The Office of the Comptroller of the Currency recently released its Spring 2023 Semiannual Risk Perspective. The report had much to say when it came to compliance risk, addressing why it remains elevated across various threads. Notable issues include fraud risk, the Bank Secrecy Act/Anti-Money Laundering (BSA/AML), third-party risk, lending compliance, and more.
Fraud, BSA, and Technology
Fair lending, BSA, and fraud risks remain constant issues for financial institutions. In addition to the usual regulatory concerns, focused exam scrutiny and increased threats and attacks warrant heightened attention to these areas. Additionally, the Financial Crimes Enforcement Network (FinCEN) has issued three important alerts – the first highlighting a nationwide surge in check fraud; the second relating to red flag indicators as they relate to human smuggling; and the third shining a spotlight on sanctioned Russian oligarchs. Strong processes and controls in these areas, focused on customized institution risks arising from products and services, are crucial to demonstrate compliance and vigilance.
Technology on its own, and its utilization through fintech relationships, also received plenty of attention in the OCC review as both areas result in heightened risk. Increased reliance on systems and third-party and fourth-party relationships exposes institutions to further scrutiny as well as cybersecurity exposure. This circumstance is of paramount importance as cyberattacks continue to grow in complexity.
Lending Compliance, Recruitment, and Interest Rates
Lending compliance complexities include the current sunset of COVID lending compliance requirement forbearances and future reporting issues related to Part 1071. Regulators will evaluate these factors through both actual technical performance and corporate governance structure within change management and potentially vendor management programs.
Recruitment difficulties and challenges relating to hybrid workforces continue to impact performance. These types of internal issues are affecting organizations’ abilities to execute compliance programs and could remain a sore spot for some time.
The interest rate market circumstances, on both deposit and lending products, has led to an increase of new product development or existing product modifications, both of which present their own compliance issues. These areas include actual terms and conditions as well as services and delivery channels. Strong analysis and documentation of the compliance aspects of these business decisions will demonstrate the proactiveness of the compliance program.
Such areas reflect the interaction of compliance risk through change management, new product development, operational risk, and third-party risk. It is important that organizations consider the documentation of the identification of issues, the analysis of possible impact to the institution, the development and implementation of customized processes and controls, and the evaluation of the existence and effectiveness of the institution’s performance.
If you have any questions or concerns about mitigating risk, regulatory compliance, cybersecurity, or more, reach out to our team today.
