top of page
  • Writer's pictureJulie Piepho


August 2, 2023

By Julie Piepho, Principal, BlackFin Group

A Compliance Management System (CMS) is required for all financial institutions. No matter who your regulator is, they will want to review your CMS and your testing results (unless you put them under attorney client privilege – which generally is hard to do because there shouldn’t be anything to hide). It is a central focus of how your institution is managed on the compliance side. It is a formal program and takes time to develop, review and test. Your CMS should be reviewed at least semi-annually so it is kept up to date with any changes to regulations or changes within your financial institution.

There are 4 interdependent elements of a CMS:

  • Board and Management Oversight

  • Compliance Program

  • Compliance Audit by an Independent Body

  • Consumer Complaint Program

I do want to emphasize that the board and executive management needs to understand the CMS and how it works with the risk strategy for the institution. It should not be a program that is an automatic approval at the board meeting once a year with no one reading it or understanding it.

The consumer complaint program needs to be a robust program. It should not be just a phone number or link on the home page of your website for a customer to call or write a complaint. The program needs to have procedures for each branch location to log in customers that come into the location that makes a complaint to any employee – no matter how small or large – and monthly send them into a centralized location for roll-up reporting. Trending reporting can occur and if there are systemic issues, they can be resolved.

The compliance program is the bible for your company for all items related to compliance. All agency requirements, for example, will need to be in this. It takes time to create your compliance program and cannot be created in a vacuum.

Seven elements of an effective compliance programs are:

  1. Designating a compliance officer and compliance committee

  2. Implementing written policies and procedures

  3. Conducting effective training and education

  4. Developing effective lines of communication

  5. Conducting internal monitoring and auditing

  6. Enforcing standards through well-publicized disciplinary guidelines, and

  7. Responding promptly to detected problems and undertaking corrective actions.

As you can see, each of these elements takes time and thought to put together. Written policies and procedures can be a full-time position. They will also be tested by an independent audit. Training and education will be reviewed by your regulators to see if it is effective and to give your employees required information.

BlackFin Group can help you create a Compliance Management System or help you update the one you have. Feel free to reach out to us today!

Julie Piepho, CMB, is a Principal Consultant with BlackFin Group in the Mortgage Strategy Practice. Julie is nationally recognized as a Mortgage Strategy Consulting expert with over four decades’ experience leading and coaching sales and operations teams while in executive roles at Cornerstone Mortgage, Norwest Mortgage and Wells Fargo Mortgage. She holds the prestigious Master Certified Mortgage Banker designation from the Mortgage Bankers Association. For more information on how we can help contact

17 views0 comments


bottom of page