Skip to main content
  • Compliance & Regulation

Smarter compliance: Design procedures at the exact time you’re developing policies

  • Key questions, and their justification, in setting regulatory policies and procedures.
Christopher Boersma

Share

Policies and procedures set the tone for how financial services organizations will address regulatory requirements and examiner expectations. Policies are meant to cover what to do in certain situations, how best to designate responsibilities and how to make sure staff understand why that course of action must be taken. Procedures detail how to do specific tasks and incorporate them into the organization’s operational processes.

Generally, organizations focus primarily on developing policies to satisfy regulators who want confirmation that the institution is addressing the risks linked to a specific line of business.

Once the policy is reviewed and approved by the board, only then do most organizations address procedures. This is a mistake. Procedures must be addressed at the same time as policies due to the number of factors that must be considered during the planning process. Thinking of both simultaneously and designing them in tandem is the only way to ensure they’re aligned. And being proactive will allow your teams to be more successful.

For this reason, it is important for institutions to ask themselves key questions to address and answer when developing organizational policies and procedures.

Start with this list during the policy and procedure development process:

  • What is the policy/procedure scope?
  • Who and what does the policy/procedure impact?
  • How will the policy/procedure be communicated?
  • How will the organization measure success?

What is the policy and procedure scope?

When a new policy and procedure needs to be created, the first step the organization should take is to outline what is covered and why it is important. Understanding the significance each policy and procedure has on the organization will determine how they rank compared to other policies and procedures and will influence how leadership addresses the other questions previously covered.

To fully address this question, compliance professionals and department leaders should consider asking the following:

https://baidotorgqa.wpengine.com/wp-content/uploads/2024/07/Policy-table.png

Who and what does the policy/procedure impact?

Policies and procedures each have unique requirements of varying demands of time and resources on an organization. For instance, organizations need to determine if a new policy and procedure impacts multiple departments and multiple roles/levels within those departments.

This will help financial services providers understand who needs to be involved in the creation process to make sure they are performing appropriate tasks for their respective departments and to be aligned on how each department should work together.

Organizations should ask and address the following questions on their policy and procedure checklist:

https://baidotorgqa.wpengine.com/wp-content/uploads/2024/07/policy-and-procedure-table.png

How will the policy/procedure be communicated?

Once all the strategic items have been determined as well as who is responsible for them, the organization needs to have a plan to communicate implementation.

Policies and procedures need to be reviewed and acknowledged so all relevant stakeholders who weren’t involved in the creation process understand why they must follow the policy and procedure and how it impacts them.

Questions the organizations should answer when creating communication plans should include the following:

https://baidotorgqa.wpengine.com/wp-content/uploads/2024/07/policy-and-procedure-reasoning-table.png

How will the organization measure success?

Launching policies and procedures and collecting acknowledgements are not everything an organization needs to do. Businesses need to measure the effectiveness of their policies and procedures to see if they are producing the desired results.

To do this, it is important to set up key performance indicators (KPIs) that correspond with each policy and procedure.

Businesses need to ask the following questions to determine what success looks like:

https://baidotorgqa.wpengine.com/wp-content/uploads/2024/07/KPI-Table.png

These questions will help organize each step of the policy and procedure development process. And they go a long way in helping organizations ensure they aren’t overlooking necessary details during each step.

Read moreDon’t rubber stamp regulatory courses — establish KPI for training success

And: Here’s what regulators care about more than compliance course completions

Christopher Boersma, CRCM, CAMS, CISA, CC, is Product Manager, Compliance at BAI.

Explore the BAI Learning Manager.

About the Author
Christopher Boersma
Related Articles
2026 State of U.S. Deposits Quarterly Series
2026 State of U.S. Deposits Quarterly Series
  • Growth & Innovation
How ‘Failure Analysis’ Can Help in Banking
How ‘Failure Analysis’ Can Help in Banking
  • Risk
The Expansion of State-Level Regulation—and What It Means for Compliance
The Expansion of State-Level Regulation—and What It Means for Compliance
  • Compliance & Regulation

Login to view this content

 

Become a member to unlock exclusive content, connect with industry experts, and gain access to valuable resources

If your employer is an institutional member, activate your ProSight membership benefits with a simple email address.