 2014-117)