Approaches to Managing Compliance Risk

By Foster, Beverly J. | The RMA Journal, May 2005 | Go to article overview

Approaches to Managing Compliance Risk

Foster, Beverly J., The RMA Journal

Four compliance officers--at institutions ranging from $3 billion to $95 billion--talk about their programs, their backgrounds, and compliance training. They also present their wish lists for the coming year and offer advice to other institutions seeking to strengthen their responses to compliance risk.

In a recent "West Wing" episode, Chief of Staff C.J. Cregg is presented with two solutions to a problem with termites, while she also grapples with the prospect of major repercussions from Leo McGarry's secret meeting with Fidel Castro--not to mention the usual array of critical issues. With equal parts exasperation and exhaustion, she asks, "Can't we just get rid of the damn bugs?"

Compliance officers must feel like that. Not that long ago, compliance was a part-time job at many institutions; now there are compliance departments with multiple personnel, and the task still seems overwhelming. Everyone knows that examiners are looking at some issues with greater scrutiny than others, but no one's telling them which ones aren't critical. It might make sense for a compliance risk manager to pass along over-the-top mitigation demands to a bank's business line managers to ensure enough bug spray to kill the bugs several different ways. However, that's just not realistic. So they must help the business lines figure it out.

Compliance leaders front two community banks and two regional banks stepped out of the fray long enough to answer some questions from The RMA Journal on how their institutions are managing compliance.

The Programs

Responses from all four participants reflect the changing focus of the regulatory environment by stressing the importance of risk-based practices. Michael Matossian, chief compliance officer at Fifth Third Bancorp, says that when managing compliance risk it is imperative to "ensure the risk taken is the risk intended." Pacific Capital Bank's Compliance Department begins its mission statement, "To promote an effective risk control environment that ensures all protections and benefits adopted by lawmakers are extended to each customer of the bank, thus allowing the bank to better serve its communities." Banner Bank's risk-focused program is based on the requirements of its primary regulator, the FDIC, as well as best practices seen at other commercial banks, and is complemented by separate programs addressing BSA/Anti-Money-Laundering (AML), OFAC, and Community Reinvestment Act compliance.


Fifth Third Bancorp and PNC both are migrating toward enterprise-wide compliance programs, Fifth Third is enhancing its "reputation capital" by helping to ensure the bank's ongoing adherence to laws, regulations, and internal controls. An interesting second part of Pacific Capital Bank's mission statement is to minimize the level of regulatory expenses to the bank and its shareholders; the Compliance Department particularly prides itself on expertise in consumer protection regulations.

Not unlike the other institutions, the front end of PNC's process is a partnership with the business lines to help them identify emerging risks, advise them of changes in the regulatory environment, and work with them to develop compliant operating procedures and processes; the back end of the process includes compliance testing prioritized by risk in each business, using the results to work with the business lines on solutions to address any issues. "We maintain very open communication," says Jack Wixted, chief compliance and regulatory officer for PNC. "The stakes are much higher today for maintaining a robust compliance program. As has been seen, failure to do so, especially in anti-money-laundering, can be franchise-threatening. We want issues to surface immediately, so we can help our business lines address them; however, they all know that each line owns the compliance risk and must assume ultimate responsibility."

Fifth Third's compliance program generally consists of decentralized accountability for compliance at the affiliate level, centralized line-of-business direction, periodic compliance risk management (CRM) risk evaluation and assurance monitoring, and independent audits. …

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • A full archive of books and articles related to this one
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items

Items saved from this article

This article has been saved
Highlights (0)
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

Citations (0)
Some of your citations are legacy items.

Any citation created before July 30, 2012 will labeled as a “Cited page.” New citations will be saved as cited passages, pages or articles.

We also added the ability to view new citations from your projects or the book or article where you created them.

Notes (0)
Bookmarks (0)

You have no saved items from this article

Project items include:
  • Saved book/article
  • Highlights
  • Quotes/citations
  • Notes
  • Bookmarks
Cite this article

Cited article

Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)


1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25,

Cited article

Approaches to Managing Compliance Risk


Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Full screen

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Citations are available only to our active members.
    Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25,

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

    Already a member? Log in now.