Control breakdowns over the governance of retail product sales practices can erode trust in the banking system. Effective systems to detect and address fraud and possible unfair or deceptive practices in a timely manner, including effective complaint management systems, are critical.
At midsize and community banks, the OCC will continue to focus on strategic risk, credit risk, compliance risk and cyber resiliency – themes broadly unchanged from six months ago. In addition to sales practices, for larger institutions the agency will focus on compliance risk management – particularly change management dealing with the TILA-RESPA integrated disclosures, flood insurance, the Home Mortgage Disclosure Act and new Military Lending Act rules – as well as operational risk and third-party risk.
Credit risk is rising, the agency found, as an ongoing trend in easing underwriting is compounded by “increased risk layering,” such as more policy exceptions, higher loan-to-value ratios and weaker covenants. The OCC noted particular concern about commercial real estate concentration risk at community banks.
In addition to compliance change management, the OCC highlighted growing compliance risks for anti-money laundering and Bank Secrecy Act rules. The agency noted that technology designed to improve efficiency can “create vulnerabilities that can be exploited by criminals,” adding that “timely identification” of these openings “continue[s] to present challenges.”
Read the report.