The Covid-19 Pandemic has had and will continue to have effect on financial institutions and their customers for an extended time. In recognition of this fact, the OCC discussed pandemic related risk in its Semi-annal Risk perspective for the Spring of 2020. Highlights included credit risk and operational risk (due to amended business practices and third parties engaged to support remote work, increased technological capacity, and solutions to maintain operations).
Also mentioned was increased compliance risk from altered operations with employees working remotely, and programs enacted to support consumers such as forbearance and deferred payment programs.
The report overall addresses four main areas – operational risk, institution performance, special topics in emerging risk, and trends in key risk. The significance of this report is that it provides insight into upcoming examination areas of concern based on the pandemic.
Interagency Exam Joint Guidance in June 2020 referenced Federal and State Financial Regulator intent to include as part of an institution examination whether management had managed risk appropriately in response to stresses caused by the impact of Covid-19.
Operational, compliance, and cyber risks have likely increased for many institutions as a result of the pandemic. The agencies will consider whether management has appropriately planned for financial resiliency and operational continuity, implemented prudent policies, and is pursuing realistic resolution of issues resulting from the pandemic.
Examiners are expecting management to have an initial and ongoing risk assessment of the pandemic addressing credit risk, earnings prospects, capital adequacy, funding, liquidity, operations, and sensitivity to market risk. The institution’s risk identification and reporting processes will be evaluated.
Capital adequacy will be evaluated as institutions may experience cash flow decreases, asset losses, operational losses, extraordinary expenses, deposit fluctuations, and contingent liabilities as a result of the pandemic.
The pandemic will affect asset quality review in terms of prudent credit modifications and underwriting, maintaining appropriate risk ratings, designating appropriate accrual status on affected loans and providing appropriate loss allowances.
Actions taken by management to adapt fraud and cybersecurity controls to the adjusted operating environment will be evaluated. Third party controls and service delivery performance during the pandemic should have also been evaluated by management.
The internal and external independent audit areas will also be reviewed to ensure these functions are functional through work at home arrangements and these areas include reviews of new operational processes and programs.
In summary the pandemic filters though every part of the regulatory audit process whether you are talking Safety and Soundness, Compliance, or Informational Technology.
A reading of Interagency Joint Guidance is a must. Pandemic consideration is a prudent component of your next regulatory examination.
4 Things For Businesses To Focus On Post-COVID
Cybersecurity For Colleges And Universities
COVID-19 Brings The Spotlight Back To Stress Testing