Posted by
Pam Perdue on Tue, May 21, 2013 @ 01:34 PM
Myth: After January 1, 2014, my institution should only offer "qualified mortgages". We’ve heard that regulators will criticize us for having non-qualified mortgages and that we might even get sued by consumers for offering them.
Fact: Nothing in the new regulations prevents a financial institution from offering mortgages that do not meet the definition of a “qualified mortgage". The new rules, do, however, establish additional underwriting considerations and documentation requirements for mortgage loans. The Ability-to-Repay rules do NOT say institutions (large or small) can’t or shouldn’t offer non-qualifying loans for home mortgages. Rather, what the rules specify is that lenders must retain proper evidence to demonstrate that ability-to-repay has been thoroughly analyzed and subjected to the more stringent underwriting conditions prescribed in the rule. (Most community financial institutions have always followed these more traditional underwriting practices.)
Loans that meet the “qualified mortgage” definition receive a safe harbor under the Ability-to-Repay rules. What those rules say is that if the loan is a “qualified mortgage”, then there is a rebuttable presumption that the borrower(s) had the ability to repay. This safe harbor protects the institution in limited ways from regulatory criticism and potential consumer lawsuits.
This is fortunate for many institutions that rely on thoroughly vetted, non-qualified mortgages as a solid source of revenue. Your institution need not shy away from such loans as long as you have strong controls around them, and carefully underwrite and document them in accordance with the regulations.
Reduce your compliance burden today.
We know that for most community banks and credit unions the burden of compliance is feeling like a never-ending barrier to success. With escalating costs and concerns that your institution may miss something, it's time to change the way you manage your compliance program.
Download this free whitepaper "5 Keys to Conquering Regulatory Compliance" to learn how you can manage compliance in a way that is radically easier and much less expensive.
The Regulatory Workload Report is published each quarter by Continuity Control to help financial institutions accurately plan for the work estimated to comply with each regulatory item. The workload is measured in terms of work shovels on a scale of 1 to 10 shovels.
Download the Q1 2013 Regulatory Workload report.
To receive periodic regulatory updates as well as invitations to Continuity Control's RegAdvisor Quarterly Regulatory webinars (including coverage of that quarter's BCI), please subscribe to the RegAdvisor email list.
Two years ago, Continuity Control polled a group of nearly 200 bankers to ask how much they were spending on compliance costs. An overwhelming majority, 86%, had no idea. The FDIC’s 2012 Community Banking Study confirmed that the industry at large cannot quantify these costs. The starting point for progress became clear. Without digestible insight into the full impact of the regulatory climate, institutions lack the necessary data to reform their risk, compliance and governance processes and right-size their spending.
In response to this data gap, Continuity Control created the Banking Compliance Index (BCI). This quarterly index tracks the number of regulatory items and enforcement actions issued in a quarter, and the cost and time required to address them. The BCI registered 2.35 in the first quarter of 2013, which represents the number of full-time employees that will be required to keep a typical institution compliant with the new regulatory changes. This number does not take into account the resources required to maintain and enforce compliance with regulations already in effect.
The Banking Compliance Index also measures the Enforcement Climate, which takes into account the number and severity of enforcement actions required for compliance as well as the number of institutions impacted. Thanks to an ever-growing number of enforcement actions and the broad-reaching impact of the first quarter’s regulatory changes, the current Enforcement Climate is rated as Hot – the highest level possible within the index’s ranking system.
The Banking Compliance Index represents a powerful tool that the industry (along with regulators, legislators, the media and the public) can use to measure regulatory burden. It easily communicates the fiscal impact of the current regulatory climate – a feat the industry hasn’t been able to accomplish until now. Most importantly, it gives institutions a way to intelligently factor compliance management into the way they prioritize and allocate resources. The BCI will allow bankers to more effectively incorporate compliance management into their strategic planning each quarter.
Download the Q1 2013 Banking Compliance Index Report
To receive periodic regulatory updates as well as invitations to Continuity Control's RegAdvisor Quarterly Regulatory webinars (including coverage of that quarter's BCI), please subscribe to the RegAdvisor email list.
“The lull is over.” That’s the message regulators emphatically sent to financial institutions in the first quarter of 2013. After a brief reprieve in the fourth quarter of 2012, regulators issued over 5,000 pages of new regulations and announced 120 new enforcement actions between January 1 and March 31. While typical following a year-end and even more so after an election year, the volume and velocity were unwelcome to an industry still reeling from the impacts of the mortgage crisis and its aftermath, the Dodd-Frank Act.
The tempo wasn’t the only thing that changed in Q1; the general focus of regulatory actions shifted. While credit has been the focal point of most enforcement actions over the last 12 months, new actions are focusing increasingly on compliance management systems within the financial organization.
Based on our analysis of all regulatory activity in the first quarter of 2013, Continuity Control has drawn the following conclusions:
- The cumulative impact of regulations poses the biggest threat.
- New mortgage regulations, revisions and clarifications will drain resources and impact the bottom line.
- Examiners are growing weary of weak governance and inadequate compliance management systems.
The Banking Compliance Index quantifies the regulatory burden.
These insights reveal that institutions must completely rethink how they manage compliance or break under its cost and resource requirements. So, where do they begin? Click here to Read the Full Article
To receive periodic regulatory updates as well as invitations to Continuity Control's RegAdvisor Quarterly Regulatory webinars (including coverage of that quarter's BCI), please subscribe to the RegAdvisor email list.
As the regulatory burden on community banks and credit unions has increased, measuring that burden has become a challenge for community financial institutions and government agencies. According to the FDIC Community Banking Study conducted in late 2012, it was determined that the industry has no way to measure the cost of regulatory changes on financial institutions.
To put an end to this guesswork, on April 10th, 2013 we announced the launch of the Banking Compliance Index (BCI). The BCI, released on a quarterly basis, measures the additional hours expended by the typical community financial institution to effectively process the quarter’s regulatory changes. These additional hours are represented as the necessary number of full-time employees (FTE) dedicated to managing this workload in order to keep the institution compliant. For Q1 2013, that number is 2.35.
The BCI employs a data-driven approach for unique insights into the depth and breadth of regulatory compliance workload impact. It tracks:
- Regulatory Changes: A total count of applicable financial regulatory changes throughout the quarter.
- Page Volume: The number of pages associated with each of the regulatory changes—indicative of the complexity and workload involved with reviewing and interpreting each change.
- Regulatory Workload: An assessment of the workload each regulatory change represents on the required roles and processes that require alterations as well as the complexity of them. Regulatory Workload is measured by the ‘work shovel’ on a scale of 1-10 (1 being the lowest workload, 10 the highest).
- Enforcement Action Information (EA): Analysis of the public enforcement actions that have been issued during a quarter.
To learn more about the BCI, please read the full: Q1 2013 Banking Compliance Index report
To receive periodic regulatory updates as well as invitations to Continuity Control's RegAdvisor Quarterly Regulatory webinars (including coverage of that quarter's BCI), please subscribe to the RegAdvisor email list.
After a night of Oscar-like excitement at GAC, Washington DC, Continuity Control is thrilled to be announcing our stealth project that we've worked on for the last 12 months.
We thought that GAC was the perfect location to announce our new version for small/mid-sized credit unions - meaning the vast majority of the industry. CUNA's GAC conference unites the entire industry and is here to drive the interaction between the constituents and their elected officials. All of our friends are here from Leverage, BancVue, Compushare, BluePoint...the list goes on and on. It really is old home week, but we're all here for a reason.
The purpose of GAC is to support the credit union movement, and the 93 million Americans that rely on them, with their agenda in Washington. When we look at the biggest challenges that credit unions face, it comes down to the effort needed to keep up with regulatory requirements. And as we're in our nations capitol it's the perfect time to speak to our platform for change. While the political platform is critical, our perspective is different. Although lobbyist might try helping smaller credit unions by lowering regulatory requirements, it will only be so successful and go so far. The simple fact is that being in the business of financial services means being in the business of being regulated. But this begs the question that we've heard from hundreds of CUs, "what change in platform could lower the regulatory burden - lower the Compliance Tax - if you will?" As it turns out, through linguistic coincidence, the change in platform that's needed isn't political it's technological.
And with that lead, it is my pleasure to unveil Continuity Control's answer to the compliance problem for smaller credit unions. Like everything we do here, we weren't looking to 'help' with the problem, we wanted to solve it!
A subscription for this next generation compliance management system includes:
- A simple, but powerful, online platform for managing regulatory activities, keeping up with compliance monitoring, reporting, and ongoing regulatory changes
- A dedicated compliance strategist (seasoned credit union compliance leaders, including former examiners and league compliance experts) to support the CU for all topic areas
- Comprehensive and complete compliance management for mandatory areas like BSA, Flood and Supervisory Committee management, as well as liquidity, IRR, lending, and vendor management
- Validation for examiners and supervisory board with Internal Audits for BSA, IT and other areas
In getting to a solution that was this powerful, but truly crazy simple, it took a ton of effort from a lot of folks. So in the spirit of the Oscars, I'd like to thank some of the critical people that made this all possible. First are our early credit union clients. I thank them for all of the input and effort to refine the platform to their unique needs. The CU leaders: Michael O'Neill and Brian Johnson, that had been with the Colorado CU Association and Iowa with PolicyWorks respectively; their seasoned experience and insights were invaluable. The team of technologists and product people at Continuity that never rest, trying to make things better for each and every client. Thank you all.
For folks that would like to learn more about solving this problem, we'll be holding a webinar on Tuesday, March 19, 2013 1:00 PM Eastern. Please join us at www.continuity.net/gac13.
Some of you may have seen our economic research press release in July. This research found that a full 20% of the community banking industry was at risk - due to poor financial performance and therefore in a materially weakened condition to fight off competition. You can read the research or the follow-up coverage in the Wall Street Journal, but I want to share the more personal side of the story.
Community banks and credit unions are, by the standards of the government, small businesses. While they're made to look larger with a big facade and formality, you get inside them and you see a handful of folks operating a small business. Like them, we are a small business. Personally, I've been in smaller businesses for the last 20 years with none of them having more than 500 people (the threshold for Small to Medium Business or SMB).
Small businesses have it hard, relative to their larger competitors in many ways, while enjoying real advantages in their speed to make decisions and the size of the ship that needs to be moved when they decide to do so. While this agility is great, there are two significant obstacles to taking advantage of this agility. Money and time.
In ascending order, the second biggest challenge is the size of budgets that community financial institutions have as an SMB. A decision to invest $20,000 for a large organization is trivial, but this can be a very meaningful amount for an SMB. Where is the money going to come from? This is always hard, just not as complicated as the biggest challenge: time.
In most small to medium businesses, there are likely only 2-4 executives that will shepard any change. This stewardship is needed in any material investment to ensure success. We've all seen projects that everyone wanted in theory, but lacked the necessary stewardship. These projects flounder and never provide the benefit that the organization intended when it initially marshaled resources. This is not only in smaller businesses like ours, but the big guys as well. Investments are a vote for change and always require leadership. So, if the leadership bandwidth doesn't exist, most projects will not successfully find the other side. It's sad, but true.
I paint this context for us, to look at our current investments in banking regulatory compliance with a critical eye. In my last role, I felt the cost of compliance rising every year. According to a Deloitte study, this cost rises by about 15% annually. While it started small, this rate of increase is making the issue a bigger and bigger problem each year. Unfortunately, lacking management bandwidth, the issue came on so incrementally it was hard to quantify.
This situation makes me think about frogs in boiling water. If you throw them into boiling water they'll jump out, but if you slowly raise the temperature they'll simply cook. Folks, we're cooking in the boiling water of the cost of compliance and it's costing us 15% more each year for the privilege. It has to stop.
Above we talked about investments in change, and that's exactly what we need to get a handle on these things. That 15% increase is simply more non-interest expense, there is no hope of it being an investment. When I was in your seat watching the total time and money spent on compliance growing, it finally struck me like a rock to the head. I was writing checks with no plan. I was investing in a recipe for disaster. None of the investments stood a chance of, or were designed to, reduce the costs of compliance. But how could I have let that happen? Easy, it was incremental. Happening so slowly that it was never the priority, that is until it was my only priority.
Photo © 2010 J. Ronald Lee.
As our industry wrestled with 'the cloud' in a recent FFIEC announcement, one of the largest parts of the financial industry has announced FinQloud with the specific intent of meeting regulatory compliance needs.
FinQloud has been launched by NASDAQ in partnership with Amazon Web Services or AWS, the cloud platform from Amazon the on-line retailer. According to NASDAQ, FinQloud:
is a secure, cloud computing platform designed exclusively for and accessible by the financial services sector. FinQloud combines AWS’ cloud computing expertise with enhanced security from NASDAQ OMX to provide cost-effective and efficient management and storage of financial data mandated by regulation.
This is very interesting because NASDAQ's approach really represents a bellweather for some larger trends for the banking industry. As requirements for data retention, mining and patterning in the regulatory arena grow, the demands on data storage and analysis grow at a corresponding rate. To meet these demands economically, there have been major dynamics that have facilitated the best available alternative in the form of AWS.
A simple illustration of this is at the data level. As the need to maintain data (and versions) grows it consumes a great deal of storage. If we think the old way, we may end up looking to a storage vendor like EMC, HP or IBM. These are reliable, high quality storage vendors, but the quality comes at a steep price. The price is in the form of acquisition, maintanance and growth.
With most storage systems you have to buy storage by the Terabyte or more. This model represents the most expensive bits from a storage viewpoint. They're the Mercedes-Benz of storage. On the flip side, the cloud vendors have rethought the issue and use cheap storage, redundantly. Typically storing a given file four times across multiple data centers with an intelligent software layer to manage it. This pushes the cost down by 75%, while driving availablity up. This is a powerful way to change the cost of compliance.
The other side of the issue is on the analytics side, which is all about computational resources to look at the data that's stored. As the data grows, either the number of computers needed to get the job done grows, or the time to do it grows. All of these items are, to use a popular cloud term, elastic. This forces financial institutions to keep investing more and more into this area to satisfy regulations - increasing their non-interest expense.
NASDAQ, and others, are realizing that buying that capacity by the drink from massively scaled data centers like Amazon is a far more economic solution to these regulatory demands. This allows organizations, like a major mutual fund, to use the cloud for huge jobs like month-end calculations and purchase the server capacity they need for the hours it is needed. This example eliminated the need for a major tech refresh, while collapsing the costs. All of this makes for a very compelling business proposition.
What about the security issues, you might ask? As moves like NASDAQ and other major companies represent, Amazon has taken all of the precautions needed and exhibits a state of the art security posture. Having spent the last decade building a security-in-the-cloud company, I've been incredibly impressed with their rigor, thoroughness and execution. The confidence of NASDAQ should sound an 'all safe' bell for the industry to move to a more efficient, secure and economic future in the cloud.
Every week we hear clients have that moment. The moment where they see compliance activities in a whole new way. In listening to the conversations over and over, they seemed familiar - a deja vu moment if you will. It was eating at me as to what it reminded me of - then it hit me.
It was the child in the movie The Sixth Sense who says famously, "I see dead people." In the movie, the souls of the departed are everywhere around us, but most people can't see. They don't have the sixth sense. The little boy didn't know better, so he simply saw them. All around, doing all sorts of things. Well this is the experience that we see all the time, and it's a truly amazing thing to consider. While it's certainly something very different in the movie, in real life it's the change in perspective of the mind's eye.
What we're talking about is the ability of a person to see what's happening in front of them, think about it and make decisions. While it's easy to write this off with "I see everything in front of me", there are examples all around us showing that we don't.
We talk about this in sports all of the time and think nothing of it. What's the difference between a great NFL quarterback and one that's not? The great one can "see the field". Obviously neither quarterback is blind, and both are elite being they made it to the NFL. These same concepts come up in every sport and other high speed activities. In military aviation they've actually named the process the OODA loop. OODA is Observe, Orient, Decide and Act. The speed of this mental cycle, in the context of military aviation, determines if you'll live or die. In the NFL it's the difference between getting sacked or throwing a touchdown. All of these scenarios rely on a minds eye that sees the nuance of the situations around them slowly and clearly.
In football you hear that a rookie isn't used to the 'speed of the game'. The same game is being played MUCH faster than college, and he simply can't process all of the information in the time available. What's the difference in speed? Around 2 seconds, they had 4 seconds in college and now have 2 to begin processing their choices. If you or I were put into these situations what would we experience? It would sound like a car crash. Everything happening faster than we can process, it would be a high intensity blur, that ends in pain.
While looking at the rate, variables and changes in compliance, it struck me that for many folks in community banking there was a real 'speed of the game' issue. So much needs to be observed, oriented to, decided upon and acted on, that it starts breaking down. We see this in compliance professionals feeling overwhelmed, anxious and "behind the 8 ball." This is not an indictment on effort or ability, but often an issue of structure and method.
In the sports and aviation examples, coaches or instructors have simplified the process by breaking it down into repeatable steps. Taking something complex and breaking it into its building blocks allows for the problem to be thought of in a different way - a simpler way. It also allows for the steps to be perfected through repetition. All professions that deal with rapid and complex activities prepare in this same way - break it down to simpler steps and practice, practice, practice.
So what can compliance professionals learn from these experiences and why do they matter?
In our research at Continuity, we observed that the lack of standards was causing a lot of variability in how things were handled. How policies were written, regulations analyzed, procedures structured and training implemented. Most organizations were just getting it done, but this tactic had left them unable to "see the field".
With our efforts to automate the work of compliance, we HAD to standardize by definition. So, through our process, our clients have the entire compliance process broken into standard steps with simplified choices at each step. Some steps that they'd previously done aren't even needed anymore. The process of compliance goes from noise and vibration, to something much quieter and smoother. With a quieter and smoother process, time and energy is saved letting them see things in a different way.
This last point brings us back to where we stared - seeing things in a different way. As things get smoother and quieter, they have "the moment". The moment when they see compliance work as a series of tasks. The simpler they can make those tasks, the less energy their bank will spend on compliance - giving them back time to spend on their community. They see the time spent on compliance; the minutes, hours and days. This is the moment that reminded me of The Sixth Sense - they now see the dead minutes! And imagine the great things they'll do with them.
Can you see the minutes yet or is the speed of the game still too fast?