• Pamela Buckley
  • Published: 17 April 2023

Recognizing that many financial institutions have established, implemented and maintain a robust Compliance Management System (CMS), they have also benefited from a somewhat relaxed regulatory environment and strong economic performance in recent years. However, the regulatory and economic tides have shifted. Faced with increased regulatory scrutiny, new and amended laws and regulations, and escalating compliance costs, financial institutions should take a close look at their CMS to ensure it is operating effectively and efficiently. History has shown that an ineffective program may lead to substantial fines and penalties; an inefficient program simply costs too much.


Consider What’s Changed/Evolved

  • New Administration
  • Consumer Financial Protection Bureau (CFPB) Enforcement
  • New or Amended Laws and Regulations
  • Increased Interest Rates
  • Reduction in Fee Income
  • Fintech Partnerships and Competition
  • Staffing Shortages and Work-from-Home Expectations

The cost of compliance has continued to increase annually due to new and amended laws and regulations as well as increased regulatory scrutiny. With the recent finalization of the rule implementing Dodd-Frank Act Section 1071, requiring increased small business lending data collection and reporting, and the soon-to-be-finalized CRA modernization rule, the cost of compliance will continue to rise in 2023 and beyond.

Emerging regulatory compliance issues and increased regulatory expectations necessitate requisite expertise to ensure ongoing compliance with all applicable laws and regulations. Further exacerbating these challenges are the staffing shortages that have impacted countless industries, including financial services, creating inevitable knowledge and resource gaps.

Since the onset of the global pandemic in early 2020, there has been a substantial shift to a remote and hybrid work environment. This shift necessitated increased technology and equipment, while striving to maintain a high degree of collaboration and productivity. Documentation and data governance remain paramount, as does working independently and efficiently.

Shrinking profit margins, increased regulatory scrutiny around fee income, and industry-wide competition warrant consideration of cost-effective solutions.


Explore Cost-Effective Alternatives

To proactively identify knowledge and resource gaps, consider conducting detailed staffing analyses in a particular business unit or area of compliance (i.e., anti-money laundering or fraud prevention). Start by documenting all required/routine tasks that your institution/staff must complete on a regular basis and include your best estimation of the time it takes to complete each task. Factor in other duties for which personnel are responsible and then determine where you may fall short, both from a resource and knowledge or expertise perspective. Then explore your options including partnering with reputable third-party service providers who can help bridge those gaps, add value, and deploy the right resources where and when needed most.

In cases where compliance expertise is lacking or highly competitive, some community and regional banks have opted to manage compliance by committee, engaging external consultants for scalability and much needed subject matter expertise.

In response to market demand, Capco established a Managed Services Center years ago to offer effective, efficient, and scalable solutions to financial institutions nationwide. Bank Secrecy Act/Anti-Money Laundering and Fraud Alert-clearing, and Community Reinvestment Act (CRA) and Home Mortgage Disclosure Act (HMDA) Data Integrity Reviews are just a few examples of areas where financial institutions have struggled to comply and keep up with the volume of these routine tasks, welcoming value-added, cost-effective solutions. 


Renew Your Focus on the Three Lines of Defense

Too often we find that one or more of the three lines of defense (LOD) are lacking, inexperienced or derailed for one reason or another. In our experience, partnering with hundreds of financial institutions nationwide, we have observed that scheduled compliance monitoring reviews and audits were either postponed or canceled altogether due to the pandemic or other priorities. Now is the time to review and refresh your compliance monitoring program and audit plan to make sure that you have identified and documented, through an annual compliance risk assessment, inherent and residual risks associated with key business lines and compliance themes, and developed and implemented a risk-based compliance monitoring program (your first and second LOD) and audit plan. Coordinating across the three lines of defense to get caught up can also lead to potential cost savings.


Take Training to a New Level

With the ongoing shift to remote and hybrid work, recognize that your colleagues may crave human interaction, office visits, and interactive training. Speak to your training department about the 2023 training curriculum and its overall effectiveness and consider laws and regulations with which your institution may have struggled or continues to struggle, such as CRA/HMDA Data Integrity or Flood Insurance. Navigate your options in terms of providing in-person, classroom-style training or interactive workshops to bring people together and gauge their knowledge retention through quizzes and probing questions, together with answers interspersed throughout the training.

Encourage your board and management to establish and instill a culture of compliance, which, when actively enforced, will be readily apparent to regulatory examiners and auditors alike. Resume training your board and executive management team in person, covering key laws and regulations as well as regulatory hot topics and emerging issues. Solicit questions and provide periodic compliance updates to keep them engaged and inquisitive.


Contact Us

Let Capco’s national Compliance Consulting Practice know how we can assist you in optimizing your CMS. Please contact Managing Principal Pamela Buckley, CRCM at Pam.Buckley@Capco.com.



Pam is a Certified Regulatory Compliance Manager (CRCM) and former FDIC Acting Consumer Affairs Officer, Review Examiner, and Senior Compliance Examiner with 30+ years of banking and regulatory compliance experience and expertise. Pam leads Capco’s Compliance Consulting Practice, partnering with financial institutions of all sizes and charters to help them optimize their CMS and ensure ongoing compliance with applicable laws and regulations. She is also a frequent speaker at ABA’s Regulatory Compliance Conference and state trade association meetings nationwide.