Continuity Control

How can we stop the bleeding? It’s a question banks have been asking themselves for years as the cost of regulatory compliance erodes margins, eats away at valuable resources and threatens the overall health of the community banking industry.

If community banks expect to conquer the massive complexities of today’s regulatory environment, while also tackling other market pressures facing their business, they must re-think the way they manage compliance. This includes developing a program that is built upon five key success factors: standardization, automation, change management, process visibility and cost control.

The Banking Compliance Index (BCI) found that smaller banks will spend $250 million and 8.3 million hours complying with regulations implemented in Q1 2013. The BCI shifts the dialogue from anecdotes to quantifiable data that "sends a more powerful message," says Pam Perdue, Continuity Control's chief compliance strategist. "We think it will be welcomed by all of the constituencies. Most importantly, legislatures and regulators will be aware of the impact."

With more than 800 regulatory changes enacted since 2008, community banks have had to devote more time, money and manpower to stay in compliance. The Banking Compliance Index introduced Wednesday by compliance platform provider Continuity Control uses public and proprietary data to track a bank’s regulatory compliance workload.

Managing compliance has become an overwhelming task because there is no standardized way to manage policies and procedures, so with every regulatory change the process starts all over again. When banks implement a standardized process for getting the work done, they have a sound system to address regulatory change.

Continuity Control, a New Haven, Conn.-based compliance company, has announced the availability of an automated compliance management system aimed at small and mid-sized credit unions and designed to offer continually updated information about evolving regulations from the NCUA.

Community banks are finding it hard to prosper in this regulatory environment. In a recent survey, a staggering 47 percent of community banking executives cited regulations as their greatest impediment to growth for the coming year. But this doesn’t have to be the case. There are 5 dynamics causing over-investment in compliance. Once solved, growth is possible even in the face of changes brought on by the regulatory environment.

Continuity Control announced Friday that it has been endorsed as a preferred provider by the Community BancService Corporation (CBSC), a subsidiary of the Community Bankers Association of Illinois that recommends products and services to banks. Continuity Control sells compliance software to community financial institutions.

Challenges drive innovations that become part of our day-to-day lives.  From light bulbs to the Internet to GPS, innovation is everywhere.  And the next stop? Innovations that reduce the compliance burden for banks. (Full article found on pages 32-33) 

Bankers are no strangers to technology, more and more banks are upgrading their service and product offerings. So it’s logical to wonder, with so many technological advancements taking place within community banking, why has the process of compliance remained in the dark? After years of analysis we’ve deduced that there are 5 major factors causing an over-investment in compliance: the rate of change, managing tasks manually, lack of standardization, reliance on 3rd parties and absence of a compliance budget.  This article outlines 5 key dynamics that can renovate your compliance program and get you back to the business of banking. (Full article found on page 12) 

We’ve all seen the uptick of transaction notices in newspapers. No, I’m not referring to the housing market, but rather the alarming rate of community banks closing their doors. Given the challenges in the banking industry, community banks looking at their options are increasingly realizing that the burden of compliance management has become more than they can handle.

Directors must ensure corrective actions are taken when weaknesses occur. Similar to preserving a house, an institution’s success depends on whether corrective actions are taken immediately.

There are three main aspects to successfully implementing corrective action:
1. Specifying and assigning corrective steps,
2. Confirming the correction occurred, and
3. Following-up at appropriate intervals to ensure the correction’s effectiveness.

Andy Greenawalt, CEO of the New Haven, Conn.-based bank compliance software firm Continuity Control, said regulation isn’t partisan, it’s cyclical. The low point in the cycle is 100 new regulations per year and the high point is 300. Greenawalt said he doesn’t see the pace of new regulations slowing. To maintain viability, credit unions must find ways to make change cost less.

Duke, a former community banker herself, knows there’s a difference between a too-big-to-fail institution and your local storefront lender. She said applying additional regulations and strict capital requirements under the international Basel III guidelines would “seriously impair” small lenders.

Just like a home inspection, a banking inspection ensures the safety and soundness of the structure. An overlooked mistake can spell a failed inspection, or worse, a structural collapse—and perhaps liability. Even after a passed inspection, periodic maintenance is required.Prompt detection, and swift and thorough remediation of the problem areas, can halt concerns before they worsen, thereby protecting your institution.

What do the most effective compliance programs have in common and how are they similar to construction projects? This article discusses the critical elements to building a successful compliance program - beginning with the blueprint.

With 762 regulatory updates in the past 5 years, an average of 152 annually, It’s time to think about compliance in a more structured fashion. To allocate resources more methodically and get more done with less effort. To deal with this increase, the team of Continuity Control has created the PAIN Score, a data-driven method to compliance decision-making that scores each regulatory update along four metrics:  Processes, Ambiguity, Interdependence and Noncompliance Consequences.

While most banks have sufficient regulatory and compliance controls in place, many have found it challenging communicating and documenting those controls to the satisfaction of their examiners. Andy Greenawalt answers questions on how community banks can more effectively report their risk management controls to examiners.

"We still haven't seen the brunt of Dodd-Frank or increased examinations yet," said Greenawalt. "Every year credit unions are investing in more compliance but not modernizing the process. They are investing in horse drawn carriages while cars are available."

The regulatory burden on banks and credit unions has been exacerbated by the Dodd/Frank Act which threatens the viability of thousands of financial institutions.  This trend has many financial institutions seeking technologically advanced methods to handle the burden.  Andy Greenawalt, CEO of Continuity Control, had this to say,"With a new plan of attack and the right technology, executives willing to make hard choices about change can improve their banks' efficiency ratios...A necessary element of that improvement will be the ability to operate in this complex regulatory environment with minimal overhead." 

In July 2010, the federal Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) was signed into law.  And as a result many community banks and credit unions are struggling to keep up with the pace of change. Andy Greenawalt, CEO of Continuity Control, saw this as an opportunity to develop an innovative compliance platform to help community financial institutions manage the growing burden of compliance.  

On the second anniversary of the Dodd-Frank bill, the technology to handle its stipulations is far from complete. That stands to reason, given how few of the rules and regulations implementing the sweeping reform bill have been written.

Bank compliance software maker  ... Continuity Control, has taken the last round of funding that CEO and founder Andrew Greenawalt hopes it will need: a $2.25 million investment from Connecticut Innovations and several angel investors.

New regulations created to monitor the big banks “are squeezing the smallest competitors and turning our banking system into a commodity business.”  These big banks are able to manage the regulatory burden by using sophisticated compliance platforms, previously unavailable to community financial institutions,  leaving community bankers with  “almost no incentive ... to start a small bank to serve their community” anymore.

The time requirements of new regulations are widely misconstrued by regulators and are exhausting the resources of community financial institutions that are valiantly trying to meet this burden.  In today’s regulatory reality, “Word documents and Excel spreadsheets are inadequate tools” however, “by flipping your compliance strategy and tackling the burden in a new way, the costs of compliance can be aligned with the vision of the regulators.”

The regulatory environment has been hard on the banking industry.  A recent survey found that 47% of community bank executives cited regulations as their greatest impediment to growth.  Community banks are facing a 20% efficiency disadvantage to the mega banks, but this doesn’t have to be the trend.  This article outlines  5 dynamics that, when controlled, can reduce the over-investment in compliance. (Full article found on pages 9 - 10). 

"Having a systematic way to test for compliance is critical," says Julie Conroy McNelley, a research director for Aite. She estimates there are 253 incremental regulations that will be added as a result of Dodd-Frank. "A lot of big banks have a platform in place to help with this. But with small banks, you have one or two people to handle compliance, and oftentimes the compliance and audits come with a huge paper trail." We'd just like to clarify that our solution is far more than a downloadable compliance management module. Continuity Control is the only complete compliance platform for community financial institutions.

I was talking with a group of bankers the other day who had just heard the rallying cry that “risk management” is a hot topic. When I clarified that the concept of risk-focused supervision had been around since 1995, they were shocked. This seasoned group of top-level executives was even more astounded when I asserted that the traditional models of managing risk would fail in 2012 and beyond. 

There is a widely held misconception that post-Dodd-Frank compliance will require banks to spend a majority of their resources to uphold compliance. This commonly held belief is preventing many bankers from making the best long-term decisions for their institutions. Statistics compiled by the regulatory operations center at Continuity Control indicate that the average community bank is projected to spend $200,000 in 2012 on compliance costs alone. However, in actuality there is an inverse relationship between a bank’s compliance expenditures and its compliance performance.

"Pam Perdue, chief compliance strategist at Continuity Control, said credit unions can expect to see "a lot more scrutiny around their behaviors with their members, and by that I mean the ways in which they advertise their product and service offerings," as well as the disclosures associated with those offerings."

Why more regulations do not automatically require more staff

Continuity Control enables community financial institutions to meet the diverse, often conflicting, objectives around compliance in our post Dodd-Frank world.

"Compliance management solutions provider Continuity Control has acquired two other firms and added their senior managers to its team."

The company acquired Compliance Services Group of Des Moines, Iowa, and Kirschler Peterson & Associates of Atlanta to support to the growing number of financial institutions that are clients of Continuity Control.

My Compliance Info founder Pam Perdue says that after seeing the Continuity platform and methodology, she simply could not go back to using antiquated compliance methods or inferior, piecemeal solutions. “We recognized not only the technological might of Continuity’s engine, but also its unbounded potential for revolutionizing the ways in which we think about and manage compliance,” she observed. “It’s our privilege to join Andy’s team and help them further leverage their proven track record of technology success. Continuity gets compliance under control.”

“The Bankers Assistant program provides significant and sustained cost savings over any financial institution’s manual processes, but it also facilitates better controls and a more thorough audit trail for improved compliance adherence and documentation,” said Lori Moore, CRCM, director of compliance for ATTUS. “One of the most effective tools is the Monitor that allows financial institutions to see all of their compliance activities and their status in real-time.”

"As the WikiLeaks controversy brews, corporate ethics, privacy and the rights of whistleblowers are hot topics of debate. But what about security?"

Andy Greenawalt discusses the core challenge with traditional data management and the solution that banks and credit unions are finding in cloud services such as Google Docs. "The need for human access proves the PC era is broken. The sooner we move on, the more secure we will all be," Greenawalt says. "By putting traffic in the cloud, you make the security and access equation fundamentally more solvable. It helps to keep you from missing a gap."

"Andy Greenwalt's Continuity Control wants to keep community banks in business by making compliance more affordable."

With regulatory compliance Apps that are as easy to purchase and install as an iPhone App, Control gives community banks with only one or two people in the Compliance department the benefits of a tier one bank's compliance "apparatus" at a fraction of the cost.

Community Banks are slowly embracing cloud computing, which can help cut costs and increase efficiency.

"It's something that I don't have to touch, and it's all taken care of by someone else. That's a very big plus." - Rachael Peterson, CFO at Bridgewater Bank, a $350M community bank.

Northern Federal Credit Union is using Continuity Control's online software application and online resources to boost the credit union's compliance training and vendor management.  Control's applications have kept the credit union from having to hire an additional employee and made the compliance officer much more efficient. "It saves me at least three to four hours a week," said Compliance Specialist Jennifer Davis, who added the tool helps her more effectively manage, monitor, and coordinate compliance activity throughout the entire credit union.

"We did everything manually," based on a Bank Secrecy Act (BSA) policy template purchased online, Gilman explained. "I was following an FFIEC manual and hoping I got it right. I spent a week every year preparing and reviewing the policy and then following up with staff to make sure each task was accomplished. Compliance was almost like a line of business for us."

BSA compliance is now largely automated at York County FCU and takes less than three days - that's a cost reduction of nearly 80% for just one area of regulatory compliance. Gilman plans to activate the entire suite of nearly 40 Control applications as part of the Compliance Assistant Program.

"First Service CU responded to the June 2009 holdup by deploying an automated compliance package designed to guarantee that controls such as alarm testing and inventory of bait money are in place at each of the credit union’s 10 locations around Harris County.

"Together with our senior vice president of IT, I worked on a credit union-wide assessment of our security and compliance policies, which showed a definite need for FSCU to automate procedures, organize our control policies and create consistency among all branches," said Sid Zahn, vice president of compliance and internal audit at the Texas credit union."

From compliance management to fraud detection software, community banks are busy considering systems.

One company involved in a compliance management software niche informally called "nagware" is Continuity Control in New Haven, Conn. The company offers 40 specialized applications to help executives and compliance officers...

Rules and regulations specific to the fast-growing mobile banking channel will be a fact of life. It’s just a matter of time.  That’s according to people who make their living helping credit unions and other financial institutions accommodate new technologies and the compliance challenges that come along with them, as well as shape the rules themselves.

Credit unions may have a tax exemption, but they’re anything but exempt from the “compliance tax,” according to one company.

Indeed, in the inverse of typical tax rates, the smaller the CU the larger the compliance tax burden in most cases, reports Continuity Control, a provider of an on-demand, web–based software platform for compliance.

“We’re seeing this dramatic increase in back-end costs to support every dollar of assets,” said CEO Andy Greenawalt, referring to what the company calls the “compliance tax.”

The Frank-Dodd financial reform bill is the latest development in the growing regulatory oversight that is burdening the entire financial services industry and crippling community financial institutions in particular. Some financial industry experts contend that the only options for community financial institutions are to grow, merge or die. The reasoning behind this logic is that there are just two real alternatives for credit unions. The first is to grow, via organic or strategic means, with market share penetration or a merger. The latter, death, needs no real explanation.  The assumption that the cost of compliance is not elastic and cannot be scaled down for smaller institutions holds the “merge or die” argument together.

On the heels of the epic banking regulatory reform bill that President Obama signed into law on July 21, we were very pleased to share our perspective, and the method by which we aim to help community financial institutions survive and thrive by cutting their Compliance Tax,  on the cover of American Banker July 26, 2010.  “What we hear from people all the time is, ‘Just tell me what I need to do,’ ” said Andy Greenawalt, the founder and chief executive of Continuity Control.

A recent report makes the assertion that "by 2013, the cost of regulatory compliance and risk management will have priced Tier 3 and Tier 4 financial institutions out of the market." This Compliance Tax can be addressed, and I believe the solution is found in technology...

This article, which appears on Page 32, explores the adoption of social media within the banking industry and how technology can be used lower the burden of social media compliance. One of the top reasons cited by community banks for avoiding social media has been the issue of compliance and the concerns it brings.

While compliance regulations have not kept pace with the adoption of social media, banks still must be proactive in establishing a policy that clearly provides guidance and controls for social networking. This article provides helpful tips to get started and how the use of technology can be used to manage the new risks that come with social networking.

Continuity Engine is enlisting other companies to help it streamline and automate the tasks it handles for community banks that must satisfy regulators.  Through its ActionPack Alliance, the company is working with its first group of outside providers, writing modules for Continuity Engine’s compliance automation system, Control.  Control now offers about 60 ActionPacks and there are more than 400 financial institutions using the platform.

Credit unions are facing the impact of employees using social networking Web sites, such as Twitter, for both professional and personal use.  As a result, Arizona State CU built social media guidelines in to its employee handbook.  The guidelines were based on the free social media policy that the credit union downloaded from Continuity Engine.  The policy was created from a collaborative effort and it’s subject to improvements suggested by the financial institutions that created it through crowdsourcing.

"Facing increasing pressure to improve their data security, a growing number of small and midsized banks are looking for outside help.  Union Savings Bank has partnered with Continuity Engine to create regulatory compliance modules, known as ActionPacks, that manage everything from human resource policies to IT change controls."