2014 Graduate School of Compliance Management
Get in-depth guidance on developing, implementing and maintaining an effective Compliance Management System (CMS) that enhances your institution's strategic plan.
Our new Graduate Compliance School is designed for experienced officers and risk managers who strive for regulatory excellence by ensuring the Compliance Management System integrates compliance ownership into the culture of the bank. The goal is to shrink the communications gap between revenue producers and techno-centric compliance officers. You will outpace your peers by speaking in risk-based terms to close the gap between those who have responsibility as product owners and your compliance governance, scrutiny and oversight duties
This school will use the new Loan Estimate and Closing Disclosure (TILA/RESPA) as the vehicle to enhance your Compliance Management System to spearhead the pursuit of institution-wide regulatory success. Classroom outline is:
- Become familiar with the new TILA/RESPA integrated disclosures.
- Craft a risk-based Risk Assessment to drive the bank-wide integration project.
- Develop a “Change Control” plan addressing the Systems, Monitoring, Assessment, Accountability, Responsiveness Controls and Training components of the CMS.
It’s tempting to focus on something else since August 2015 seems far off, but everyday counts so you should be starting now. By attending the Graduate Compliance School you will return to your Bank with a solid framework covering the new rule and a risk assessment for planning, training and testing.
To facilitate leaning, there will be breakout groups to work on drafting documents and then group presentations for shared learning. You will leave the School with a governance plan for implementing the new TILA/RESPA disclosure, greater skills to have a risk-based dialogue with product owners and shift the current paradigm from “Compliance is your job to Compliance is everyone’s job” thus fixing the culture and ownership issues.
In addition, on the last day, we will review “bell weather” DOJ, legal and Regulatory Opinions that increase the risk exposure to your CMS. You will be able to judge potential weaknesses in your CMS from stringent enforcement actions.
Who Should Attend
- Compliance Officers
- Lending Personnel
- Bank Directors
- CRA Officers
- Bank Counsel
- Graduates of CBA Compliance School
Dates & Accomodations
August 20 – 22, 2014
Hyatt Regency Newport Beach
1107 Jamboree Road
Newport Beach, CA 92660
CBA has arranged a block of rooms at the rate of $149/night plus taxes. Please call the hotel to arrange room reservations and reference the California Bankers Association by July 29, 2014, or click Hyatt Regency Newport Beach to reserve online.
Early-Bird Registration (Extended through Monday July 28, 2014)
CBA Member: $1,500
CBA Member: $1,800
Cancellation & Complaint Resolution Policy:
Substitutions are allowed, at no additional cost. Written notice is required for all substitutions/cancellations. If written notice is received by July 28, 2014, the full registration fee will be refunded, minus a $500 processing fee. If written notice is received by August 4, 50 percent will be refunded. No refunds will be provided after August 4, 2014. Registrations made on or after August 4 are not subject to refund.
If you are not fully satisfied, please contact John Lingvall, VP & Director of Education at (916) 438-4428.
(Breakfast will be available from 7:00 – 8:00 each morning, with lunch about noon)
Sessions will run from 8:00 to 4:00 on days one and two, and 8:00 to Noon on day three.
Day One: A.M.
Discuss the evolution of the role of regulatory compliance and integration into the organizational fiber of a financial institution
- What have we learned and didn’t learn in compliance management
- Looking at organization structure and its behavioral impact
- Understanding management’s objectives
- Identifying how to combine risk based compliance fits into enterprise-wide risk management
- Drafting a Paradigm
- Work Group Preparing a mission statement
- Review the components of an effective CMS
- Speaking the Language of Management and the Board: This will include gaining an understanding of the institution’s performance, profitability, strategic business plans, and the successful integration of compliance in all institution activities.
- Compliance Responsibilities – Exploring “How To” develop and implement a “Compliance Is Everyone’s Business” culture. Discussing how to speak the Board’s (and Management’s) language to discuss risks, resources, alternative mitigating strategies, and gain support for the CMS.
- Board of Directors – Speaking the Board’s language of risk
- Management – Matching the CMS to strategic plans
- Compliance – Establishing and managing the CMS program plan
- All Staff – Promoting the “Compliance is Everyone’s Job” culture
TIL-RESPA Integrated Disclosure Rule
- Using the new disclosure rule as the center-piece to implementing an effective Compliance Management System
- Overview of the technical components of the new TIL-RESPA Integrated Disclosure Rule
- Identify what triggers an application
- Preparation and delivery timing Requirements
- Elements of the new Loan Estimate Disclosure form
- Accuracy and tolerance provision requirements
- Elements of the new Closing Disclosure form
- Correction and revisions rules and how to “cure” exceptions
- Additional disclosure requirements include in the new regulation, such as the RESPA Settlement Booklet, Escrow Closing Notice and Partial Payment Disclosure
Day One: P.M.
Preparing a regulatory baseline/annual risk assessment
- Introduction to Risk Assessments
- Understanding how regulation risk feeds in compliance risk and enterprise-wide risk
- Exploring the risk assessment process
- Raw/Unmitigated Risk – Identifying the risks that are inherent in the institution’s footprint, strategic plan, and regulatory environment
- Risk Mitigating Controls – Recognizing ways to mitigate risk through various control mechanisms, we’ll explore effective mitigation and the art of knowing which mitigating controls work in which situations and which may not.
- Residual/Mitigated Risk – Recognizing and managing to the level of risk acceptable to the institution.
- Formation of “Work Groups” and development of the new rule risk assessment
- Presenting and critiquing class risk assessments
- Applying All Resources Based Upon the Assessed Risk: Building upon the risk profile, we’ll identify the resources necessary and alternatives possible to achieve the Board-approved risk levels.
- Managing Limited Time and Using Resources: We’ll discuss alternatives to meeting the CMS goals without sacrificing the ability to achieve the acceptable level or risk. We’ll also explore the importance of communicating the CMS plan consistent with the Board’s (and Management’s) plan and risk tolerance
Day Two: A.M.
CMS Program Components
- Policies and Procedures
- Compliance Change Management: Recognizing that change is inevitable, we’ll build processes that consider regulatory changes, strategic business plan changes, products/services, changes, and the changes dictated by technology. We’ll use recent regulatory changes, common products/services changes from real life examples, and discuss recent and emerging technologies that drive the customer experience to make sure the compliance aspects are clearly and fully addressed.
- Implementing Strategic Plans: Establishing a comprehensive, strategic compliance plan is an often overlooked mandate to make sure the compliance program is properly managed and is consistent with the overall business strategy.
- Implementing New and Revised Rules (laws, regulations, agency guidance): There are multiple examples that will make up our deep-dive to identify the best approach to proper implementation of rules. This will include evaluation of proposed changes for potential impact and meaningful comment.
- Implementing New and Revised Products (products, services, and delivery channels): Similar to the process to implement rules changes, implementing product, service, and delivery channel changes requires the same level of diligent planning and active oversight.
- Compliance Vendor Management: It’s not enough to simply plug and play when it comes to service providers. We’ll dig deep into the process to follow to make sure that relationships with third party providers of compliance and compliance-related solutions meet the institution’s needs, accomplish desired goals, and are appropriately managed. Whether vendors are relied upon under one of the key CMS components or by business units to deliver compliant results, they need to be properly managed by the Compliance Officer.
- Scope of Work
- Adequacy/Accuracy of Deliverable
- Monitoring/Quality Assurance: Early and effective activities to detect and correct compliance weaknesses has always been an important part of the CMS, but it has never been more critical to ensuring the success of the CMS than it is in today’s environment. Based upon the risks identified, we’ll discuss various, successful monitoring and quality assurance plans that make sense for (and are consistent with) the institution’s strategic business plans. We’ll also explore various ways to effectively complete this vitally-important aspect of the CMS.
Day Two: P.M.
CMS Program Components (cont’d)
- Training: We’ll explore the training program as it needs to be built in light of the assessed risks. This will include discussion about minimum training on relevant rules, training on the way the institution operates, and training that is designed to fully support the institution’s strategic plan and the CMS plan. We’ll explore the many aspects of compliance-related training and the myriad of delivery mechanisms – identifying those that make sense as well as those that may not make sense given the cases studied.
- Annual Schedule
- Change Management
- Corrective Action
- Testing Understanding
- Corrective Action Responsiveness: It’s not enough to fix violations identified by examiners or even independent testing. We’ll explore the compliance professional’s methodology regarding violations of rules, exceptions to institution policies/procedures, and best practice recommendations. We’ll explore the process all the way through the confirmation that corrective action was effective.
- Identifying “root cause”
- Action Plan
- Independent Testing: Using recent criticisms of the independent testing component from our case studies, we’ll find solutions that make sense for the institution, are effective, are consistent with identified risks, and meet regulatory agency expectations. We’ll also explore alternatives and cost effective, when properly managed.
- Sample sizes
- Management Responses
- Consumer Complaints: Clearly among the CFPB’s highest objectives, we’ll make sense out of this process that carries so much importance and poses such significant reputation risk. Beyond the days of responding to written complaints from consumers, we’ll develop processes that provide solutions relevant to the institution – including those with fair lending or UDAAP implications.
- Work Group drafting of Complaint Tracking Program
Board Reporting of Compliance Activities
- Recognizing that the CMS must come full circle to the starting point, we’ll discuss the process to provide meaningful and useful information to the Board, so the Board can fulfill its responsibility to ensure an effective CMS. We’ll discuss strategies to help the Compliance Officer know the most effective way to provide necessary information to the Board in a form that meets the Board’s expectations.
- “State of Compliance” Presentation
- Regular Reports
- Special Reports
- Work Group preparing a Board Compliance Presentation
Preparing for (and Surviving) Examinations
- When the CMS is comprehensive and effective, the examination merely confirms what is already known by the institution. That doesn’t mean, however, that the examination process should be overlooked or taken lightly. We’ll explore proven methods that help ensure a successful examination. We’ll discuss the dos and don’ts that need to be considered, not the least of which is the need to make sure the institution’s staff, management, and Board are all prepared.
Recent Enforcement Actions and Other Compliance Risk
- Fair lending risk looms big and settlements are staggering
- UPAAP is all pervasive and the squishiness of the put every institution on guard
- Regulators are attacking the CMS weaknesses and down grading compliance programs
- Regulators are gearing up for thorough QM exams in 2015
Tom Thomas, founder of Thomas Compliance Associates (TCA, Inc.), has been part of the financial compliance scene for more than 35 years, leads our core instructor team. Tom has written compliance books, guides and countless articles on banking compliance issues. He has taught compliance to students ranging from tellers to examiners and is a highly respected speaker at financial institution meetings across the country. Tom is also a bank director and shares information which enables participants to see and learn compliance from management’s perspective. TCA, is recognized as one of the top compliance consulting firms in the financial industry.
CPE Credit Information
Program Level: Intermediate/Advanced
Advance Preparation: None
Method of Presentation: Group – Live (Lecture, Discussion, and Table Exercises)
Recommended CPE Credits: 20
Sponsored learning activities are measured by program length, with one 50-minute period equal to one CPE credit. One-half CPE credit increments (equal to 25 minutes) are permitted after the first credit has been earned in a given learning activity. Please note that not all state boards have adopted this rule. Some participants may not be able to use one-half credit increments
Frequently Asked Questions
Will I receive credits towards the CRCM designation?
Yes, you will. The program is certified by the ABA, Institute of Certified Bankers for 20.25 CRCM credits.