Over the many years that I have been in compliance, complaints have increasingly become a hot topic. It could be something as simple as a customer not liking lobby refreshments to something as complex as a fair lending complaint. As financial institution Compliance Officers, we need to look at all complaints and make determinations whether they are pertinent for Compliance to get involved. All complaints should be addressed to reduce overall reputational risk. We should never let someone other than compliance determine whether we should or should not be involved. It could have long term ramifications.
In order to have a quality complaint management program, a financial institution should begin by establishing a group/committee of people that receive all complaints. The group or committee should include at least one person from compliance, operations, lending and retail to ensure that a good mix of people are involved in the process. It is imperative for a compliance person to be included in the group/committee because we have the expertise to assess whether or not a complaint falls within our scope of responsibilities. If you are not involved in this phase, you risk the possibility that a compliance complaint slips through the cracks and you find out too late.
The next phase of a quality complaint management program is to establish a centralized tracking mechanism to ensure all complaints are documented and tracked for the lifecycle of the complaint. The tracking mechanism should track at a minimum the following: date complaint was received, who received the complaint, delivery method of the complaint, customer name, customer contact info, account number affected, description of the complaint, applicable law or regulation, name of employee assigned to investigate, date and method the result of the investigation was communicated with the customer, and if applicable, date of provisional credit or provisional credit was reversed.
The final phase that is imperative is establishing procedures and monitoring to ensure that the complaint process and log doesn't just sit on a shelf to collect dust. The procedures should include how often the group/committee will meet, addressing whether the complaint is a compliance issue. The timetable for the meeting should be sooner rather than later due to the regulatory requirements to respond expeditiously is some cases. The procedures should also dictate who the "owner" of the log is and that person needs to ensure that all columns in the log are filled out with adequate information. In addition, compliance should never rely on another department to respond to a compliance related complaint. It can be a collaborative effort between compliance and operations or compliance and retail, but compliance must be involved and the procedures must notate that. Regarding monitoring procedures, it is my opinion that compliance needs to review the log no less than once a month to ensure that all compliance matters are addressed appropriately.
As we all know, the CFPB and NCUA placed a lot of emphasis on complaints. Both regulatory agencies have developed online ways to submit complaints. The next phase to a quality complaint management program is to review the public complaints frequently. I wouldn't limit the review to only your financial institution. Speaking from experience as someone who managed a vendor management program, I expanded the review to my vendors to ensure we didn't have potential compliance, legal, and reputational risk that we needed to address.
In closing, we now live in the day and age where people voice grievances in private and others make them more public (i.e. social media). In the end, we must be prepared to address all complaints appropriately and with a positive and gracious spin. Public perception of how we respond can cause reputational issues and long term public perception issues.