Compliance Guide

Search Results: Risk-Management

Fed Announces Final Rule Establishing Risk-Management Standards for FMUs Designated as Systemically Important

July 30 – The Federal Reserve Board has approved a final rule establishing risk-management standards for certain financial market utilities designated as systemically important by the Financial Stability Oversight Council. The final rule also establishes requirements for advance notice of proposed material changes to the rules, procedures or operations of certain designated FMUs. FMUs, such as payment systems, central securities depositories, and central counterparties, provide the infrastructure to clear and settle payments and other financial transactions.


Fed Reaffirms Policy of Applying International Risk-Management Standards to Fedwire Funds, Fedwire Securities Services

July 20 – The Federal Reserve Board has reaffirmed its long-standing policy of applying relevant international risk-management standards to the Federal Reserve Banks’ Fedwire funds and Fedwire securities services. These services play a critical role in the financial system and in facilitating the safe and efficient settlement of private-sector financial market utilities.


Ensenta Recognized with TAG FinTech ADVANCE Award

February 14 – Ensenta, a provider of enterprise-wide, real-time SaaS solutions for making mobile and online payments and deposits, announces they were recognized by TAG FinTech, Georgia’s foremost association devoted to the advancement of Georgia’s technology industry, as one of five recipients of a 2017 TAG FinTech ADVANCE Award, which honors leading technology companies in the financial technology sector.


CSBS Releases BSA/AML Self-Assessment Tool

February 7 – State regulators have released a new, voluntary tool to help banks and non-depository financial institutions better manage Bank Secrecy Act/Anti-money laundering risk. (more…)

Crisis Communications

Guard reputation with the right plan and right technology.

By James F. Haggerty


When we think of crises in the banking industry, we inevitably think about events that led up to the Great Recession of 2008: runaway mortgage securitization, the bailout of too-big-to-fail banks, robosigning allegations or litigation surrounding the purported rigging of LIBOR spreads and other aspects of the financial markets.

But for banks of all sizes, there are many other crises that may arise — and addressing such events in an effective and efficient manner can have a huge impact on a financial institution and its reputation. Consider the following examples, from just the past several months:

  • In Pennsylvania, a former bank employee was accused of defrauding the bank of more than $700,000 and for attempting to rig elections for the board of directors.
  • In Florida, a bank was faced with a lawsuit brought by a rival bank over allegations that it used confidential trade information, such as knowledge of salaries, to poach employees.
  • In Virginia, two banks were hit with data breaches, affecting hundreds of customers.
  • In Virginia, a bank robbery occurred where the perpetrator claimed to have an explosive device.

These are events that can do long-term reputational harm — landing a bank on the evening news or front page of the local newspaper and threatening to permanently damage relationships with the community, public morale and successful operation. Today’s accident or violent incident is tonight’s major news story and tomorrow’s regulatory investigation or civil lawsuit. In the event of a crisis, it is critical to have notification and crisis communications systems in place to ensure that customers, employees, authorities and other stakeholders understand what is happening and what the bank is doing about it.

Yet, when crisis hits, some banks attempt to fly under the radar, hoping that a crisis will resolve itself — usually with very limited success. They may pass off responsibility for such public-facing crises to their legal departments. Alternatively, crisis response may be delegated to an outside public relations firm. Banks that choose one of those routes hope that these professionals have experience in working with the media during a crisis and can quickly bring together a team, assess the severity of the issue, prepare the appropriate response and get it to the right audiences before media speculation, rumor and innuendo begin to spin out of control.

Regardless of the path you choose, take a lesson from the Boy Scouts: Be prepared. There are three important steps to take:

  • Create a crisis plan that assigns responsibility in an efficient way during a crisis, incorporates protocols for response and steps to ensure the process runs smoothly, and outlines the tools to ensure proper communications. All of this needs to be laid out beforehand and not made up after the crisis has hit and the first reporter is knocking on your door. In addition, the crisis plan cannot be a big binder that is never updated or one that sits on a shelf gathering dust. It must be a plan that is actionable when a sudden, unexpected reputational event occurs. Too often, banks create crisis communications plans at the behest of their CEO or board and never look at it again. A bank’s crisis communications team has to have a mindset that the plan is being created to be used, rather than to please superiors. You’d be surprised at how often it is the other way around.

    Some elements of an effective plan include:

    • Contact lists of the members of your crisis communications team and other key executives;
    • Checklists and scenario plans that give you a road map to follow during a variety of crisis events; and
    • Templates of statements, talking points, employee and customer messages and other important communications.
    • Arrange a core crisis response team with leader you can trust. You need an individual with excellent organizational skills and the authority to act and lead the effort, bring the team together and make sure your institution executes on the plan. The core team may change depending upon the nature of the crisis, but a team familiar with the crisis plan is essential.

As to your leader, I advocate for the appointment of a permanent chief crisis officer who is trained and ready to lead. Ideally, you want this person to be highly flexible and ready to respond at a moment’s notice. He or she must be a decisive individual who can work across organizational lines and who has the willingness to act. He or she should also be an experienced communicator, with skills adaptable to communicating with sensitivity and nuance before a variety of different audiences.

  • Develop the appropriate technologies to ensure the team is responding efficiently and effectively in the event of a crisis. An optimal tool (1) allows easy access to the crisis plan, documents, templates, contact lists and other key materials; (2) brings the team together so that members can understand what is happening and collaborate on a response, and; (3) provides for easy access and version control of statements, talking points, social media messages and other approved responses, so everyone on the team knows what the community is saying in response.

Consider the following example of an effective crisis communications response:

Recently, a manager stepped off an airplane only to learn his facility was on fire. Ducking into a McDonald’s across the street, he alerted his team and, from his iPad, opened a “Virtual WorkRoom” on the CrisisResponsePro technology portal the facility had subscribed to. The Virtual WorkRoom concept is quite simple, really: Imagine that conference room you might use at your headquarters to gather the team, store key documents and collaborate — if you were all located in the same building. Now replicate that on your computer, tablet and/or smartphone. Suddenly, you no longer have to be in the same building to collaborate effectively in the event of a crisis.

In the example above, the CEO and his team exchanged details and strategy for proper response, quickly consulting the crisis plan. A template from the database on the site was downloaded, edited and circulated amongst the team. With relevant details inserted, a media statement was uploaded to the document storage area, which the team reviewed and approved before posting on the facility website. The statement was also made available to any media members who called or showed outside the site looking for comment.

The entire process took a total of eight minutes. The speed of the response averted additional questioning, the surfacing of erroneous follow-up stories and further speculation. Crisis averted.

In the end, crisis communications is as much a risk-management task as a public relations effort. With proper planning, training and technology, you can ensure that the inevitable doesn’t become the unmanageable. And this can mean the difference between a crisis that is controlled and one that threatens overall reputation, morale, marketing and sales efforts.


James F. Haggerty is an attorney, author and communications consultant based in New York. He is the founder and CEO of CrisisResponsePro, online subscription software for crisis and litigation communications. He can be reached at


To Hedge or Not to Hedge

Futures can be a valuable risk-management tool.

By Jon Marcus

In the vast investment markets surrounding the ag business, hedging is a useful tool, when used the right way. By definition a hedge is an investment position intended to offset potential losses that may be incurred by a companion investment. The primary goal of a hedge isn’t to make money, rather to protect from losses and limit risk.


Plan in the Future, Not the Past

By Don Musso and Stephen Brown Klinger

The article is the second of a four-part article series on strategic planning adapted from FinPro’s 2016 State of the Industry speech titled “The Traditional Community Bank Model is Dead.” The first article, “Focus on Customers, Not Products,” appeared in the October issue of BankNews. The next topic is “Focus on Relationships and Not Transactions,” which is scheduled to be published in February 2017.


2016 Risk Maturity Model Recognition Recipients Announced

October 31 – Fourteen companies, out of 361 applicants, have received the 2016 Risk Maturity Model (RMM) Recognition, a distinction that highlights enterprise risk management leaders and successful ERM programs. Presented by the authors of the RMM, LogicManager and RIMSthe risk management society™, the recipients were announced at the RIMS ERM Conference in Atlanta last week.


Lessons Learned from 2016 Risk Management Summit

September 26 – Sageworks, a financial information company that provides lending, credit risk and portfolio risk solutions to banks and credit unions, today shared a re-cap of its 2016 Risk Management Summit. Held this year on Sept. 14-16 in Austin, Texas, the Summit is the annual, premier conference covering the allowance for loan and lease losses (ALLL) and stress testing for bank and credit union professionals.


Lenders Try Marketing

Producers who chart strategies, view their effect on average price and make decisions accordingly can break free from emotional decision-making.

By Patrick Patton

Several years ago, we were part of a team that devised a way to simulate commodity price risk-management activities for lenders. The idea was to help them better understand how to use tools available to their farmer clients for managing risk. Lenders would also feel the emotions that often dominate risk management, perhaps leading to more common ground in conversations with farmers about marketing strategy.


Kryptronic Internet Software Solutions