LACEY, Wash.-It takes a village to ... keep credit unions in compliance.
That is the message from Terri Salinas, compliance director for NW Compliance Group, a standalone CUSO owned by four credit unions in Washington state. She told Credit Union Journal any advice she has for proactively addressing the compliance burden is tempered by the associated cost burden.
The approach NW Compliance Group has taken with its CUs in dealing with the increased compliance burden includes the following steps:
1. Get a feel for the current status of compliance in the credit union by conducting a top-to-bottom review.
2. Once weak areas or deficiencies have been identified, take steps to correct or improve compliance in those areas.
3. Dedicate one person to stay on top of new and changing regulations, and another person who is responsible for day-to-day compliance. Together, these people will know what is coming and the potential impact to the credit union, Salinas said.
4. Get compliance involved early in the process, whether implementation of new or changed regulations, or implementation of new products and services. "Identifying compliance issues early and including them in the implementation will ensure a smooth roll out."
Sharing The Burden
"Of course, not every credit union can afford a dedicated person to monitor all the new and changing regulations," she acknowledged. "And, doing top-to-bottom reviews of the credit union's compliance is very expensive. The four credit unions that own NW Compliance Group came together specifically for the purpose of sharing that cost burden. We perform these tasks, among others, for the credit unions."
NW Compliance Group is co-owned by $1.8 billion-asset Washington State Employees CU in Olympia, Wash.; $1.2 billion Gesa CU, Richland, Wash.; $361 million Salal CU, Seattle; and $497 million iQ CU, Vancouver, Wash. It was formed in April 2012 and began operating last July
Credit unions have always "done right" by their members, Salinas asserted, even if not all of them have been reading every page of the new regulations and following them to the letter.
"Still, it is important to meet the technical requirements," she said. "We do a lot of audits to identify the status of credit union compliance to get a baseline of what we are working with. We do a lot of the same things an in-house compliance person would do. We do training or review the training programs. In some cases they would like specialized training, such as on the Bank Secrecy Act."
In addition to forming their own compliance CUSO, credit unions may find outsourcing can reduce the compliance cost burden, Salinas said, noting there are a number of third parties that offer compliance services, from law firms to CUSOs. Many people who worked at banks and/or credit unions have retired but have formed companies that offer compliance services, she added.
"One way or another it takes a full-time person to keep on top of compliance because there are so darn many regs," she said.