Although it’s now been a few months since we first heard about all the troubles at Wells Fargo, the fallout is still continuing. This should be a reminder to all institutions that reputation risk is a serious business. Failure to manage this risk can have heavy, long-lasting consequences. So Wells Fargo’s mistakes can teach us some valuable lessons.
In case you’ve forgotten the details, Wells Fargo employees were found to have opened fake accounts without consumers’ permission and the CFPB levied a $100 million fine—its largest in history—against the bank. While $100 million may sound like a lot, that is chump change compared to the hit in reputation that Wells Fargo is facing. This all started years ago, when Wells Fargo began its push to make itself the marketplace leader in cross-selling products and services to existing customers. To meet this goal, the bank offered employees compensation incentive programs to encourage them to sign up existing customers for deposit accounts, credit and debit cards, and online banking services. Where the trouble started was in the monitoring of the incentive programs.
Because of high pressures to meet sales goals, employees began opening fake accounts and funding them by transferring funds from consumers’ authorized accounts without their knowledge or consent, often racking up fees or other charges. All in all, employees opened more than two million fake accounts. What took so long for this to come to light?
The challenge with unauthorized accounts is that the account goes on the books with proper documentation and with nothing to indicate that it was not actually requested or authorized by the user. Audit and monitoring programs didn’t catch them because on paper, everything was okay. So what do you look for? While there is no perfect and easy method for detecting these accounts, there are some things that can help and some lessons to be learned from Wells Fargo’s mistakes. Here are four.
Lesson 1: Keep an eye on customer complaints
Unauthorized accounts are most likely to be revealed when customers complain about a card they did not request or question the statement of an account they didn’t open.
At Wells Fargo, when unauthorized account activity resulted in overdrafts, customers did complain. And when those complaints weren’t adequately addressed, the customers’ complaints climbed the ladder to the regulators. Make it a point of tracking what your customers are saying while there is time to investigate and address potential issues.
When looking at complaints, it is a mistake to define a “complaint” only as one that is formally written. Phone calls to customer service centers often don’t get noticed by anyone in the compliance department, but tracking those calls and monitoring what customers are saying can be a good way of detecting issues before they escalate beyond the institution.
Lesson 2: Make sure your compensation policy is sound
Many of the findings surrounding the Wells Fargo incident note that employees felt heavy pressure to meet stringent sales quotas that suggests a deficiency in its compensation program.
A sound compensation program begins with a written compensation policy, approved by the board of directors of the institution, that clearly outlines the do’s and don’t’s. When training employees, UDAAP principles should be reinforced with regards to the incentive program. On top of that, the compensation policy should call for periodic monitoring with an appropriate level of approvals, verifications, documentation, and testing. A sound compliance policy can shore up vulnerabilities in your compensation program.
Lesson 3: Take a look at your company culture
The blame for Wells Fargo’s woes was placed by the bank on the more than 5,000 employees who were fired for engaging in fraudulent activity. However, many industry observers believe that fraudulent activity on this scale points to problem within the company’s character and culture as a whole.
Not only is it a good idea to assess your institution’s reputational risk, it is also prudent to take a good look at the values of your institution and assess whether or not all of your employees, from the ground floor to the top, are aligned with those values.
Lesson 4: When bad things happen, take proactive measures to protect your institution’s reputation
Even with the best preventative measures in place, disaster can still strike. Wells Fargo is facing some pretty harsh criticism for how it has handled the situation. Trying to pin the blame on low-level employees, rather than holding senior leadership accountable, earned the company zero points before Congress or the public.
Not only that, the bank’s apology was late and half-hearted. Over a week passed before bank directors made an official apology, and there was no apology in the bank’s direct communications with its customers for weeks (see this recently released commercial campaign). When mistakes are made, the best method is sincere apology, a pledge to root out the cause and fix the problem, and a description of efforts that are being put in place to make sure it doesn’t happen again. (See the
What happened at Wells Fargo should serve as a reminder to take a long, hard look at how your institution can prepare for and mitigate risks. It’s likely that regulators will also be on the lookout for other institutions opening phony accounts and engaging in similar activities (see this, which shows Wells Fargo is actually number seven on the list of complaints about unsolicited credit cards being open without consumer consent). So what happened at Wells Fargo should be a warning shot to all financial institutions to take a look at their compensation programs and see if adjustments are needed.