Compliance.  An ever-evolving threat to community banks

Banks are doing the best they can these days to deal with what has become a pretty complicated regulatory landscape, thanks to a big push for better consumer privacy, data protection, environmental laws, and corporate governance. Running afoul of these mandates can come with pretty burdensome penalties. Just look at Goldman Sachs, Wells Fargo, and JP Morgan Chase—they've shelled out almost $12 billion in fines in the fairly recent past.

And while burdensome fines are certainly a huge concern, losing money is just part of the problem. There’s also the hit to reputation, potential loss of business partners, employee turnover, and a drop in trust in their management. Banks have learned the hard way that any slip-ups in this field can lead to big losses, especially with how strict the rules have become. So, here are some things to think about:

How have banking regulations changed recently?

Banks have always had compliance models, but with today's regulatory environment, they're doubling down on their compliance culture and processes. The old-school compliance models were more about advising rather than managing risks. They focused on preventing data theft, avoiding government fines, stopping tax evasion and money laundering, maintaining ethical standards, spotting potential risks, and sometimes creating compliance programs or policies. That’s the compliance department of a few decades ago.

What’s new in compliance?

Nowadays, compliance leaders have a much bigger role in managing and communicating risks. They need to show investors, customers, and everyone else that data protection, climate change, and social responsibility are core values of the company.

The reality is that compliance leaders are now dealing with complex and sometimes vague issues and regulatory frameworks. These span across the entire organization, covering everything from sustainability and social responsibility to privacy and data security.

Compliance can’t just be an “advisory” function anymore. It needs to be a company-wide mindset, led by top executives. These leaders are key in creating a strong compliance culture, advising on sound compliance technology decisions, and building resilience throughout the organization.

In forward-thinking banks, compliance is spreading beyond the traditional department and into other areas of the organization like sustainability and risk management. But for this to work, the whole enterprise needs to be integrated and agile. With an uncertain economy, geopolitical unrest, and evolving regulations, when compliance is under pressure, so is the entire organization.

What’s keeping CIOs, CISOs, and CTOs up at night?

Data is the big topic—managing it, protecting it, and getting the best return on investment from it. Bankers worry about cybersecurity and the new, somewhat murky frameworks around ESG (Environmental, Social, and Governance).

A Deloitte/FS-ISAC survey showed that bankers are very concerned about cybersecurity. This includes dealing with a borderless workforce, Shadow IT, upskilling employees, and building consensus, along with the role IT plays. There are also concerns about whether there are enough resources and how IT and cybersecurity should work together.

Some banks treat cybersecurity as an IT function, which can get complicated, while others see them as separate but equal functions. Neither approach is perfect, but banks need to ask these questions to find the right answers.

The banks that feel most comfortable are those investing in emerging technologies like cloud, data analytics, AI, ML, and robotic process automation. They manage the decision-making process around integrating new technologies well and understand that decisions need to be integrated across the organization. Ultimately, it’s about how the cybersecurity function is coordinated.

What About ESG?

ESG is a huge issue right now, largely because requirements are ill-defined and constantly changing. The regulations around climate change, greenhouse gas emissions, workplace safety, human rights, and diversity are growing and evolving faster than banks can keep up.  Compliance with these regulations involves collecting, monitoring, analyzing, and reporting a lot of data. It also involves adding and funding the resources to stay compliant. Couple this with the pressure from customers, employees, and various regulatory agencies like the OCC, SEC, Department of Labor, EPA, and Federal Energy Regulatory Commission, banks truly need a compliance strategy that includes:

  1. Cultivating a compliance mindset: Shift from a reactive and advisory role to a proactive, collaborative one. Cybersecurity and ESG should be a priority for the whole organization.
  2. Building consensus on data challenges: Create a seamless, enterprise-wide data management and information-sharing process to efficiently handle risk information and insights.
  3. Breaking down departmental silos: Align compliance, risk management, and corporate sustainability to integrate processes across the entire organization.
  4. Adopting the right technologies: Use new technologies like AI, ML, and cloud to make compliance more efficient and effective, reducing manual, error-prone tasks. AI and ML-powered automated processes and cloud-based technologies can significantly enhance the compliance function. According to Accenture, banks can “strengthen their compliance function with artificial intelligence (AI) and machine learning (ML)-powered automated processes and cloud-based technologies.¹  

Why the constant discussion around compliance? There’s nothing more important than a bank’s reputation, along with its operational integrity. And, the challenges grow every day. With consequences such as large fines, irreparable reputational damage, and customer attrition, making the investment in a compliance mindset, employee training, and the right technologies is an absolute must. 

Bank Marketing Center

Here at, our goal is to help you with that topical, compelling communication with customers — developed by bank marketing professionals for bank marketing professionals — that will help you build trust, relationships, and revenue. 

Our web-based platform puts our client partners in complete control of their marketing message production, as well as their enterprise-wide compliance approval processes. We’re also proud of the fact that we currently work with hundreds of financial institutions. 

Want to learn more about what we can do for your community bank and your marketing efforts? You can start by visiting Then, feel free to contact me directly by phone at 678-528-6688 or via email at  As always, I welcome your thoughts.

1Accenture. 2022 Compliance Risk Study Report. 2022.