The third quarter saw a 26% rise in the compliance burden for financial institutions.
Ouch.
This data arrives via the Banking Compliance Index, or BCI, produced by Continuity Control, a New Haven, Conn.-based provider of a cloud-based compliance management system for community banks and credit unions. The latest results of the index were announced Saturday, November 15.
Altogether, 82 new regulations or changes to existing regulation were introduced in the quarter — about 3,404 pages. This resulted in the average institution having to devote 653 additional employee hours — the equivalent of 1.86 FTEs — to handle the new regulation in the quarter, and spend an additional $45,264.
Needless to say, this is a drain on resources most smaller banks cannot afford — and one result of the growing regulation is a chill on innovation. Customers of small banks and credit unions wondering why their FI doesn’t have the snappiest new mobile app need look no further than the BCI.
Continuity Control estimates the increase in regulations resulted in $300 million additional costs to the industry as a whole.
“If you weren’t measuring this stuff, it would have felt like this quarter was a light one in terms of compliance,” Pam Perdue, executive vice president of regulatory insight told Bank Innovation. Bankers contacted in connection with the BCI echoed this sentiment. But this is the highest number of changes in a single quarter since 1995, according to Continuity Control.
The increase in regulations is colliding with institutions that have not kept pace as technology has advanced in financial services. Perdue gave the example of HMDA, the Home Mortgage Disclosure Act. HMDA requires that certain data points from loans be reported. Many institutions will make this a two-step process: 1) Collect data points, and 2) Report them.
“This is adding work,” Perdue said. “This needs to be a one-step process.”
Compliance management solutions, such as that offered by Continuity Control, which is built for smaller banks, will report that information as the data is collected. Larger institutions, which have advanced compliance management systems, the scale to field a team of compliance experts, and the IT infrastructure to better build compliance into systems, can absorb the growing regulatory burden far better than the little guys, who may still be relying on spreadsheets and filing cabinets full of reams of dead trees.
There are small signs of hope for the little guy, however. The regulatory agencies themselves have reached out and asked to look at Continuity Control’s data. “Regulators often have limited visibility into the process banks go through to be in compliance,” Perdue said.
More visibility, and more talk between bankers and regulators, can only be to the good.