views What makes up an effective process to ensure that boards are adequately fulfilling their compliance oversight responsibilities? Does your bank (or an independent third party) review and evaluate the following: question and challenge management’s recommendations and decisions? The board should also hold management accountable to deadlines for resolving compliance deficiencies, especially significant and/or repeated regulator identified matters requiring attention. Compliance Culture Compliance risk professionals know that evaluating and improving your compliance program is an ongoing process and incorporating the evaluation of the board’s oversight (and related processes) will only strengthen the safety and soundness of the bank; demonstrate a commitment to compliance to your shareholders, customers and other stakeholders and positively influence the bank’s compliance culture and work environment. These sound business practices have applicability to other industries besides banking, and DHG stands ready to assist you in assessing and evaluating how effective your board is in carrying out their compliance oversight responsibilities. It is imperative that the board (and management) set the “tone at the top” for a positive compliance and ethical culture at the bank. Their commitment and the compliance culture is demonstrated not merely through policies and annual training but also through action by holding those outliers accountable when they fail to comply and/or act unethically. Communications with the Board The board should be actively involved in compliance matters and this may be tested by reviewing board and audit committee meeting minutes. To keep the board involved and informed periodic reports should be provided and discussed and include the current and forecasted compliance risks and issues.

Significant self and/or regulator identified issues should be reported on and discussed in detail and include the status of corrective actions. The board should also be briefed and trained on new regulations or organizational policy requirements. An update on any actions to address compliance “readiness” for new regulations should also be provided to the board. How DHG Can Help DHG’s team of regulatory compliance professionals can provide the following services: • Tailor and conduct a thorough independent assessment of the effectiveness of the board’s oversight to identify gaps and recommend corrective action »» Reporting Compliance Oversight »» Training All of the board’s compliance oversight duties are critical; however, holding management accountable for adhering to the compliance governance framework and program requirements is essential and sends a strong message to employees, customers, vendors, regulators and the general public.

Through a review of meeting minutes and/ or memorandum it should be clear and evident that the board is holding management accountable. Does the board »» Communications »» Board Committee Charters • Develop training materials • Assess applicable polices, charters and other governing documents and design the enhancements 1. Banks with more than $50 billion in assets. 2. Remarks by Thomas J. Curry, Comptroller of the Currency before the Prudential Bank Regulation Conference, Washington, D.C.

June 9, 2015 Assurance | Tax | Advisory | dhgllp.com 2 .