Don't Get Your Compliance Record Tangled in the Web

Article excerpt

Jo Ann S. Barefoot, contributing editor. Barefoot heads up Columbus, Ohio-based KPMG Barefoot, Marrinan, a business unit of KPMG Peat Marwick LLP. She is a partner in the parent firm.

An informal survey of bank sites finds both good and bad compliance news. How can your bank stay clean?

The Internet is a great "leveler" between large and small banks. It provides a cost-effective delivery system for any bank to find and serve customers. Small banks can easily reach thousands of miles beyond local markets to promote niche products or competitive prices. Large banks can offer sophisticated products and high-convenience services to their high-end custom- ers. Both can use the Web to gather precious data on users of their sites and services.

Furthermore, both can use the Web to gain a foothold in the growing market of young, educated, computer-savvy consumers. Branch networks are still important delivery channels, but it takes an active imagination to envision bank lobbies in the year 2000 filled with come-of-age Generation X-ers standing patiently in line for basic transactions.

My parents still go to the bank. I go rarely. My grown son hasn't set foot in a bank in years. And my younger children, like most everyone's, use the computer to research school papers, "talk" with their friends, and conquer distant galaxies. It is inconceivable that they will not use it, almost exclusively, to do their banking.

Hence the proliferation of Web sites as banks learn to make this new channel work for them and their customers. And with this proliferation comes compliance problems.

What's out there--and what's not

For this column, my colleagues and I sampled the Web sites of a variety of financial services providers.

The good news is that we found no outright "horror stories"--practices that would create high-dollar risk exposure.

The bad news is that we found many violations of basic regulatory requirements. This confirmed our theory, based on our consulting work, that there is a widespread lack of communication between the units developing electronic services and banks' compliance experts.

For some reason, when the prefix "e" gets attached to a new product or service (as with "e-commerce"), even banks with top-notch compliance functions somehow forget everything they know about regulations.

We also found a wide spectrum of approaches to voluntary disclosure--efforts to help customers understand Internet banking and make good decisions for themselves.

Those at the better end of the scale are providing customers with information that goes beyond current regulatory mandates. Other banks are meeting only the lower standard of complying with today's rules, which, of course, were not designed with the Internet in mind. Such banks, as a result, are producing sites that arguably are confusing or even misleading to the public. Over the last three decades, banks have learned through bitter experience that customers who feel confused and misled gain the ear of politicians who feel the need for new laws, regulators who feel the need to write new rules, and courts that reinterpret laws and regulations to find new consumer remedies. Today's electronic delivery systems are out in front of the regulatory solid ground-a situation loaded with risk and calling for voluntary efforts to keep risks to a minimum.

Here is a round-up, then, of good and bad practices.

1. Advertising. Every bank Web site we have seen is an advertisement, Therefore, it is covered by the advertising rules that would apply if the same material appeared in a newspaper or other medium.

This means that Web sites for credit products must comply with truth-in lending rules, including assuring that triggering terms are accompanied by required disclosures. [Truth-in-lending disclosures were typically not shown on "shopper" Web sites (ones that have the rates of several banks), where the site is not owned and operated by the bank. …