In a prior post I discussed the need for process owners to design compliance into processes. When compliance is treated as a secondary process result, it drives up the cost of the work. There is an expense associated whenever completed work has to be touched again. Whether that second or third touch is for verification or data re-entry, the activity itself is a waste because it should have been handled the first time.
A question to ask during the process design is “What do we need to comply with?”.
It’s easy to throw anything and everything under the compliance bus, but until you do these 3 things you’ll just keep on adding staff.
- Inventory the rules and requirements
- Map the requirements to content
- Reengineer how the content is created and managed
Inventory the rules and requirements
How many rules are there? While it seems like the number grows every day, the fact is that regulations change more than they are added to. The recent TRID and upcoming HMDA changes are good examples of regulations that have existed for a long time and changed to one degree or another. These are two high-profile compliance regulations, but how many others are out there? Agile Banking has researched ALL of the major sources of compliance and record keeping requirements:
- CFR (Code of Federal Regulations) Title 12 Banks and Banking
- CFR Title 31 Treasury Department Monetary and Finance
- USC (United States Code) Title 12 Banks and Banking
- USC Title 31 Money and Finance
- USC Title 15 Commerce and Trade: Privacy
- And every State's Statutes, Administrative Codes, and record retention schedules
The results were interesting, if not surprising.
|SOURCE||# CITATIONS||# REQUIREMENTS||SOURCE||# CITATIONS||# REQUIREMENTS|
|CFR Title 12||89||228||Mississippi||3||4|
|CFR Title 31||6||16||Missouri||1||62|
|USC Title 12||13||19||Montana||2||165|
|USC Title 15||1||3||Nebraska||2||20|
|USC Title 31||3||3||Nevada||4||45|
Map the requirements to content
In most cases, like this Reg B example from our Record Schedule for Banking (RS4B), the content requirements that serve as proof of compliance are clearly spelled out. Compliance with Reg B for consumer loan applications is achieved when the (1) application, (2) notice of action taken, (3) statement of specific reasons for adverse action, and (4) written statements from the applicant are all retained for 25 months. I’ve seen shops make separate copies of these documents and send them to compliance. That’s touching the work twice.
In a best practices world, these four pieces of content have distinct homes in the document imaging archive and are linked by the loan number and other automatically populated metadata. The excuse of “we don’t generate a loan number unless we book the loan” causes more headaches than you can imagine. And for what gain? Loan numbers are free. Burn them early. And reengineer that process to get rid of the spreadsheets while you are it. Which brings us to the third and most important task to reduce the cost of compliance.
Reengineer how the content is created and managed
In the case of Reg B and every record keeping requirement, documents should be captured as soon as they are created or received. Anything less means touching the work twice. For our Reg B example, the archive will know if the loan was not funded and will retain these for a minimum of 25 months THEN DISPOSE OF THEM AUTOMATICALLY. If the Compliance department has copies, they have to manually destroy these (or instruct someone to). That’s touching the work a third time. If the loan was funded, you may want to keep the application until after the loan is paid off. Some states require it. The Feds do not. In all cases, the system of record should update the metadata in the document archive when a funded loan pays off, or a deposit account closes, or an employee is terminated. This should automatically start the retention period for all documents related to the business record. At the end of the retention period the document images will be disposed of automatically. We often find shops that are paying thousands of dollars per month for offsite storage for records they know should be destroyed. Trust me. The Iron Mountains of the world want you to keep sending them boxes to keep forever.
The bottom line is that the cost of Compliance is much more in your control than you think. You just have to think of it from a process and records management perspective. And most bankers would rather have a root canal and just keep writing the check.
Agile Banking’s Record Schedule for Banking is a low-cost subscription that includes:
- A Complete Inventory of Federal and State codes and statutes related to record keeping requirements for banks and credit unions
- A Retention Schedule mapped to the documented legal references
- A Document Taxonomy mapped to COLD reports and imaging archive document types that satisfy the requirements
- Annual process improvement consulting and schedule updates
The benefits of RS4B are:
- A Compliance Program that complies with less effort
- A Window into process improvement opportunities
Ping us when you’ve reached the tipping point.
Unless you think you can wing managing 325 citations and over 2,500 requirements with a spreadsheet and filing cabinets.
About Agile Banking
Agile Banking provides consulting, solutions, and skilled digital laborers that address the full lifecycle of information management.
Bank-In-A-Box is our preconfigured for OnBase imaging and workflow system that is easy to use and integrates with any core system.
Loan Vault Decimation is our turnkey solution to quickly and accurately scan and index entire paper filing systems.
Record Schedule for Banking is our nationally compliant record retention schedule that manages electronic records in any ECM to final disposition.
ExactImport automatically transfers documents between OnBase and ExactBid's RIMS appraisal management system.
We are passionate about process and data, and experienced as bankers.
We are where information management works!