Asking which is the most common compliance question is like asking which is the most popular ice cream flavor—kind of expected (it’s vanilla according to the International Dairy Foods Association). But rather than deal with the obvious, vanilla question of “How do I ensure a satisfactory rating on my next compliance examination?”, we’ve categorized questions we have received into four standard types of compliance questions that are a little more of an acquired taste.
- The Regulation 2.0 Questions
- The Numbers Questions
- The “Catch-22” Questions
- The Deep, Dark Questions
The Regulation 2.0 Questions
As with life, the only thing constant about regulatory compliance is change. This change, naturally, leads to hundreds of “Regulation 2.0” questions, or the questions about new rules and amendments to the old ones.
For example, after the introduction of the CFPB, we had an entirely new area of mortgage rules introduced—mortgage servicing rules. This post-CFPB brave new world of mortgage rules flooded our inboxes with questions.
A typical question might be, “Which of our loans are subject to the new amendments to the Truth in Lending Act and RESPA, and which are still not?”
Regulation 2.0 questions don’t always deal with the brand-new; they often deal with tweaks and changes. But no matter whether a modification or an implementation, they make you feel like everything you used to know no longer applies (but the truth is, a lot of it still does).
The Numbers Questions
We in the finance industry live in a world of dates, numbers, figures, and amounts—and complying with all of these numerical symbols can become rather daunting. Disclosures within X days, notices within Y days, limits of Z… It’s exceedingly hard to keep track of all the figures, which is why many of the questions posed to us deal with some number in the form of how long, how much, how little, how many, etc., and many of these are questions regarding dates and deadlines.
A big numbers question from a couple of years ago was, “How long do I have to implement changes for the new mortgage servicing rules?”
The key to making date deadlines is systems. A strong system for processing, a strong system for training, and a strong system for quality control are a must, especially if your circumstances place you in the cross hairs of increased risk (where even more of those pesky numbers are found).
The “Catch-22” Questions
These questions deal with the frequently contradictory elements of compliance. They often point out a flaw, weakness, or inconsistency in the regulation or in examiners.
A catch-22 question might look like:
I went to a conference offered by ___ regulator and they said ___ and that contradicts what ___ says. Which is right?” or “I see that the law says we have to do ___, but another regulation prohibits ___, which one is right?
These questions are interesting because they delve into the hierarchy of compliance, which means that answering them requires appreciation of the more subtle elements of compliance. This is where progressiveness and experience are always valuable. The progressive part demands that the experienced individual accepts a constancy of change, because nothing in compliance stays the same for long. The ever-swinging pendulum between risk and compliance must be accepted, and so must the fact that regulations and regulators contradict each other and themselves all the time.
The Deep, Dark Questions
These are the questions that go down deep into the nooks and crannies of regulatory compliance. We usually find that people are very eager to ask these questions after attending one of our webinars, because they wonder how the subject applies to their severely specific situation. They ask about the technicalities of technicalities, which often requires splitting hairs to arrive at the most correct answer.
This could sound something like the following (this question requires a lot more info to answer, but you get the idea):
I have a question as it relates to a loan we have on a mini-storage facility. The facility has 10 separate stand-alone buildings with each building housing between 10 and 15 units. We were recently notified by the flood determination company that this property is now considered to be in a flood zone AE. In calculating for flood insurance coverage, do we need to show replacement cost coverage for each stand-alone building when determining how much coverage will be required? Or will it be sufficient to have coverage for the amount of our loan or the full replacement cost of all structures?
It takes a compliance guru to answer these types of questions—you know, the people out there who seem to eat, drink, and sleep compliance (like us).
What You Should Be Asking
While proper resolution of any of these types of questions is important, it is more helpful to focus on putting your compliance program “house” in order. That is where a strong regulatory risk assessment that asks the really important questions is valuable. Here are some of the important questions that I recommend:
- Do we have a solid understanding of our financial institution and the compliance risks facing us, and is that understanding documented in appropriate risk assessments?
- Is our compliance program geared towards those risk factors?
- Do we have sufficient strength within our departments to meet our compliance obligations?
- Are our reporting mechanisms working effectively and efficiently?
- Is our training program commensurate to our risk position?
These questions assess the healthiness of your compliance program. When a compliance officer asks those questions, and is able to answer those questions affirmatively, the Regulation 2.0, Catch-22, Numbers, and Deep, Dark questions of compliance will fall into place. But if they don’t, ask us.