Since 2019, regulatory fees have increased dramatically relative to banks’ earnings and credit losses. Performance of 20 large US and EU universal banks,1 2019–23, indexed to 2019 value (ie, value in 2019 = 100) |
|||||||||||||||||||||||||||||||||
Total operating income | Credit impairment | ||||||||||||||||||||||||||||||||
|
• Operating income has decreased by 10% over this period of time • Credit-impairment costs have decreased steadily over same time horizon • Meanwhile, regulatory ones and settlements increased by almost 45x |
Compliance is now expected to provide practical perspectives on how regulations translate into specific operational requirements. | ||
Example: Numerous TILA1 subparts can be distilled into 7 major operational requirements | ||
Contents of TILA (Reg Z): • Subpart A: General information—purpose, coverage, exemptions, etc. • Subpart B: Requirements for open-end credit lines, including credit-card accounts and HELOCs2 • Subpart C: Requirements for closed-end credit, including home-purchase loans and motorvehicle loans with a fixed-loan term • Subpart D: Contains rules on oral disclosures, Spanish-language disclosure in Puerto Rico, record retention, effect on state laws, state exemptions (which only apply to states that had TILA-type laws prior to the Federal Act), and rate limitations • Subpart E: Contains special rules for mortgage transactions: – § 1026.32 Requirements for certain closed-end home mortgages – § 1026.33 Requirements for reverse mortgages, including the total annual loan cost rate and transaction disclosures |
Operational requirements: 1. Provide accurate and timely disclosures to customers 2. Provide accurate and timely redisclosures to customers 3. Ensure that annual percentage rates and fees are within tolerance 4. Ensure advertising and solicitation practices and materials are within policy 5. Ensure that customers are aware and able to exercise the right to rescind 6. Ensure that document records are retained per guidelines 7. Ensure originator incentives meet requirements |
There are several common archetypes for compliance organizations. |
A. Legal-led organization: Compliance as part of legal |
B. Risk-led organization: Compliance as part of risk |
C. Stand-alone compliance function |
|
Key features |
• Head of compliance reports to general counsel • Historically most common reporting structure • Compliance considered as a specialized unit within legal department • Legal and compliance staff often cover issues/ cases jointly with an unclear separation of work • Fosters independence from business divisions • Facilitates synergies sharing of legal/ regulatory expertise |
• Head of compliance reports to chief risk officer • Compliance considered a risk similar to operational risk— generates an integrated view across all risk types • Facilitates business alignment established in risk function (internal control unit and first level of control) • Recent trend among global banks, which previously had compliance reporting to legal • Compliance acts as control function, while legal advises business |
• Head of compliance reports to CEO or COO (or directly to board of directors) • Positioning of compliance similar to internal audit with clear separation from business • Significantly raises compliance-function profile • Ensures independence of compliance from other support functions (but requires coordination with risk function) • Usually focuses on control activities |