Jared Ihrig

Create a culture of compliance

Start with a step-by-step compliance risk assessment.

September 14, 2018

In the good old days of compliance, credit union regulators often placed little to no emphasis on consumer compliance issues.

But with the advent of the Bureau of Consumer Financial Protection and more emphasis on consumer protection, other regulators have stepped up their compliance game “to ensure they are meeting their prudential regulatory obligations,” says Jared Ihrig, CUNA’s chief compliance officer, who spoke at the co-located CUNA Technology Council and CUNA Operations & Member Experience Council Conferences in San Francisco.

“Credit unions need to consider developing compliance management systems. For many credit unions, it is no longer sufficient to just have one compliance person. The fire is getting hotter.”

This new atmosphere has created several new “compliance truths,” Ihrig says:

  • The CEO can’t sit on the sidelines. Full engagement is required.
  • The more you talk about risks and compliance, the better prepared you’ll be to deal with them.
  • The board and management need to reconcile any differences they have in their risk appetite. Doing so will help both parties achieve focus.
  • Both documentation and execution are critical.
  • A properly implemented compliance framework can result in faster and better decisions.

Proper compliance management is crucial, Ihrig says. Look no further than recent events involving Wells Fargo, which resulted in 61 publicly reported consequences in the first 30 days following the announcement of sanctions, Ihrig says.

Avoiding such consequences requires instilling a “culture of compliance” at your credit union, Ihrig says.

He suggests starting with a compliance risk assessment that examines six things, including:

  1. Your credit union’s compliance and ethical procedures and standards.
  2. Board and senior management oversight and governance of your compliance program.
  3. Compliance communication and training efforts.
  4. Compliance monitoring and testing procedures.
  5. Compliance incentives, enforcement and when necessary, internal disciplinary processes.
  6. The credit union’s responsiveness to compliance misconduct.

“It’s always better to find compliance issues internally,” Ihrig says, “rather than an examiner, an external auditor—or having a consumer file a lawsuit.”

Click here for more conference coverage from CUNA News, and get live updates on Twitter via @cumagazine, @CUNA_News, @CUNACouncils, and by using the #TechCouncil and #OMECouncil hashtags. Learn more about the CUNA Councils, a member-led professional society for credit union executives, at