Compliance Experience:

Compliance Management System:  The Compliance Management System (“CMS”) will include a Compliance Program and Policy Manual, Compliance Department, Compliance Training, Compliance Audits, Complaints and Inquiries Management, Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) Management, Privacy Management, Information Security Management, Contracts Management, Vendor Management, and the Board of Directors Audit Committee.   

Compliance Department: The Chief Compliance Officer will oversee the Compliance Department, which provides compliance guidance to corporate business partners.  Compliance will monitor and review new and revised regulations and guidance promulgated by federal regulators such as the OCC, CFPB, FDIC, FTC, and the FCC.  The Compliance Department will take a proactive monitoring approach to identify procedural or training weaknesses, to preclude regulatory violations.  The Compliance Department will review and approve all communications to consumers and customers. Compliance will attend online legal and compliance webinars and subscribe to law firm compliance update communications to stay current with regulatory actions, statutory and regulatory changes, and case law developments.​

Compliance Program and Policy Manual: The Compliance Program and Policy Manual includes the following Policies as applicable: Compliance Program and Policy; Code of Ethics Policy; Unfair, Deceptive, or Abusive Acts or Practices Policy; Privacy of Consumer Financial Information Policy; Information Security Policy; Identity Theft Protection Program Policy; Complaints and Inquiries Policy; Fair Credit Reporting Act Policy; Fair Debt Collection Practices Act Policy; Telephone Consumer Protection Act Policy; CAN-SPAM Act Policy; Electronic Signatures in Global and National Commerce Policy; Social Media Policy; Vendor Management Policy; Federal Right to Financial Privacy Act Policy; Equal Credit Opportunity Act and Regulation B Policy; Servicemembers Civil Relief Act Policy; Bank Secrecy Act Policy; Office of Foreign Assets Control Policy; Truth-in-Lending Act and Regulation Z Policy; and Community Reinvestment Act Policy. A quarterly Compliance Policy Report will be presented to the Board of Directors Audit Committee.    

Compliance Training:  The enterprise-wide Compliance Training Program for employees includes the following areas: GBLA (Privacy and Information Security), UDAAP, FDCPA, FCRA, ECOA/Fair Lending, TILA, EFTA, TCPA, FTCA, SCRA, BSA/AML, and OFAC. The Board receives specific training on an annual basis, such as Privacy and Information Security, Complaints and Inquiries, ECOA/Fair Lending, and BSA/AML.  A quarterly Compliance Training Report will be presented to the Board of Directors Audit Committee.    

Compliance Audits:  The Compliance Audits Program includes independent reviews of compliance with consumer protection laws and regulations and adherence to internal policies and procedures.  An audit complements the internal monitoring system and it helps management ensure ongoing compliance and identify compliance risk conditions. I will help determine the scope of the audits and the frequency with which audits are to be conducted.  A quarterly Audit Management Report will be presented to the Board of Directors Audit Committee.

Complaints and Inquiries Management:  The Complaints and Inquiries Management Program will include the board-approved Complaints and Inquiries Policy. The Complaints and Inquiries Tracking System will track all matters by using specific codes.  The codes will be assigned once a review of the Complaints or Inquiries response is completed. Compliance will review all responses before they are sent.  Using the codes, various reports can be generated regarding Complaints and Inquiries.  These reports will be shared with the Complaints and Inquiries Committee and further discussed in the quarterly Complaints and Inquiries Meeting, which will include senior management from all departments.  A quarterly Complaints and Inquiries Management Report will be presented to the Board of Directors Audit Committee.  

Bank Secrecy and Anti-Money Laundering Management:  The BSA/AML Program includes a board-appointed BSA Officer to implement the BSA/AML Program.  The Program will include the Board approved BSA Policy, the Office of Foreign Assets Control (“OFAC”) Policy, a BSA Risk Assessment, a BSA Officer, a Customer Identification Program (“CIP”), a system of internal controls, testing of BSA compliance and monitoring, and BSA training for all employees and members of the Board.  A quarterly BSA and OFAC Management Report will be presented to the Board of Directors Audit Committee.​

Privacy Management: The Privacy Program will include a Board-approved Privacy of Consumer Information Policy and the Federal Right to Financial Privacy Act Policy, if applicable.  The Policies will formalize the commitment to safeguard customers’ personal information, transactions, and account records while guiding employees in carrying out their responsibilities.  The Compliance Department will ensure that the customers’ records are accurate and confidential and that the customer receives the required disclosures and an annual Privacy Notice each calendar year.   A quarterly Privacy Report will be presented to the Board of Directors Audit Committee.​​

Information Security Management:  The Information Security Program includes a board-appointed Information Security Officer to implement the Information Security Program.  The Board will approve the Information Security Policy, which will communicate the requirements for the secure use of company resources and represent the strategy for how to implement the information security principles and technologies. This Policy represents senior management’s commitment to maintaining a secure network, which will allow the IT Staff to do a more effective job of securing the information assets. The Policy also provides legal protection by specifying exactly how users can and cannot use the network, how they should treat confidential information, and the proper use of encryption. The Policy intends to communicate the requirements necessary for compliance with any applicable regulations, as well as any data confidentiality agreements with third parties.  A quarterly Information Security Report will be presented to the Board of Directors Audit Committee.

Business Continuity Planning Management: The Business Continuity Program (“BCP”) addresses how a company or financial institution will respond to events that significantly impact business. The BCP should be designed to permit a company to resume operations as quickly as possible, given the scope and severity of the significant business disruption. A BCP should cover - Data backup and recovery; all mission critical systems; financial and operational assessments; alternative communications with customers, employees, and regulators; alternate physical location of employees; counter‐party impact; regulatory reporting; and assuring customers prompt access to their funds or services if operations are unable to continue.  


Legal and Compliance Executive