Risk Management Services
FIS’ EGRC Solutions builds lasting relationships and creates value-added solutions for our clients. We deliver a high-quality service provided through senior professionals supported by well-qualified specialists who have many years of governance, risk and compliance expertise.
Our mission is to partner with your institution’s management team to provide the necessary qualified expertise to be an effective, proactive and value-added resource. We work closely with management and are immediately responsive to your needs. Our leadership is focused on ensuring that your institution stays ahead of regulatory developments, and that problems are identified early and immediately brought to the attention of management.
Enterprise Risk Management
EGRC Solutions recognizes that each organization requires a customized approach to meet its Enterprise Risk Management (ERM) goals, and we understand the concepts and challenges of implementing and, more importantly, operationalizing ERM programs for financial institutions of all sizes.
Our seasoned professionals design and implement practical ERM programs that are scalable, sustainable and reflective of an organization’s risk profile. These programs also provide institutions with the tools to help them accomplish strategic business objectives while managing the risks associated with those objectives.
For companies that have established ERM programs in place, we have the expertise to analyze and assess those programs, provide benchmarking to industry best practices, and recommend enhancement and change management opportunities.
Areas that we can address include:
- Risk Governance Assessment and Implementation
- Enterprise Risk Capability Assessments
- Defining and Identifying the Risk Universe
- Risk and Control Assessment
- Risk Metric Development (KRIs)
- Issues and Action Tracking Solutions
We fully understand the concepts and challenges of implementing forward-looking risk management practices within banks of all sizes. We know that each organization is different and requires a customized approach to meet its stress testing goals.
Our consultants, on average, have more than 15 years of experience as former risk professionals, bank regulators and Big Four consultants. This enables us to provide a level of expertise and service that is unparalleled in the industry today. We work with an organization to embed stress testing as a key component of a high performance risk management model and to ensure it includes the following five principles:
- Tailored to capture the organizations enterprise risks
- Employs multiple stress testing approaches (i.e., scenario, sensitivity, enterprise-wide and reverse stress testing)
- Is forward looking and flexible
- Produces stress test results that are clear and actionable
- Includes strong governance (i.e., policies and procedures) and effective internal controls
Safety and Soundness
FIS EGRC Solutions provides Safety and Soundness consulting services that assist executive management and board members to fulfill their fiduciary responsibility to establish a strong, scalable and sustainable risk management infrastructure for their bank.
More and more we are hearing from the regulators that banks need to be more forward looking in the way they manage risk across their organization. It also just makes good business sense to employ such a culture. In order to do this, banks have to take the necessary steps to implement a practical risk program that is functional and provides real-time information to senior management and the board. The program must also assist in the management of risk and executive decision making while providing a tool to help grow the bank over the long term.
From a consulting perspective, FIS EGRC Solutions offers risk management services that range from Credit Risk Assessments to Enterprise Risk Assessments, as well as Risk Infrastructure Design and Service Delivery that can help banks reach their risk management goals.
Service offerings include:
- Credit Risk Assessments
- Credit Policy Review
- Credit Policy Training
- Loan Loss Reserve Analysis Review
- Loan Grading and Pricing Review
- Funds Management Review
- Financial Risk Assessments
- Enterprise Risk Management Design and Assessments
Enforcement Action Assistance
How a financial institution addresses and complies with enforcement actions is critical to its viability and thus requires care and diligence and effective implementation strategies. Our staff of former senior banking regulatory examiners are well experienced in responding to supervisory actions including supervisory agreements and formal supervisory enforcement actions such as, but not limited to: Board Resolution; Directive; Memorandum of Understanding (MOU), and Cease and Desist Orders (C&D).
Our staff will:
- Develop a plan for addressing the corrective actions set forth in the enforcement action
- Create an Action Item Matrix to manage the corrective action process
- Recommend timelines for ensuring compliance with required completion dates
- Provide detailed recommendations on the required corrective actions based on size, complexity, product lines and business operations
- Prepare an Enforcement Compliance Tracking Report
- Review and validate the status of corrective actions
- Assist in the preparation of responses to supervisory actions
- Assist in the preparation of periodic progress reports to regulators
- Based on our observations, we will prepare detailed recommendations to strengthen the compliance program, including, where appropriate, language to be included in policies and procedures, suggested new compliance controls, ongoing monitoring and testing, and periodic training programs.
Compliance Risk Management
EGRC Solutions will create a regulatory compliance program that is tailored to the unique needs of each financial institution we serve. Our team of experienced compliance professionals provides the tools and resources needed to ensure a strong compliance posture. Because every client has a different internal structure and set of needs, we partner with clients to provide the level of compliance support that is appropriate for their institution.
Customized services include:
- Risk Assessments
- Compliance Program Development
- Policies and Procedures
- Regulatory Updates
- Exam Assistance
BSA/AML and Sanctions
BSA/AML compliance remains a significant risk for all banks and an important focus for regulators. Our practice is staffed with former federal examiners and BSA officers from foreign and domestic banks.
Our proven approach for creating customized BSA/AML and OFAC compliance programs is designed to meet the unique needs and risks of each financial institution. We assist our clients with establishing and maintaining effective programs to prevent money laundering and terrorist financing activity.
- BSA/AML Risk Assessment
- OFAC Risk Assessment
- Independent Testing
- BSA/AML Risk Assessment
- Policies and Procedures (Transaction Monitoring, OFAC, CIP, KYC/EDD)
- Account Opening Procedures
−Customer Identification Program (CIP)
−Customer Due Diligence (CDD)
−Enhanced Due Diligence (EDD)
Community Reinvestment Act (CRA) Compliance
CRA Compliance is an important consideration in any regulatory application, such as mergers, acquisitions and new branches. Furthermore, the Gramm-Leach-Bliley Act emphasizes the importance of a bank’s CRA performance in determining which banks will be permitted to expand their business beyond normal bank activities.
Our CRA Compliance practice area is led by former federal regulators and CRA bank officers who help you monitor your performance and suggest adjustments to address deficiencies.
CRA Compliance services include:
- CRA Performance Evaluations
- OFCRA Plan Development
- Performance Context Updates
- Assessment Area Delineation
- Lending Performance Analysis
- Community Development Loans Analysis
- Qualified Investments, Grants and Donations Analysis
- Quarterly CRA Performance Updates
- Exam Remediation
- Additional CRA and HMDA Services
−Home Mortgage Disclosure Act (HMDA) and CRA data integrity reviews
−CRA Public File maps
−Assessment area demographic reports
Fair lending continues to grow as a major focal point for regulators in light of the recent mortgage and credit crises. Our fair lending practice is comprised of former federal regulators who specialize in fair lending, and our fair lending services are performed in accordance with the non-discrimination requirements of the Equal Credit Opportunity Act, Fair Housing Act and applicable state laws. We will evaluate your fair lending performance in accordance with the Interagency Fair Lending Examination Procedures and recent regulatory guidance.
- Fair Lending Risk Assessments
- Comparative File Reviews
- Transactional Testing
- Exam Remediation
- Policies and Procedures
Technology Risk Management
Technology is woven into every aspect of a financial institution’s operations and its use will continuously evolve. With the increasing dependence on technology comes an increased risk profile for each financial institution. Our Technology Risk Management Services team is staffed by technology compliance professionals, IT auditors, former federal regulators and IT operational executives, with a focus on managing information security and operational and technology risk. All of our work programs are based on FFIEC guidance, and are tailored to each individual client.
Our approach to an IT Audit, IT Compliance or Technology Risk Consulting project is fit to your specific culture and requirements. The approach is based upon an analysis of your technology infrastructure and your organization’s long- and short-term needs.
Our risk-based IT Audit procedures are customized to your institution’s size, complexity, scope of activities, risk profile, quality of control functions and use of technology. Risk-based IT audits enable your board of directors and management to identify areas of weakness and opportunities to strengthen internal controls.
As your institution deploys more sophisticated technologies, your IT Risk Profile does not need to increase.
- IT Compliance Review
- IT Risk Assessment
- IT Audit Risk Assessment
- Project Management and System Implementation
- Customer Information Security Programs/Gramm-Leach-Bliley Act (GLBA)
- Information Security Risk Assessment
- Information Security Policies and Procedures
- External Security Assessment
- Network Vulnerability Assessment and Penetration Testing
- Social Engineering Testing
- Vendor Management Review and Program Development
- Remote Deposit Capture
- ACH Risk Assessment
- Vendor SSAE 16 Review
- Electronic Banking Risk Assessment
- Disaster Recovery Planning and Testing
- Business Continuity Planning and Testing, including Pandemic Preparedness
- End-user Security Controls
- Internet Banking and Bill Pay
- Network Review
- Change Control
- Computer Operations Review
- IT Management Review
Training is an important aspect of any compliance program. We are experts in compliance training and we can help train your board of directors, management and staff. Our proven teaching methods incorporate real-life scenarios that engage participants in the learning process.
Our compliance training programs are tailored to your specific needs, either as part of our customized compliance program or as a stand-alone product through FIS Regulatory Advisory Services.
- General Compliance
- Bank Secrecy Act/Anti-Money Laundering
- CRA Compliance
- Fair Lending
- Technology Compliance
- Identity Theft Prevention
Examination Preparation and Response
The examination process can be overwhelming, especially if you are not familiar with what examiners expect from financial institutions and how you should participate in the examination process to ensure success. With the recent regulatory realignment, financial institutions are being exposed to new regulatory agencies (e.g., CFPB). Our staff of highly experienced compliance individuals includes former senior banking regulatory examiners who are well versed with the regulatory examination process and examiner expectations and can ensure that your staff is adequately prepared for upcoming regulatory examinations.
For routine scheduled examinations, our staff of former senior banking regulators will:
- Brief staff to ensure they are well versed with examiner expectations
- Communicate with regulators, as warranted
- Attend examiner entrance and exit meetings, as requested
- Assist in preparation of the Information/Document Request
- Prepare examination document request binders
- Review management-prepared responses for the Officers Questionnaires
- Review Examination Reports and assist in preparation of management responses
- Assist board and management in the development of a strong compliance risk management system.
Mortgage Quality Control
Our Mortgage Quality Control services are led by experienced underwriters and compliance professionals. The quality control review and reporting process meets the requirements of all secondary market investors including HUD, Fannie Mae and Freddie Mac.
Loan files are re-underwritten to ensure the loan is in compliance with investor or proprietary product guidelines, lender policy and regulatory requirements. Our mortgage quality control reviews encompass credit, appraisal, closing and legal documentation. The team is staffed by experienced front-line underwriters and mortgage insurance, QC and due diligence professionals who provide a well-balanced understanding of loan risk.
- Verifying the existence and accuracy of all documents used in the underwriting process
- Re-underwriting loans to assure they meet internal lending policy, product guidelines and underwriting requirements of secondary market investors and insurers
- Re-verifying income, asset and credit documentation to prove accuracy of documents used in the underwriting process
- Verifying that the documents used in the underwriting process were issued by the originating source
- Appraisal review – Verifying data and consistency by underwriting the original appraisal
- Ascertaining compliance with RESPA, ECOA, Truth in Lending Act, National Flood Insurance Act, Privacy of Consumer Financial Information and customer identification procedures