AN OUNCE OF REGULATORY PREVENTION

As the saying goes, "an ounce of prevention is worth a pound of cure." As such and with nearly half of the year gone, we have compiled a list of regulatory focus items from banks around the country. Despite the fact that decisions and rulings are extremely slow to wind their way through the process and only make their way to banks in the field after much public scrutiny, input and discussion, reminders can be helpful. While banks are in the business of taking risk, regulators ensure safety and soundness. This natural check-and-balance can often lead these worlds to collide. At the end of the day, a banker that is versed in regulation may be boring at cocktail parties, but is also usually well prepared for an examination. To keep our readers out of the regulatory emergency room, we provide a few key tips (not a complete list) one should consider: [1] Bankers should tighten up their internal control and risk management practices. Construction and CRE concentrations are key focus points this year, so banks need to be prepared. Rising floating rates have begun to impact borrowers, yet relatively few independent banks are aware of how this has impacted their loan portfolio in aggregate. Banks need to be performing formal interest and credit sensitivity, stress tests and other review to determine the extent that measures such as DCR, LTV and debt-to-income ratios have on the lending portfolio. [2] Fraud is always a focus in banking, so institutions should ensure they have adequate safeguards in place (and have tested them) to prevent unauthorized access to documents, records and assets. [3] Since the board of directors sets risk limits, banks have come under scrutiny for not regulatory testing, operating or reporting non-compliance items. Banks should ensure compliance with policies is regularly tested and measured and any non-compliance is promptly reported. [4] Having a good handle on IRR remains important. A flat yield curve and heavy competition are putting additional stress on banks. Banks are feeling both NIM compression and funding pressure. Institutions should ensure their ALM system is robust enough (and validated) to properly model individual assets and liabilities to capture risk. Banks should back-test and examine critical assumptions. In addition, banks should perform dynamic scenario analyses beyond the standard +/-300bp parallel rate shock. [5] Banks should continue to focus on and test BSA/AML compliance programs. This is still tripping up many banks, and proper risk management in this area is critical. Institutions should devote appropriate resources, structure and internal controls to mitigate such risks. [6] ID theft and protecting customer data are also high on the list of things bankers should focus on. Banks need to ensure they have a response program designed to address incidents of unauthorized access to customer information. [7] Finally, management needs to ensure overall risk infrastructure is adequate for the size and complexity of their institution. The needs and risk of a $100mm bank are drastically different than those of a $1B bank. While not a complete list, these preventative tips should help keep banks out of the regulatory operating room and away from the scalpel during upcoming exams.