With efficiency demands still high, modern credit unions are facing down an increasingly complex regulatory environment. Many credit unions find it tough to avoid committing neither too much nor too little of their resources to compliance tasks. Some small credit unions find an outsourced model to be most effective, while more complex organizations may benefit investing in hiring their own compliance experts. Others find a mix of both in-house and outsourced help works the best for them.
Think Institutionally, Not Departmentally
For San Antonio Credit Union ($3B, San Antonio, TX), positioning for the future meant shifting compliance resources and personnel to a centralized, dedicated department instead of having them scattered throughout the organization ─ where compliance efforts resided mainly in individual business units and compliance officers juggled other job duties.
“The ongoing expansion of rules and regulations requires more than just monitoring individual departments,” says Rebecca Drake, the credit union’s compliance manager. “It’s about monitoring where the credit union is as a whole today and spotlighting where it should be.”
Today’s challenges for SACU’s compliance officers include preparing for upcoming regulatory changes, monitoring compliance and abiding by existing regulations, and recommending changes to make the credit union more efficient.
Drake and two other compliance officers previously worked in specific departments at the credit union. They were certified through the NAFCU Certified Compliance Officer program, which provided the skills set to address compliance issues on a larger scale.
Some departments at SACU have employees with compliance experience specific to that unit, but many new regulations affect more than one business area at a time. Having one institutional compliance department allows SACU to have the scale to communicate upcoming issues and new information across the organization.
“Working in a specific department, you’re able to become a subject matter expert,” Drake says. “But the credit union also needs individuals to help collaborate with business units to stay abreast of all the different possibilities that could be coming our way.”
Much of the compliance budget is devoted to ongoing training to keep track of emerging demands. But compliance officers also gather free and low-cost industry resources.
“We try to add value to the credit union by utilizing resources to expand in-house capabilities rather than outsourcing those tasks,” Drake says. “So much of compliance is based on interpretation, so having the ability to have professionals from different credit unions share their ideas and information with each other is a huge benefit.”
The credit union rarely outsources compliance tasks, but it sometimes does so in complex situations where compliance officers need more resources.
Being in-house, compliance officers can learn the true operations side of the businesses and may be able to better connect with employees as partners, rather than just serving as a monitor for errors.
“It's refreshing to see a shift in behaviors, with credit union staff proactively seeking our advice and opinion to assist with regulatory issues,” Drake says. “It’s become OK to ask for help and there’s a lot more appreciation throughout out the industry.”
Some of the credit union’s current priorities include proposed changes to mortgage and credit card disclosures, loan workout and accrual policies, due diligence, and updates to the NCUA call report. Even simple changes like updating disclosure forms and documents creates a lot of back-end work with vendors.
While the compliance department provides recommendations and strategies, and assists with plan implementation, the business units themselves are accountable for the end compliance. And much depends on how much time the institution is given.
“The more time the regulators give between releasing the final rule and the mandatory compliance date, the better,” Drake says. “We know it is coming and have a plan in place, but you can’t make the change until the proposed rule becomes final.”
Outsourced Resources Supplement Staff
When Constellation Federal Credit Union ($170M, Falls Church, VA) lost its sole compliance officer in January, a replace and rebuild staffing strategy was certainly an option.
While the credit union did take the time to locate and train a replacement, but that person left the credit union just six months later. After that, the credit union chose to outsource the position entirely, relying Compass Compliance Assistance for Credit Unions, one of many CUSOs managing compliance tasks.
“We knew we needed some compliance assistance one way or the other,” says Lindsay Alexander, acting CEO for the credit union.
One senior executive is a certified compliance officer and manages some individual business unit issues, like Americans With Disabilities Act (ADA) ATM compliance, she says. However, if she handled all compliance issues she would have little time for her primary duties.
“Without question, the regulatory burden has increased over the last couple of years,” Alexander says. Yet with 8,300 members and a staff of 25, the credit union was concerned about whether it could compliance review responsibilities would demand a full-time job. “It just made more sense for us to look to the outside for compliance resources, knowing that we still had that liaison on the inside to manage the relationship.”
With the minimum salary for a compliance officer averaging $65,000 - $70,000 a year, Constellation saves at least $40,000 annually by outsourcing, Alexander says.
“Down the road this strategy might change, especially when a new CEO arrives,” she says. “As the compliance burden continues to increase, many credit unions will likely find themselves hiring an internal compliance officer.”
Constellation receives regulatory review services, input on various policies its writing, and management for staff training for regulations like the Bank Secrecy Act (BSA).
The credit union is on a yearly contract, and the CUSO customized a package of services to meet their particular needs. However, the credit union handles some compliance issues through other relationships – like audit services. Alexander already woirked with Compass and was comfortable with it. “They were local and I really knew who they were,” she says.
Credit unions without those resources can still consider using expertise of the people who back the company to ensure the kind of services a CUSO offers are what the credit union needs.
Whatever path an institution chooses – outsourcing or investing in an onstaff compliance officer – it should expect to make additional investments to keep up with an increasingly complex compliance environment.