In an assignment last year I had to read the lending and personnel policies of a community bank with an eye to assessing the bank’s compliance and culture.
Having written several loan policies in my working career, I probably tend to be hypercritical of what I’m reviewing. I bristle at words like “prohibited,” for example.
What I saw during this assignment was a relatively small community bank with a 90-page loan policy. There was also a separate “Conflicts of Interest” policy that went on for a couple of dozen pages and a three-page tutorial on “Unfair, Deceptive, or Abusive Acts or Practices Policy and Procedures.”
That’s a lot of paper for such a small institution. This struck me as a belt-and-suspenders approach to risk management. Beyond that, I began wondering about the culture of the institution.
Was all of this “stuff” needed? Was it warranted? What calamity had befallen the bank requiring these sorts of responses?
Perhaps, I wondered, some safety and soundness examiner had gotten on a high horse at a recent exam.
I was wrong. This was self-inflicted.
Answer behind the avalanche
Eventually I had the opportunity to ask the president and CEO what lay behind the volume of words and policies.
The answer was as I vaguely suspected it would be. A vigorous compliance officer—no longer with the bank—had caught the ear of the board. That gave root in that bank to the compliance mentality that has been prevalent among the regulatory agencies since the Dodd-Frank Act became law.
The compliance person’s ideas of effective compliance activity had been allowed to grow within the bank without pruning, culling, or containment for sense or utility over the period of the last four or five years.
None of this probably would matter very much—except that the bank has been involved in litigation.
In the course of normal “discovery”—the process by which each side can request relevant documents from the other—plaintiff’s counsel had obtained and read all of this information. Counsel concluded, not surprisingly, that there must be a problem for the board to be so concerned and to have responded so elaborately in multiple ways.
Sniffing out the source
I saw something very different. The policies appeared better suited for a medium-sized or larger regional bank. One particularly strong example: The documents contained an extreme degree of specificity on the acceptability of collateral that it was unlikely that this bank ever would see within its trade area.
My concern then shifted to whether such a policy reflected the culture of the institution or whether it was simply “filler” material designed to check off an item on a long list.
I concluded—and later confirmed—that the loan policy was found on the internet and selected for its apparent thoroughness, rather than any relevance to the local situation.
One telltale example: This is a state-chartered bank and the reference to the chief financial officer of the bank identified the title of “Cashier.”
“Cashier” is a banking title unique to national banks, while “Treasurer” is the corresponding title among state-chartered institutions.
The Conflicts of Interest Policy was also referred to as the Ethics Program. Are ethics programs common or necessary in relatively small community bank environments?
They are required in publicly traded companies dating back to the legislative aftermath of the Enron collapse. But I doubted the value or the utility of the lengthy document I reviewed. A simple statement on what constitutes unacceptable behavior, with examples, is probably sufficient.
I raise these issues as “below the radar” examples of where policies and statements do not match practice. We’re all familiar with the exalted language of mission, vision, and values statements. And we’ve seen the frequent disconnects of individual practice that’s come to light in several recent settlements of litigation and enforcement actions of large banks and financial enterprises.
But here is an example of operational and aspirational disconnects at a relatively small bank level. I submit that they can be problematic—not in the sense of prohibiting inappropriate behavior but for the possibility of suggesting problems exist for which the policy statements were designed to address.
Nor do elaborate statements at the operational level necessarily enhance the value of such documents in terms credibility or compliance by the staff.
One size never fits all
This is another way of suggesting that a community bank’s policies should accurately reflect the desired culture and attitudes of the bank. “Off the shelf” solutions can be helpful starting points. But the final documents should reflect local, on the ground reality for that particular bank.
Large institutions must be managed with a higher degree of formality for consistency of action and outcomes. But in smaller institutions, where most staff contacts consist of frequent face-to-face interactions, the expectations should be no less rigorous but can be conveyed and received in more personal ways.
I suspect that we’re on the verge of considerable change in our industry’s business outlook and the way in which we’re externally overseen. It’s time that we update our suite of policies to reflect conditions and attitudes that are truly local and not remote or “other worldly” in their impersonality.
Rigorous compliance with law and regulation has been the norm since the Great Recession and the banking collapse beginning in 2008. The incoming Trump Administration has promised to work toward lightening the regulatory burden on banks and financial institutions. So it’s time to prune away the clutter that may have accumulated around our stated policies in the last several years.