All financial institutions operate in a restrictive regulatory environment, and the barrage of new rules from lawmakers and regulatory agencies makes the once-luxuriouscompliance department a now-vital resource. Yet acquiring talent and organizing it properly can be a haphazard undertaking. With significant variations in asset size, charter type, organizational complexity, budgetary allowance, and other considerations,credit unions often have a hard time finding the blueprint that’s right for them.
The two staffing approaches below look different in practice, but they target the same goal addressing the growing complexity of the compliance space. Regardless of where your own strategy falls on this spectrum, there are tips here you can useto attract and retain top talent.
Invest More Now, Pay Less Later
As is the case with many cooperatives, the past few years have necessitated rapid change in the compliance staffing strategy at ORNL Federal Credit Union ($1.5B, OakRidge, TN). In just over a year, the credit union’s department has grown from one individual to four, says T. Wayne Hood, ORNL’s senior vice president and general counsel. Hood joined ORNL in November 2012 to oversee the compliance departmentand develop a comprehensive enterprise risk management strategy.
It’s tough to go without a full-time compliance person at any asset size, but once you get past a couple hundred million, you need at least one person primarily dedicated to these tasks, says Hood, who ran a private practice that advisedORNL before joining the executive team. We were fortunate to be able to bring on more staff in this department than some credit unions have in their entire organization.
As part of his hiring efforts, Hood ensures the talents of each individual complements, rather than overlaps, one another. For example, the credit union employs a full-time compliance officer who was hired primarily for research and implementation planning.It also uses a compliance advocate promoted from the HR training program to act as a go between for the different departments.
This employee not only delivers compliance training to the front line but also listens to feedback and takes questions and suggestions for process improvements, Hood says. This communication is crucial because we don’t wantthe information we share to be perceived as only one way or always bad news.
Although regulations limit what suggestions the credit union can legally implement, ORNL has been able to green light many staff suggestions that have saved time, dollars, or resources.
ORNL’s third compliance employee focuses primarily on Bank Secrecy Act-related concerns, a monstrous burden that warrants the full attention of one person in and of itself, Hood says.
At ORNL, compliance is not restricted to middle management, and Hood’s ability to have direct discussions at the executive level has helped his department secure resources, talent, and training as well as more accurately present the ROI of its efforts.
Compliance is like insurance, you’ll never make money from carrying it and it’s sometimes hard to show the money you didn’t lose by doing things the right way, Hood says. Still, his team is able to show how it has helpedincreased efficiency, standardize processes and policies, and manage the institution’s reputation.
We can point to things like the recent Target data breach and say, We have a plan for something like this and here’s why we won’t get caught by surprise,’ Hood says.
For 2014, the credit union is on the hunt for a fifth compliance hire to focus on third-party vendor management.
Share And Share Alike
In the past, you really had three choices for dealing with compliance,says Steve Gibbs, manager of Shared Compliance Resources, a subsidiary of the Texas Credit Union League. One, you could hire a compliance person, which was expensiveand not always efficient because you would also have them focus on other tasks. Two, you could put an attorney on retainer, but you would likely only get feedback from them on major issues. Or three, you could have each department deal with thingsindividually, which typically was the least productive and most destructive of the three.
Since 2006, Gibbs’ organization has offered a fourth option shared compliance officers. The company hires the officers and leases them among its 80 credit union clients in five states. A full-time compliance hire can cost anywhere from $60,000to more than $100,000 annually. Through Shared Compliance Resources, credit unions pay for their compliance officer on an as-needed basis, which saves some organizations as much as 75%, Gibbs says.
A localized model pioneered by the Georgia Credit Union League served as inspiration for Shared Compliance Resources, but its multi-state approach offers several benefits.
When I was with the Federal Reserve, there were former auditors and examiners who would provide consulting services to banks by pointing out inaccuracies and infractions, Gibbs says. By using this free-agent structure, rather thansimply assigning one compliance employee to be shared among a certain number of institutions, we can pull staff in and out monthly, quarterly, or annually as needed and they can provide assistance to almost anyone.
Following the Texas Ranger motto of One Riot, One Ranger, the organization only hires those with key certifications and five-plus years experience, which helps ensure officers can meet a range of institutional needs. And although the modelseems like a natural fit for smaller credit unions, Gibbs says the service is most popular with credit unions in the $50-$500 million asset size.
We’ve served credit unions from $1 million to more than $1 billion in assets, he says. However, smaller credit unions might just want help to cleanup or eyeball things. It’s the larger credit unions who typically wantus to look over their existing compliance program or help develop a new one.
Once a credit union does find the right person or people for its compliance strategy, it must make sure they’ll stick around for the long haul.
Just like tellers and loan officers, once compliance individuals get good at their jobs, other businesses will want to lure them off to come work for them, Gibbs says.
Providing a competitive salary and benefits are a good start, but there’s more to showing support than offering money.
There are two things that matter more to compliance experts than their salary, Hood says. One is securing the budget to have adequate training so they can keep up with the constant flood of regulation changes. The second is feelingthat they are heard and respected by their executive management team.
To make sure you’re providing adequate support, look beyond the employees to the job you are asking them to do.
In a smaller credit union, it might be acceptable for a compliance officer to wear multiple hats, Gibbs says. But at larger and more complex organizations, this puts a burden on them. [For example] compliance tasks should always beseparate from audit because you need an independent perspective to be effective, and that can’t happen if you have to audit your own work.