Making sure your community bank’s commercial loans are compliant may mean borrowing strategies from the world of consumer loans.
By Beth Mattson-Teig
Rules originally aimed at protecting consumers are spilling over to affect commercial loan products—and, in the process, creating an increasingly complex compliance environment for commercial lenders.
“I would say that Washington is trying to pound a square peg into a round hole in trying to make commercial compliance more like consumer so that regulations can be much more standardized,” says Bradley Stevens, president of Stevens Risk Management LLC in Minneapolis. The problem commercial lenders bump up against is that commercial lending is highly nuanced compared with more boilerplate consumer loans, he adds.
Although compliance policies and procedures are often tailored to the consumer side, it’s important for banks to put on their commercial lending hats and look at the applicability of commercial rules, says Raji Sathappan, managing director at accounting and consulting firm Mercadien Group in Princeton, N.J.
Primarily, community banks need to conduct a risk assessment and look at the applicability of regulations across their products, as well as determine what part of the regulation applies. Everyone has a risk assessment, but its quality is critical. Do you have a wide and shallow risk assessment, or a narrow and deep one? Regulators are generally looking for the latter, Sathappan says.
Community banks should get their commercial lenders together to discuss compliance and give them a voice in the process, which helps them to better understand the rules, Sathappan says. In addition, reviewing exam reports to see where commercial lending was cited can lead to a larger discussion of policies and procedures, she adds.
Avoiding common missteps
Some of the hot spots in commercial compliance these days relate to fair lending practices within the context of business lending and Regulation B’s intent to borrow jointly, complying with the 30-day clock related to adverse action notices and discriminatory treatment. “Fair lending has always been on the consumer side and the commercial side of lending, and now there is a heightened focus and a new level of compliance testing on the commercial side,” says Michael J. Marino, executive vice president at M & M Consulting in Springfield, Mass.
Bankers may believe that having financial statements come in with the spouse’s information included is adequate to communicate joint intent. However, that isn’t the case. Joint intent has to be clear from the time the application is received.
“Part of the reason this trips banks up is that commercial lending does not have a formal application similar to the consumer side,” Sathappan says. “So, lenders sometimes don’t document that joint intent sufficiently.” She adds that using model application forms, as well as training and conducting file reviews, will help commercial lenders to comply with that rule.
Another common misstep is not providing adequate documentation on timing related to the 30-day time period for adverse action notices. When does that clock start? If it stops for a particular reason, why? Disparate treatment and the idea of treating one borrower differently from another can be a slippery slope. Banks have to be careful in providing the same treatment to everybody and document those files. They also need to adhere to fair lending compliance in the context of the current market, specifically as it relates to Paycheck Protection Program (PPP) loan applicants and requests for loan forbearance. Make sure all PPP loan applicants and forbearance requests are treated the same with no disparate treatment.
Best practices to avoid penalties
Banks can stay on the right side of regulators by following best practices, including being consistent in underwriting and credit analysis. For example, banks need to make sure lenders have a good, user-friendly credit policy.
Some banks may have procedures mixed in with policies. The credit policy has to be a clearly defined “why” they are making credit decisions versus the “how” of procedures. It helps regulators understand the bank’s approach to credit and risk while providing a friendly directive that staff can easily understand and use.
“Make sure people are adhering to your credit policy and people aren’t making a lot of exceptions,” Stevens says. “The more exceptions you have, the more you are going to get in trouble.” He adds that credit policies should be evaluated and updated every two or three years to reflect current regulations and changes in the market.
“The greatest value of [third-party firms or consultants] is that they bring experiential treatment from numerous institutions and organizations.”
— Michael J. Marino, M & M Consulting
It’s important to keep lines of communication open to make sure everyone at the bank is on the same page and to maintain a good relationship with regulators so that the compliance officer is comfortable asking questions. Another good strategy is to use pre-closing and post-closing checklists that are regulatory-oriented and that offer guidance to ensure that everything that needs to be done is completed, Marino says.
After closing, ensure that the documentation and onboarding for that borrower is done appropriately. Community banks can get some safe harbor by using model forms.
It may also be helpful for banks, especially those with fewer employees, to leverage the expertise of third parties that can provide consulting, auditing or loan review services.
“The greatest value of those firms,” Marino says, “is that they bring experiential treatment from numerous institutions and organizations.”
Tackling cyber threats
ICBA’s Cyber and Data Security Guide has resources to educate your bank’s customers on what to do in the event of a cyber threat or breach. Visit icba.org/cybersecurityguide to see the toolkit.
Beth Mattson-Teig is a writer in Minnesota.