Business Technology: Making The Most Out Of ComplianceBusiness Technology: Making The Most Out Of Compliance

A few weeks ago, I wrote about the challenges of adding compliance to the already-full list of top priorities staring you in the face, and I asked you to send in your own stories of battles with compliance, whether they turned out as wins, losses, or draws (Compliance Shouldn't Be A Nightmare, March 22). You responded with some real doozies—I'd say that I feel your pain, but while reading them I was too cowardly to let it go that far—and many showed remarkable innovation and breakthrough thinking. Among the wins, most involved a strong thread of culture shock—but the shock was overcome, and the new ideas took hold. For some of the losses, either the approaches were wrong or management's will weakened or there was simply not enough organizational resolve to truly change—issuing a few memos and bringing in a consultant to have a few brown-bag-lunch chats doesn't quite cut it—and the approach devolved into spending more money to buy a detached and unintegrated bolt-on clump of software that everyone resented, that cost a boatload to support, that added nothing to productivity, and that further cemented rather than uprooted inefficient business processes. The moral of the story perhaps being, "And as you sow, so shall ye reap. ..."

Well, we want all of you to enjoy rich, full harvests, so we'll have lots and lots of success stories and insights to share with you at our May 19 Compliance Challenges and Governance Strategies conference in New York, as we bring together innovative practitioners who'll share their experiences and best practices (information.com/events/compliance). In addition, as promised, I've reviewed all the submissions that you readers so generously sent in, and I'd like to share with you what I felt was the most insightful and innovative. It comes from John Putman, assistant VP of lending-technology systems at CUNA Mutual Group, based in Madison, Wis. John said that his company holds the bond for about 96% of all credit unions in the United States, which means that if one of those credit unions violates a compliance regulation in issuing a loan to a member, then CUNA Mutual Group, as the bondholder, would have to cover any monetary loss. (I think that's what they call "having skin in the game.") So John's organization within CUNA Mutual developed an online loan application called loanliner.com that the company guarantees is compliant, which mitigates some risk for the company, and also is making life much easier for cash-strapped credit unions.

"Additionally," John said, "because we are able to spread the cost for the development and maintenance of loanliner.com among all the subscriber sites [currently about 500, with eight new sites joining each month], the cost of ownership is substantially less than it would be for a credit union to build a system with similar capabilities on their own." In addition, the company's significant IT infrastructure and security capabilities—including a modern data-center facility and disaster-recovery practices—probably go far beyond what most credit unions could afford.

There's more pain relief: The company also offers credit unions a library of guaranteed-compliant lending and deposit documents used by about 78% of all credit unions in the country, and also offers a compliant process for transmitting these documents electronically to the end-user borrower. "This is the area where I have seen the most regulatory violations," John said, because a federal regulation forbids sending a document containing personal member information as an E-mail attachment unless the message is encrypted. And since, in spite of that, most credit unions with internally developed Web applications use non-encrypted E-mail attachments for this purpose, "this provides an excellent opportunity for identity theft."

As stated in that previous column, compliance is daunting but doesn't have to be a nightmare—companies like CUNA Mutual Group have found better ways. We'll be sharing some other great examples on May 19, and we hope you can join us. And to John Putman and CUNA Mutual, our thanks and congratulations for sharing this innovative approach.

P.S.: In a huge research study we conducted late last year on compliance practices, we asked companies that had completed their compliance projects how those efforts affected their overall IT spending, their productivity, and their interactions with customers. On spending, 71% said it went up and 27% said it stayed flat, but 2% said they'd found a better way and not only attained full-compliant status but also reduced spending while doing so. On productivity, 34% said the effort needed for compliance reduced employee productivity, 61% said it was unchanged, and 5% found a better way by becoming compliant while also becoming more productive. And on customer relations, 30% said the demands of compliance made it harder for them to serve customers, 47% said customer service was unchanged, but a whopping 23% said they'd found a better way by becoming compliant while also serving customers better.

To discuss this column with other readers, please visit Bob Evans's forum on the Listening Post.

To find out more about Bob Evans, please visit his page on the Listening Post.