The Agency Insider with Linda McGlasson

The Great Circle of Compliance - Be the Hunter or the Hunted

The Great Circle of Compliance - Be the Hunter or the Hunted

Life on the Great Plains for many nomadic Indian tribes was built around the buffalo. The tribes followed the herds of great shaggy beasts across the rolling hills of tall grass, their entire lifecycle centered on the buffalo herd. Braves honed their lance and bow and arrow skills with hours of practice. A common target for the braves' bow and arrow practice was the white skull of a bull buffalo, and the greatest skill could be illustrated by getting a "bull's eye." (This is your history/etymology lesson for the day.) So, life was good all around except for those hapless buffalo that would end up being the tribe's food supply. The Indians paid back by being fertilizer for the buffalo's grass when they died. It all was included in the great circle of life.

For financial institutions, life isn't so simple. But there is a cycle involved -- the cycle of compliance. Regulators see a problem, regulators issue guidance to get institutions to alleviate the problem, and then financial institutions struggle to comply.

Not that we're complaining here, but banks and credit unions face a mountain of regulatory requirements -- more so than any other industry, except maybe the nuclear power industry (and I'm sure we all know why we need to regulate any power supply that when operated inconsistent with the strongest safety measures can make you glow in the dark). Having worked at the Sequoyah nuclear power plant during its construction in Soddy Daisy, Tennessee, I witnessed the literal mountain of paperwork the regulators required. We used to joke that we generated enough paperwork to fill one of the plant's cooling towers. Now, I can think of some other industries that could use a good dose of regulatory castor oil to straighten out the kinks and flaws. How about the mortgage industry or the oil industry as possible places to tighten the regulatory screws?

Financial institutions, you've got to face reality. The rule is: Once regulated, always regulated. In the past year there have been some significant issuances of guidance from the federal banking agencies ranging from business continuity to the ID Theft Red Flags guidance. If you've work in a bank or credit union for more than the last eight years, you'll agree that we've seen the regulatory requirements are increasing, not decreasing. BSA/AML compliance, pandemic planning, vendor management risk management guidance, it seems that financial institutions can't catch their breath before another guidance comes out that they have to be compliant with before their next examination.

There isn't much to the circle of compliance ... as long as you are in compliance.

If you aren't, then to the regulator, you're just another buffalo in the herd with a bull's eye on your side.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.