No… or at least you hope.
For most financial services firms, it is a resounding “yes.” Why? Because your firm has not tested various measures set in place to comply with Dodd-Frank.
Unless you are one of the 40 largest banking institutions in the United States, compliance demands are much more than the compliance department can handle. A smallish bank with assets of about $15 Billion will have the full spectrum of depository financial products, a full spectrum of retail lending products, and some limited investment and financial advisory services for individuals, businesses and governments. Aside from a lack of active funds and securities trading floors, this pretty much covers Dodd-Frank. With about $700 Million in Revenue and about $100 Million in Net Income, the bank probably only has about $1 Billion in equity to play with. Reducing that Net Income means, reducing that equity cushion some more. So, then the bank takes on riskier loans for higher interest revenue, which will then require more compliance professionals, undoing the higher risk taken to offset the additional compliance cost to begin with.
Some of the solutions available to other industries is not available to your bank either. The bank cannot outsource compliance all together because… BSA compliance will not allow it. So, how can a smaller bank cope with the cost of complying with the regulation?
Merger is one method. Just become a larger bank, decreasing the marginal cost of management and overlapping markets, and simply have more resources available. This method defeats the purpose of the smaller bank because smaller bank has its own value proposition to the market, mainly, familiarity. You’re not supposed to be a nobody in a smaller bank.
Outsourcing whatever possible is another method. This is a tricky proposition. This might provide the bank with the leverage pressuring the vendor to reduce costs and, hopefully, the vendor can because it has other customers from which it has learned to be more efficient. On the other hand, this is at the cost of an internal culture that might have made the bank successful to begin with. Plus, the vendor actually has no incentive to pass on the productivity gains to the bank. And when the vendor screws up, the laws do not really have a recourse for vendors, which means the bank is taking on an operational risk as well.
This is what I propose for such banks: Hire senior level compliance officers as a service from vendors while hiring lower level compliance officers directly. Obviously, the chief compliance officer cannot be external, but all of the direct reports could be. The idea is that this regulatory change is being managed by people who have experience across the industry, and the bank can train lower level employees to take over over time. This hybrid method captures the most important part of hiring an external firm while obtaining the bulk of the manpower to maintain the business-as-usual processes and perpetuate the culture of success.
Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.