Are you ready for your fiduciary exam?
Has it been a while since you’ve had an examination of your fiduciary activities? Or have you experienced technology changes or staffing turnover?
Regulatory scrutiny over trust departments and trust companies has increased, leading institutions to evaluate the effectiveness of current procedures and controls. Whether you’re preparing for an upcoming exam or looking to strengthen your practice, we’ve highlighted some of the current hot topics for you.
Third-party oversight
Many institutions have moved toward leveraging third-party relationships to increase the effectiveness and value of services provided to clients, with an increase in outsourced asset management services. The Interagency Guidance on Third-Party Relationships: Risk Management was issued on June 9, 2023, and offers three agencies’ views on sound risk management principles when developing and implementing risk management practices for third-party relationships.
This new guidance focuses on the principle that there is no minimum standard for managing third-party relationships and that risk management programs should be tailored to the risks presented. Some things to consider are whether your outsourced services are considered “critical activities” and what your ongoing monitoring looks like.
- Critical activities: Characteristics of critical activities include those that could cause significant risk to your organization if they fail to meet expectations, have significant customer impacts or have a significant impact on your organization’s financial condition or operations. It’s important to note that these are guidelines, not rules — what one organization views as critical, another may not. Documentation is key to supporting management’s decision on whether or not your third-party vendors provide critical activities and in determining the level of ongoing monitoring to be performed.
- Ongoing monitoring: While you can outsource certain functions, you can’t outsource the responsibility. It’s important to perform ongoing monitoring of your third-party vendors to help ensure they are meeting the expectations of their agreement with you, as well as understand how they are navigating changes in the marketplace. Your monitoring should reflect the level of risk and complexity of that relationship. With the increase in technological advances, such as artificial intelligence and distributed ledger technology, you should consider reaching out to your third party, if you haven’t already, to understand whether this is something they are looking into using, as it may change their risk profile.
In response to technological advances, your organization may start discussing the use of financial technology (fintech) companies — or may be completely averse to the idea. Although this is a relatively new and evolving landscape, that alone shouldn’t be a reason to table the discussion.
The OCC issued Bulletin 2021-40 Third-Party Relationships: Conducting Due Diligence on Financial Technology Companies: A Guide for Community Banks, which, as the title implies, offers guidance on performing due diligence on fintech companies. Although the guidance is geared toward community banks, it can be a useful reference for anyone looking to leverage fintech companies.
Succession planning
We have seen an increase in turnover of long-tenured employees due to retirement, which could leave a potential gap if your institution is not prepared. Some of these employees may have started their careers at your institution, and if a thought-out succession plan has not been developed, you risk losing the knowledge, expertise and client rapport they have developed throughout their careers.
Succession planning shouldn’t wait for the retirement announcement. Now is a great time to reach out to your tenured employees to understand what their road map looks like for retirement. Understanding if they have a one-, three-, five- or even 10-year plan can help your management team understand where they need to focus their staffing efforts and what staffing levels are needed. Depending on where you are located, it may be more difficult to recruit a seasoned staff member than a newer person eager to learn; where your employees are in their retirement journey could impact your hiring flexibility.
Recent regulatory changes
On May 28, 2024, the Securities and Exchange Commission’s amendments to Rule 15c6-1 became effective. This change shortened the standard settlement cycle for most U.S. securities transactions from T+2 to T+1.
Your institution may have relied on your third-party vendors to make the majority of changes needed to meet the T+1 implementation; however, this will not absolve you from all responsibility. Was your staff ready for the change? Did you implement procedures for resolving trade errors in the shortened time frame and are those procedures working? Have you identified common root causes of trade failures and implemented procedures to address these failures? Were your third-party vendors ready for the changes?
Additional information may be found in the OCC’s Bulletin 2024-3 Securities Operations: Shortening the Standard Settlement Cycle.
How Wipfli can help
These are just some of the things we’re hearing from examiners. Wipfli specialists can assess your risk management and compliance of your trust department or trust company and help you strengthen procedures where needed. Contact us today to get started.