Over the many years that I have been in compliance, complaints have increasingly become a hot topic. It could be something as simple as a customer not liking lobby refreshments to something as complex as a fair lending complaint. The CFPB and NCUA have exacerbated the issue by placing a lot of emphasis on complaints. As you all know, both regulatory agencies have even developed systems to submit complaints. Financial institution Compliance Officers need to look at all complaints and make determinations whether they are pertinent for Compliance to get involved. All complaints should be addressed to reduce overall reputational risk. We should never let anyone other than compliance determine whether we should or should not be involved as it could have long-term ramifications.
In order to have a quality complaint management program, a financial institution should begin by establishing a group/committee of people that receive all complaints. The group or committee should include at least one person from compliance, operations, lending and retail to ensure that a good mix of people are involved in the process. It is imperative for compliance to be included in the group/committee because we have the expertise to assess whether or not a complaint falls within our scope of responsibilities. If you are not involved in this phase, you risk the possibility that a compliance complaint slips through the cracks and you find out too late.
The next phase of a quality complaint management program is to establish a centralized tracking mechanism to ensure all complaints are documented and tracked for the lifecycle of the complaint. The tracking mechanism should track at a minimum the following:
- Date complaint was received
- Who received the complaint
- Delivery method of the complaint
- Customer name
- Customer contact info
- Account number affected
- Description of the complaint
- Applicable law or regulation
- Name of employee assigned to investigate
- Date and method the result of the investigation was communicated with the customer
- If applicable, date of provisional credit or provisional credit was reversed
The final phase that is vital is establishing procedures and monitoring protocols to ensure that the complaint process and complaint log do not just sit on a shelf and collect dust. The procedures should include how often the group/committee will meet, meeting minutes that show who attends the meeting, and address whether the complaint is a compliance issue. The timetable should also notate an "as needed" option due to regulatory requirements to respond expeditiously in some cases. The procedures should also dictate who the "owner" of the log is and that person needs to ensure that the log is documented with adequate information. Compliance should never rely on another department solely to respond to a compliance related complaint. For example, a collaborative effort between compliance and operations or compliance and retail, but compliance must be involved and the procedures must notate the requirement. It is my opinion that compliance needs to review the log no less than once a month to ensure that all compliance matters are addressed appropriately.
The next phase to a quality complaint management program is to review public complaints frequently. I wouldn't limit the review to only your financial institution. Speaking from experience as someone who managed a vendor management program, I expanded the review to my vendors to ensure there were no potential compliance, legal, and reputational risk that we needed to address with our vendors.
In closing, we now live in the day and age where people voice grievances in private and others make them more public (i.e. social media). In the end, we must be prepared to address all complaints appropriately and with a positive and gracious spin. Public perception of how we respond can cause reputational issues and long term public perception issues.