Episode 12: The Importance of Compliance Risk Assessments
Podcast

Episode 12: The Importance of Compliance Risk Assessments

July 24, 2023

In the latest episode of our Risk Intel podcast, host Ed Vincent was joined by Mike Jones, Chief Compliance Officer at Strategic Risk Associates (SRA). With his extensive experience advising bank CEOs and serving as a Chief Compliance Officer in the FinTech industry, Mike shared invaluable insights into the realm of compliance risk assessments.

Understanding Compliance Risk Assessments

Mike highlighted the fundamental risk assessments that every institution should have: a compliance risk assessment and the Bank Secrecy Act Anti-Money Laundering (BSA/AML) and Office of Foreign Assets Control (OFAC) risk assessment. These assessments allow organizations to evaluate compliance risks based on federal and state laws, regulations, and agency guidelines.

A well-designed compliance risk assessment program should consider the applicability of laws and regulations to the institution's specific products and services. It requires assessing both the quantity of risk, which is inherent in the environment, and the quality of risk management, including the effectiveness of control programs.

The Process of Completing a Compliance Risk Assessment

Completing a compliance risk assessment involves mapping applicable laws and regulations to business areas and products, assessing the quantity and quality of risk, and assigning an overall risk score. Each institution's risk assessment is unique, considering factors such as recent enforcement actions, audit findings, and compliance management system effectiveness.

Compliance risk assessments require meticulous examination of external sources such as statutes, industry guidance, and enforcement actions. Internal materials like policies, procedures, training, and complaint history also contribute to the assessment. The goal is to create a comprehensive risk assessment tailored to the institution's risk appetite and product set.

The Benefits of External Expertise

Engaging a third-party specialist in risk assessments can provide regulators with assurance that an organization is prioritizing compliance. Having an off-the-shelf risk assessment tool with embedded expertise allows organizations to efficiently administer, update, and maintain their risk assessments.

The Outcomes of a Well-Constructed Risk Assessment

A robust compliance risk assessment empowers organizations to determine their overall compliance risk and identify top risk areas. It helps them understand key compliance risk drivers and implement risk mitigations and controls. By creating a heat map, institutions can strategically focus their monitoring, testing, and compliance management activities on critical areas.

"Its really that top 20-30% of the key risks that probably represent 80% of your vulnerability - allowing you to strategically focus your monitoring and compliance management activities on the things that really matter" - Mike Jones, Chief Compliance Officer

Conclusion

Compliance risk assessments are vital tools for organizations to proactively manage their compliance risks. With a tailored approach, a comprehensive understanding of applicable laws and regulations, and a focus on risk improvement activities, institutions can ensure compliance and navigate regulatory examinations with confidence.

Don't miss out on Mike Jones' insightful discussion. Tune in to the full Risk Intel podcast episode now or watch below to gain valuable knowledge on compliance risk assessments and strengthen your organization's overall compliance practices.

RMA RIsk Maturity Framework

Powered by SRA Watchtower

Take the self-assessment today to
measure your institutions risk maturity.
SCHEDULE a demo
risk maturity framework

EXPERIENCE. WISDOM. KNOWHOW.

Book an

SRA CONSULTING

discovery session

SCHEDULE NOW
enterprise risk management for credit unions
Three ways to tap into the people, technology and insights of SRA Watchtower.
We're focused exclusively on the serving the financial & Insurance industries.

DISCOVERY 
SESSION

Discovery Session
Schedule a 30 minute discovery call with an SRA Watchtower risk expert to understand your challenges or opportunities ahead to see how Watchtower's holistic risk intelligence platform can support your goals.
SCHEDULE NOW

WATCHTOWER
DEMO

watchtower demo
Look inside Watchtower, the holistic risk intelligence platform to learn how it helps executives navigate risk and drive growth.
BOOK TODAY

Risk Intel
Podcast

Risk Intel Podcast
Listen and learn from SRA Watchtower risk enthusiasts, customers, and experts across the financial industry through our weekly risk focused podcast.
REGISTER

RMA RIsk Maturity Framework

Powered by SRA Watchtower

Take the self-assessment today to
measure your institutions risk maturity.
SCHEDULE a demo
risk maturity framework