For financial institutions, risk manifests itself in a number of different ways. But unless you’re playing fast and loose on Wall Street, risk is something banks and credit unions must work to control – especially when it comes to operations and compliance risks.
The Federal Financial Institutions Examination Council (FFIEC), the Consumer Financial Protection Bureau (CFPB), the Federal Deposit Insurance Corp. (FDIC), the Dodd-Frank Wall Street Reform and Consumer Protection Act. The list of regulatory and reporting concerns and their corresponding acronyms quickly become alphabet soup. And the rules governing agencies and laws don’t always translate easily into clear and concise “you must do this and not that…” English. More often the regulatory language is more like “you might do this, or could do that….”
“At the end of the day, risk management is about understanding the risks that you’ve decided to accept and then being able to control that risk to keep it as manageable as possible,” says Tom Hinkel, Safe Systems’ director of compliance. “There’s no such thing as 100% risk avoidance.”
Hinkel aims to translate regulatory language into actionable advice for banking management and IT departments every day at Safe Systems, and often shares his insights through his popular blog, The Compliance Guru. He is now sharing his expertise in his new book, Risk Management for Financial Institutions, available now on Amazon.
The various rules and regulations governing banks and credit unions are often densely written and chocked full of complicated and non-prescriptive language. However, Hinkel believes that a sound understanding of the fundamentals will help most institutions build a framework for compliance-centric operations. To that end, Hinkel says he aimed to stick to the basics in his new book.
“I want to make the point that the fundamentals of risk management apply to all risk,” he adds.
Hinkel says the book can act as a guide for those who hope to gain a better understanding of risk’s various forms – from operational to reputational to regulatory – and help senior management and IT leaders develop an enterprise framework that will guide their own institution through an ever more challenging industry.
“You don’t have to learn every little thing about risk to understand how to react to it,” Hinkel says. But you do have to understand the basics.”
With those basics in mind, Risk Management for Financial Institutions covers a range of topics relevant to banks and credit unions, including risk management fundamentals, third-party risk, new and emerging technology, and regulatory requirements and best practices, and includes checklists, questionnaires and downloadable tools for financial institutions. The book is positioned to help administrators, ISOs, CIOs, internal auditors and other stakeholders help achieve regulatory and compliance expectations.
“Risk management is a concept as well as a process,” Hinkel says. “If you understand the concept, then you are going to understand how to accomplish it.”