Hands on desk pointing at paper report

Why the Great Resignation Spells Trouble for Governance, Risk and Compliance

December 20, 2021

As first seen on CUInsight.com.

By Darron Dunn, VP of Client Development and Operations

Credit unions are no strangers to the myriad workforce challenges brought on by the COVID-19 crises. Although you’d be hard pressed to find a department unscathed by high turnover, remote hiring and hybrid work schedules, credit union compliance departments are taking an especially hard hit. This is likely because governance, risk and compliance (GRC) disciplines were already facing a serious shortage of talent even before the pandemic began. 

Our credit union partners consistently report the same five problems, each created or exacerbated by the Great Resignation, and its close cousin the Great Reshuffle:

1. Widening Gaps in GRC Knowledge

When a GRC pro leaves a credit union, the dual pains of shallow compliance teams and a lack of cross training are felt by the entire cooperative. The day-to-day questions that internal teams typically route to their GRC leaders go unanswered, or worse, get answered incorrectly by an assumption or educated guess. Actions taken in response to misinformation can create a sizable mess for the new GRC leader right from Day 1 (not the first impression a credit union wants to give a valuable new employee). 

2. Halted Audits

When a GRC expert departs unexpectedly, credit unions are often unable to complete internal and external audits that are underway. This can be a big problem when the disrupted audits are required by a regulatory statute, as is the case with ACH, BSA and SAFE audits. Without the institutional knowledge of the recently resigned employee, internal audits can stop in their tracks, setting the credit union up for a lack of preparedness for an upcoming exam and even potential fines. The same can be true of outsourced audits, too, as they can become difficult to complete without a designated internal resource to assist with the process. 

3. No Central Repository

A lack of documentation is a common realization that accompanies GRC leadership turnover. Credit unions discover very quickly after a compliance officer or similar soul leaves the cooperative how beneficial it is to “document, document, document” everything the function touches – from underwriting exceptions to complaints management. When processes and procedures – heaven forbid, policies – reside only in the mind of a tenured credit union colleague, remaining staff are left scratching their heads. Team members are unsure where (or even if) written resources exist. When they locate them, they are unsure if they are viewing the most current version. 

4. Costly Marketing Delays

Marketing efforts are typically among the first things to be delayed when a GRC seat becomes vacant. Without an appropriate compliance review, credit union leaders are rightly cautious about taking a product or member marketing campaign live. Launching a new campaign or even posting certain content on social media without the watchful eyes of compliance experts can open the credit union up to unnecessary risk and liability – a problem no chief marketing officer or communications specialist wants to create. 

5. Frozen Policy Reviews

While it’s a best practice for credit unions to review every policy and procedure on the books at least annually, it’s a requirement for ACH, BSA and SAFE. Depending on how the calendar falls in relationship to a GRC team member’s departure, keeping on schedule with board reviews and resulting updates can be troublesome. What’s more, it can start a domino effect of neglected policy reviews that becomes very apparent at exam time. 

Two Complementary Strategies to Mitigate Great Resignation Risks

As the world continues to heal from the various wounds of the pandemic, the Great Resignation and Great Reshuffle will settle down and a new normal will settle in. In the meantime, many of the above challenges – and the risks they open up – can be mitigated by executing two distinct, yet complementary strategies. 

First, credit unions can amp up their retention efforts, focusing specifically on the GRC experts who keep the cooperative running securely, soundly and in compliance with ever-increasing regulation. 

Second, credit unions can begin to integrate technology specifically designed to minimize risks related to unexpected turnover. Collaborative software that automates many of the daily, routine tasks of GRC, like document management, vendor due diligence and board communication, not only keeps work moving, it keeps that work recorded and centralized. 

Deploying better retention and strong technology is an investment in your GRC team – if not the one currently in place, the one your credit union is building for tomorrow.  

Services performed by ViClarity are compliance and not legal in nature, and do not form an attorney-client relationship or any of the protections attendant to the attorney-client relationship.



Recent/Related Articles

The Third-Party Risk Management Imperative Facing All Credit Unions

June 28, 2024

Cybersecurity is a bigger issue than ever before and the widespread reliance on third-party partnerships and vendors brings great risk. Our CEO, Ogie Sheehy, breaks down key elements of a successful third-party risk management program.

The Top 8 Risk Reports for GRC Leaders

May 20, 2024

With factors ranging from the economy to the environment to artificial intelligence playing a part, it is essential for financial institutions, insurers and other regulated businesses to have a sound risk management program in place, and here are 8 reports that help GRC leaders become more strategic.