Chief compliance officers are looking beyond the day-to-day. Senior leaders from Frost Bank, PNC, and Broadway Bank told ProSight how they’re preparing compliance functions for growth, regulatory shifts, and new technology. Their insights offer several big-picture lessons for banks looking to strengthen compliance in a fast-changing environment.
Plan early for growth. Crossing regulatory thresholds is a game-changer. Frost’s Bart Leahey stressed that “early preparation is essential” when a bank’s strategic outlook puts it above $50 billion in assets—a threshold Frost recently crossed. Broadway’s Steve Manderscheid made a similar point for smaller institutions: “Knowing that Broadway wants to be at $10 billion in the next three to five years, we’re not going to wait until the fifth year.” The lesson: build capacity before the rules change.
Stay proactive on regulation. Leahey said Frost strives “to be as proactive and nimble as possible,” using technology to flag implications of proposed rules so business units can plan ahead. But size matters. Manderscheid noted that smaller banks can’t assign people to shadow every proposal: “We need to deploy them to areas across the organization where they need compliance assistance.” At PNC, Michael Abriatis said training usually waits until there’s certainty a rule will take effect.
Align frameworks with regulatory expectations. Abriatis highlighted the importance of “strong, integrated” frameworks. At PNC, the enterprise risk management framework cascades into operational risk and compliance frameworks, all designed to use the same data and break down silos. Leahey emphasized the same principle from another angle: Frost benchmarks against the stronger expectations that come with its new size. “We regularly assess the [regulatory] expectations of banks our size,” he said, adding that peer exchanges and ongoing gap analyses help keep the program aligned.
Approach AI with discipline. AI is moving fast, but compliance leaders urged caution. Abriatis described working groups and forums that bring executive awareness and management oversight to AI use cases. “Compliance has a seat at the table through all facets of that process,” he said, ensuring risks, controls, and customer impacts are addressed. ProSight’s AI Use Case Template was flagged as a tool for structuring that analysis.
Develop future leaders. For Abriatis, the long game is talent: “If we’re continually developing our team, we’re better positioned to deal with ambiguity. We’re better positioned to deal with changes. We’re better positioned to deal with what’s necessary from a growth perspective.”
These perspectives were shared during a panel at ProSight’s 2025 Governance, Compliance, and Operational Resiliency (GCOR) Virtual Conference. Looking for more? Join us for the ProSight Annual Risk, Compliance & Fraud Virtual Conference, Oct. 27-30, for dozens of panels including “Just-in-Time (JIT) Learning for Financial Services Compliance Success.”
