At its most recent meeting, members of Nacha’s Risk Management Advisory Group (RMAG) discussed tips on how a financial institution can prepare for its next regulator exam. These tips are based on conversations that several RMAG members have had with financial institutions, regulators, and others at a variety of recent forums. Payments are becoming more complicated and require a knowledgeable, talented staff that can correctly assess and mitigate risk.
Among some of the key points that the members of RMAG discussed were the following:
- Make sure that the executive team is engaged in the payments business, understands the issues, and can articulate the payments strategy of the institution. The payments industry is evolving rapidly, with new alternatives coming to market that may have an impact on core lines of business, and the executive management team should be involved.
- Make sure that payments, risk and credit policies, and all procedures related to those policies are up-to-date. All high-risk product policies and risk assessments need to be reviewed by executive management or the board on an annual basis even if no changes have occurred. Ensure that policies and procedures are understood and are being followed by the operating units within the institution.
- Understand and be able to articulate the account holder’s business model and account activity. By understanding the expected activity, financial institutions will better be able to notice anomalous client activity. Larger institutions generally are expected to have more complex anomaly detection processes in place to help detect and prevent fraud.
- Break down organizational silos across the institution to ensure that there is timely communication among all parties involved in the payments business.
- Monitor staff educational plans to ensure that staff are aware of any relevant legal, regulatory, or operational changes that may impact their departments. Regulators recognize and value subject matter experts who have earned certifications in their field (AAP, APRP, CAMS, NCP). Strong knowledge of Regulation E and error resolution processes is also expected, including an understanding of how they apply across different payment types. Because of the pace of change in the payments industry, continuing education is a must.
While you can never be completely sure what your next exam team will want to review, these five simple steps can help you to prepare your team for the next time the examiners arrive at your door.
Any questions for RMAG can be emailed to Peter Hohenstein at firstname.lastname@example.org