Compliance vs. Safety and Soundness

When people hear I once worked as a bank examiner, I think there is an immediate association they draw in their mind. They think of a guy, combing through documents, making sure the “i’s” are dotted and the “t’s” are crossed. Surprisingly, that is only half of the job. What is the other half? The other half is making sure the institution is managing risk appropriately, and that job isn’t black and white like following regulations.

Making sure an institution (credit union, bank, or any business really) follows the laws is a concept called “compliance.” Compliance involves making sure state laws and federal laws are being followed, and contracts are executed correctly. When people think of bank examiners, I think they envision examiners doing compliance work only.

Following laws and entering into contracts may not be enough to ensure an institution stays out of trouble. A bank or credit union can make a lot of bad loans, which may follow all laws and regulations, but were still given to borrowers that had no reasonable prospect of repaying. A financial institution can fail to manage its liquidity appropriately to pay deposits on demand. An institution may charge too low of interest rates on loans and too high of rates on deposits, thus failing to make enough profit to pay salaries or operating expenses. These sets of risks are safety and soundness risks, and can arise regardless of following the laws. Examiners need to assess these risks as well, so their jobs are not strictly compliance.

Safety and soundness regulation tends to be a subjective task, so it requires sound reasoning. Examiners will interview management to understand how they manage various risks. An examiner will seek to understand what management is doing to maintain access to liquidity sources, how they are monitoring interest rate changes, and how they plan to react to foreseeable problems that are known to arise. Examiners will also review underwriting criteria for loans, review loans to see if the criteria are being used, and assess whether those loans have a reasonable chance of repaying.

Examiners will discuss their findings with management, and this should differ with compliance as well as safety and soundness. With compliance, it is relatively straightforward as to whether regulations are met. Safety and soundness, on the other hand, tends to be a matter of opinion, since there are not hard and fast rules as to how risk should be managed. In this respect, examiner findings should be approached as a discussion on how management perceives its risk and how examiners perceive their risk.

It may come as a surprise that examiners are not solely preoccupied with reconciling account balances and verifying laws are being followed, but also, assessing risk management practices on an institutional level and critiquing specific loan requests. But, it may also come as a surprise that management does not have to wait passively for the examiners to present a scorecard based on findings. Managers also have an opportunity to help examiners understand how the mangers see the risk and what they are doing to mitigate it. In this respect, management and examiners together can teach each other about risk management.

Often, it is through discussion that examiners come to understand how risk is being managed. It is management’s responsibility to openly discuss their understanding of risk and loans and not simply take criticism as though safety and soundness were approached the same way as compliance. And management must understand that there are two components to examination; compliance and safety and soundness.