When autocomplete results are available use up and down arrows to review and enter to select.
Aug. 21, 2024
Regulatory exams can be nerve-racking, but they’re a requirement of any community bank’s operations. Fortunately, audits can go much more smoothly with proper preparation. Here are seven best practices that community banks can adopt to demonstrate to regulators that they are safe and sound and adhering to all applicable regulations.
The best way for community banks to prepare for upcoming exams is to review the results of their last exam to see if there was any “unfinished business,” or items that regulators flagged that would be scrutinized in the following exam, says Chris Cole, ICBA’s executive vice president and senior regulatory counsel.
“It’s surprising when banks fail to do that, and they kick themselves in the head that they didn’t prepare because they didn’t look at the last exam more closely,” he says.
Before exams, community banks should take heed of any advance notices from regulators of what specifically they’ll be scrutinizing, Cole says.
Most likely, regulators will be evaluating compliance with fair lending laws and regulations, according to Thomas Grundy, CRCM, senior director, U.S. Advisory Services for Wolters Kluwer Compliance Solutions, which is based in Minneapolis.
“As more community banks expand the scope and reach of their lending activities through partnerships with third-party lenders and financial technology firms, regulators are paying close attention to the oversight activities of partner banks to ensure compliance with consumer protection and fair lending laws and regulations,” Grundy says.
Most recently, regulators have been paying particular attention to fairness in home appraisals and the impact of algorithms and artificial intelligence that could result in bias in automated valuations, he says. They are zeroing in on the accuracy and clarity of applicant notifications in the case of adverse credit decisions.
Moreover, regulatory enforcement actions over the past year have made clear that fair lending program oversight by bank boards and executive management is a top expectation, Grundy adds.
Regulators are also continuing to pay close attention to banks’ Bank Secrecy Act compliance programs for possible deficiencies, as well as overdraft policies and re‑presentment practices.
“Ever since Silicon Valley Bank failed, liquidity has been the number one issue that all the examiners have been looking at.”—Chris Cole, ICBA
Community bankers should attend events like Cole’s annual “Regulation Hot Stuff” session held during ICBA LIVE, where he asks representatives from the OCC, the Federal Reserve and FDIC to detail the notable issues that they are focusing on in exams.
“For instance, ever since Silicon Valley Bank failed, liquidity has been the number one issue that all the examiners have been looking at,” Cole says. “During our last discussion, I asked them if they were expecting banks to stress test their liquidity, and they said yes, particularly if they have a fair amount of uninsured deposits or if their investment portfolio has been adversely impacted by interest rates.”
Regulators also said they want to make sure bank boards reviewed the results of the stress rests, as well as the results of their bank’s asset liability committee.
Community bankers should also keep their ears close to the ground to learn what local regulators may be concerned about, Cole says. For example, if they are agricultural lenders in a particular region of the country, examiners may be more concerned about certain kinds of commodity loans or livestock loans.
Alternatively, if banks are lending in areas with distressed commercial real estate values or CRE bubbles, regulators will more heavily scrutinize banks with high concentrations of CRE loans, particularly if they exceed their capital limits, he says. Community banks should be prepared to demonstrate how they mitigate the concentration risk.
“Make sure that you show them that your CRE portfolio is diversified enough—certainly, you wouldn’t want to be concentrated in office loans these days,” Cole says. “Show them your loans are for a diverse range of product types, like retail, industrial, doctor’s office, etcetera. If you show a great diversity, that helps allay some of the concerns of the risk of an overly concentrated CRE portfolio.”
Regulators also like to see CRE loans for more owner-occupied properties than for speculative development, and they also like to see low loan-to-value ratios on those properties as well, Cole adds.
Community banks should continually assess the effectiveness of their monitoring and testing procedures at the first and second lines of defense, so they always know where they stand regarding the efficacy of their compliance management activities, Grundy notes. Banks should validate these results through an independent audit, either conducted internally, through an external audit firm or co-sources somewhere in the middle.
“Nonetheless, maintaining confirmed and validated performance metrics, as well as proactively identifying gaps in compliance processes, helps positively position a bank when preparing for a compliance examination,” he says.
Banks that are well-informed regarding the status of compliance across a broad range of issues can effectively present the facts and make a cogent case for management action to remediate any findings or gaps in the control environment, Grundy adds.
It’s paramount that any findings resulting from a regulatory exam are registered and entered into a tracking process that is replete with assignment of ownership and notated with regular status updates detailing progress toward a stated deadline for full remediation, Grundy says.
Post pandemic, regulators are spending a lot less time onsite at banks, preferring to conduct a sizable amount of review remotely, Cole says. As such, community bankers should take advantage of the time examiners are with them face to face to strengthen the relationship.
“Treat them nicely, embrace them and be very forthcoming with them,” he says. “Be prepared, be ready and show them that you have a pretty good idea about what they’re going to be asking. That lets them know that you’re on top of the situation and, consequently, you’re more likely to get a higher CAMELS rating for management.”