The Community Bank is under siege!

Your partners at Superior Consulting realize that the community bank is under siege from an unprecedented volume of new regulation, ever increasing competition, thin profit margins, and an unusually hostile regulatory environment. Our singular mission is to provide you with Guidance You Can Trust during these troubled times in order to ensure your institution does not become yet another statistical casualty of this environment.

Enterprise Risk Management

During our recent history of the realization of a substantial number of regulatory impacts as a result of our economic downturn and the associated crises experienced within recent years, one of the most immediate impacts likely to affect community banks is a renewed regulatory emphasis on the concept of “enterprise risk management”. Core components of this concept, strategic planning and budgeting, have been present within the risk management systems of many banks for a number of years; however, regulatory agencies are now expressing an increased emphasis on this concept as the primary method by which institutions may monitor and control risk effectively.

 Risk Assessment

 One of the criteria most frequently referenced in the context of the development of an enterprise risk management system is the creation of an integrated, “forward-looking” risk assessment of all critical functions of the bank. In past years, most institutions have developed an array of risk assessment processes in response to various regulatory mandates, such as the information technology risk assessment required by the Gramm-Leach-Bliley Act, the Bank Secrecy Act risk assessment, and the identity theft risk assessment now required by the Fair Credit Reporting Act. Other banks, particularly those facing increased regulatory scrutiny, have also developed risk assessments to determine the adequacy of current capital levels with respect to their operating environment, taking into consideration factors such as asset quality, earnings strength, operational and fiduciary risks, and management effectiveness. Many institutions have also developed risk assessments to determine the level of audit coverage required over all key operational functions within the bank.

 In contrast to these independent, stand-alone risk assessments, regulators are now encouraging banks to develop a comprehensive risk management system that considers all risks to the bank, which may arise from safety and soundness concerns such as risks to capital, asset quality, management, earnings, liquidity, and rate sensitivity, as well as compliance, legal, or operational risks. This integrated risk management approach is being strongly encouraged due to the perception among the regulatory agencies that many failed or problem institutions failed to appropriately recognize and control all risks present within their operating environment. In application, this integrated planning approach will result in each business activity being controlled through a risk management program, which is united under a single umbrella of various modular risk assessment processes.

 Response to Change

 In order to assume a proactive stance in the management of the bank’s regulatory relationships, as well as to ensure that all risks facing the enterprise have been acknowledged, accepted, and mitigated where possible, the Board of Directors and senior bank management should establish a process to periodically re-evaluate their strategic plans and ensure that current risk assessment processes are sufficient to identify outstanding risks and potential vulnerabilities. In the opinion of the author, the days in which a community bank could present an abbreviated, overly generalized “strategic plan” to their examiners are quickly reaching a close. Examiners throughout the agencies are beginning to require institutions to develop strategic plans which clearly define specific operational targets over both a short and long-term time horizon. These objectives should be measurable in nature and the strategic plan should assign responsibility for the achievement of these objectives to specific personnel or positions. These objectives should also clearly acknowledge weaknesses in the bank’s current condition and provide guidance for the actions necessary to effectively mitigate these weaknesses. As an example, due to historically low interest rate environments, many institutions are experiencing declining net interest margins, creating greater difficulty in supporting infrastructure costs and diminishing an earnings forecast already weakened by loan losses.

 In addition to measurable objectives for considerations such as portfolio growth, earnings targets, capital levels, and liquidity, the strategic plan should also provide consideration of other key concerns such as the establishment and maintenance of a comprehensive Compliance Management System (CMS) through which the regulatory and legal requirements applicable to the bank may be satisfied. As noted in a previous Compliance Corner article, the impact of regulatory reform, including the Dodd-Frank Wall Street Reform and Consumer Protection Act, is almost certainly going to result in a substantial increase in the consumer compliance burdens faced by community banks. Due to these recent regulatory reforms, as well as the scrutiny levied against the banking industry by Congress and various consumer groups, it is certainly not unreasonable to expect a notable increase in levels of scrutiny during future consumer compliance examinations. As institutions prepare to meet these additional compliance requirements, the Board and management should ensure these compliance risks are fully considered within the framework of their institution’s enterprise risk management system and that adequate resources have been allocated to the bank’s compliance function to effectively mitigate the risk of substantial consumer compliance violations.

 As a complement to the development of a comprehensive, detailed strategic plan, senior management should also ensure that the bank’s budgeting projections provide adequate consideration of the goals and objectives outlined within the formal strategic plan. As an example, management should ensure that growth, liquidity, and capital projections outlined in the strategic plan are reasonable and accurately reflected within the bank’s budget projections. Management should also ensure that a defined process exists whereby actual performance may be contrasted against budgeted projections on a periodic basis. Reports regarding the accuracy of these budget projections should also be forwarded to the Board in order to allow for active monitoring of the bank’s progress toward realizing the established strategic objectives.

 Although much of the banking industry is focused upon the impending changes resulting from the Dodd-Frank Act, as well as other recent regulatory amendments, evolving perspectives and standards promulgated by the regulatory agencies in relation to enterprise risk management are likely to have a considerably greater impact upon your institution within the course of the following year. Institutions that do not have a well-developed strategic planning and budgeting process or an effective enterprise risk management program should be mindful of these emerging requirements as these concerns will likely become a key factor in the course of upcoming examinations.

 By: Bryan Reaves

– This article was published in the Missouri Independent Bankers Association October 2010 Newsletter.

November 3, 2018

Latest News

Passing of a Company Founder: Mary L. Boyd

It is with great sadness that we have to report the passing of one of our firm's original founders, Mary L. Boyd, who passed away unexpectedly on the afternoon of April 22, 2019 in Springfield, Missouri. Mary joined Superior Consulting as a founding member in July 2003 after a 13 year career with the Federal Deposit Insurance Corporation. In 2008, Superior Consulting separated from its founding organization, a regional community bank, in a private equity transaction and Mary assumed the…

April 23, 2019Read More

Enterprise Risk Management

During our recent history of the realization of a substantial number of regulatory impacts as a result of our economic downturn and the associated crises experienced within recent years, one of the most immediate impacts likely to affect community banks is a renewed regulatory emphasis on the concept of “enterprise risk management”. Core components of this concept, strategic planning and budgeting, have been present within the risk management systems of many banks for a number of years; however, regulatory agencies…

November 3, 2018Read More

Managing Compliance Risk

July 21, 2011 will be recognized as a seminal date in the history of the American banking system since this date triggers the implementation of a wide array of significant components of the Dodd–Frank Wall Street Reform and Consumer Protection Act, including the formal creation of the Consumer Financial Protection Bureau and the transfer of numerous consumer protection regulations away from the authority of the Federal Reserve and into this new entity. These changes herald the beginning of a new…

January 1, 2018Read More