Regulatory Remediation Developing and executing strategic and resolution-driving lookback and remediation programs. Our overall goal is to help our clients be successful in their response to regulatory issues and do so in an efficient manner, with a focus managing risk, regulatory relations, and customer experience.By leveraging our experienced professionals and proven methodologies, our clients can accelerate their response to and remediation of regulatory issues. We enhance our clients’ development and implementation of responsive strategies, including remediation governance frameworks, tools, templates and standards, resulting in successful outcomes.Across industries, our clients encounter situations in which they may be required to respond to and remediate regulatory issues. Our global Risk & Compliance professionals partner with our clients to respond thoroughly and timely to regulatory matters, execute steps to remediate issues, validate the resolution of issues, and develop enabling frameworks to confidently manage the risks associated with these processes. Our team responds to regulatory requests in an agile and efficient manner Our Regulatory Remediation Services Pro Document Consent Regulatory Action Response and Strategy Drawing upon our experiences with various products and services, requirements, and issue resolution, Protiviti helps clients confidently develop and/or enhance their communications to and with their regulators, with the goal of developing practical, timely and thorough responses to issues. Pro Briefcase Self-Assessment in Advance of Any Regulatory Action Protiviti assists clients with assessing regulatory issues, however they are identified. Our goal is to provide relevant, timely information that gives our clients confidence in their responses to regulatory findings and negotiation of regulatory actions. Pro Document Stack Issue Management and Resolution From the identification to closure, Protiviti assists our clients with the management and resolution of regulatory issue and actions. We help clients evaluate, design and execute strategies to manage regulatory risks and expectations, and successfully resolve regulatory issues. Pro Building office Customer Remediation As our clients identify regulatory issues that require the remediation of adversely impacted customers, Protiviti assists clients with identifying the impacted customers, determining the remediation amounts and types, and communicating with and providing remediation to customers. Pro Document Files Credible Challenge, Testing and Validation We assist clients across their lines of defenses with evaluating their regulatory remediation strategies and execution for consistency with applicable requirements, expectations and internal standards, and provide informed, independent perspectives to management to successfully resolve regulatory matters. Our Approach The process to resolve regulatory issues requiring remediation is universally complex. It requires careful consideration and a clear approach and methodology to demonstrate that all relevant factors are identified and appropriately addressed. It also demands thoughtful communication with an organization’s regulators that is not only responsive but practical in its alignment with the operational realities of resolving the issue.Protiviti offers multiple solutions to our clients related to their regulatory remediation efforts, supported by experienced professionals that have delivered on our proven methodologies powered by data and supportive technologies, including:Developing regulatory responses and effectively managing negotiation of regulatory actions;Self-assessing issues to evaluate the extent of the impact and inform regulatory responses and negotiations;Planning corrective actions, including customer remediation;Testing controls and transactions;Designing and providing resources to execute lookback reviews, as well as the deployment of enabling workflow-based tools; Conducting data analytics;Providing oversight of project management activities; andCredibly challenging and validating regulatory responses as well as issue resolution plans and their execution.We assist clients throughout the lifecycle of a regulatory matter, including with establishing a governance and risk management framework for managing such mattersBy assisting our clients with designing and implementing well-executed governance and risk management processes, we enable our clients to capably identify, resolve, remediate, track and report issues in such a way that not only meets regulatory expectations but more broadly meets the expectations of key stakeholders, including shareholders and importantly, customers and the market.In facilitating the planning, execution and validation of our clients’ resolution of regulatory matters, including those involving customer remediation, our experienced professionals employ practical, proven methodologies. We help our clients develop and implement regulatory remediation strategies (both simple and complex) that enables appropriate oversight of the response to and resolution of regulatory matters.To manage the competing priorities of timeliness and thoroughness that clients often face in regulatory remediation efforts, we routinely assist s with developing and managing communications with their regulators. Leveraging the subject matter experience of our professionals, many of whom have worked as regulators previously, we provide additional perspective to our clients in the development of practical responses that meet regulatory expectations as well as manage business objectives and client experiences.Our clients benefit also from our subject matter expertise across products, services, and processes (such as mortgage servicing, student lending, and payments), as well as with various regulatory requirements (such as BSA/AML and sanctions and fair and responsible lending), and risk management. Our professional experience is both broad and deep allowing us to provide clients with unparalleled support in managing the regulatory remediation process.Our overall goal is to help our clients respond to regulatory issues in an effective and efficient manner, with a focus managing risk, regulatory relations, and customer experience. Featured insights IN FOCUS NIST unveils post-quantum cryptography standards. What does it mean? Earlier this month, the National Institute of Standards and Technology (NIST) approved three post-quantum cryptography (PQC) standards that constitute the first significant steps towards protecting critical services from quantum computers being used... BLOG The SEC’s Cyber Disclosure Rules: Lessons Learned So Far In Year One What qualifies as a material cybersecurity incident? Can we estimate our potential losses and the effects of business disruption? What were our recovery costs? What longer-term remediation costs do we need to include in our 8-K incident report? How... INSIGHTS PAPER Crypto and the Travel Rule: What’s Going On? Navigate crypto Travel Rule compliance: understanding its impact, the need for flexible solutions, and areas of focus for implementation. WHITEPAPER An Open Letter to CEOs and Board Members: In Support of the Compliance Function We’ve all heard it said: “Tone at the top” is critical to the success of a compliance function, and financial institution regulators expect CEOs and boards of directors to foster a “culture of compliance” in the institutions they oversee. We’d expect... PODCAST Risky Women Podcast | Top Compliance Priorities 2024 In this episode of Risky Women Radio, host Kimberley Cole, CEO of the Risky Women organization kicks off Series 7 by discussing the predictions for 2024 in the field of risk regulation and compliance. She is joined by Carol Beaumier and Bernadine... WHITEPAPER Regulations and Demand for Accountability Set the Tone for the Future of ESG Disclosures In recent years, increasing pressures from a variety of stakeholders have combined to drive companies toward more sustainable practices in their business operations and greater transparency. The real game-changer, however, has been the proliferation... Button Button Case Studies Remediation Program Development Our client, despite an ever-increasing number of consumer remediation initiatives, had no enterprise-wide standards governing how these projects should be managed. Additionally, regulatory reporting around remediation activities was not produced timely or consistently, and no formalised oversight of projects existed. Collectively, these problems prompted regulatory criticism of the program and led to increasing pressure to centralise the management of issues requiring remediation, whether identified internally or by regulators We were engaged to help the client develop an enterprise-wide consumer remediation program and establish job aids to assist business users in meeting the new requirements. The reporting environment was also analysed to determine how the process could become more robust, informative, and efficient We assembled a team consisting of regulatory compliance experts and leveraged regulatory guidance, standards, and industry best practices to develop a consumer remediation policy to serve as the cornerstone for the client’s program; job aids were then developed based upon the requirements of the approved policy. We delivered a comprehensive consumer remediation program, complete with active oversight of in-progress and recently completed projects, job aids to be used by business users, and a set of business requirements to create enhanced reporting (including trend analysis) for management and regulators. The client successfully presented program materials to its regulators to demonstrate progress in consumer remediation practices. Lead time to produce the quarterly report of remediation activities dropped from over three months to one month. Finally, the presentation of and training on program materials provided to business users was cited by the client’s leadership as the “gold standard” to be used during future program implementations. Remediation Strategy Design A global financial services company internally identified irregularities around adverse action letters that it had issued to applicants and so engaged us to assist with a formal evaluation of its systems, processes and procedures, identifying potential control weaknesses, and scoping the extent of the customers likely affected by control weaknesses in multiple consumer lending business lines. The client also requested a “look-back” review to identify and remediate affected customers. We evaluated systems, processes and procedures to identify potential control weaknesses and scope of affected customers within three lending channels. We developed the methodology by which to identify affected customers, review application records, and generate new or revised adverse action notices. Lastly, we managed the review of the affected accounts, including the updates to loan origination systems and generation of new or revised adverse action notices, where appropriate. We provided the client with a documented methodology to provide an auditable trail of the scoping and execution of the lookback review, including critical decisions and assumptions, data integrity testing, and reconciliations. We also provide detailed review criteria and decision documents to address identified issues and guide the remediation efforts (both physical file review and data-driven procedures to identify affected applicants). Customers impacted were identified and remediated timely, and by also identifying other related control weaknesses, we enabled our client to make important prospective changes to its control environment. Remediation Validation A multinational financial services corporation faced regulatory consent orders requiring remediation to affected customers who had purchased multiple types of add-on products. We evaluated the completeness of the client’s remediation strategy, its adherence to the consent order and remediation plans, and manner in which remediation was technically executed and provided to affected customers. We credibly challenged the client’s proposed remediation plans prior to submission to the regulators versions by holding walk-through meetings to understand remediation approach, corrective actions, key limitations encountered, and key decisions made, reviewing supporting materials, and evaluating the way the client articulated its remediation strategy for completeness and accuracy. After the client received non-objection from its regulators, we reviewed the technical manner in which the client executed its stated remediation strategy, including through re-performance of the client’s data analytics to identify the population of affected customers and calculation of remediation due and transaction testing to validate these processes as well as the way the remediation was provided and serviced. During fieldwork, we established regular reporting to senior management and the Boards of Directors regarding our progress and observations. The client received non-objection regarding the remediation plans submitted to its regulators. At the conclusion of our work, we provide the client with a written assessment of the reasonableness, completeness, and consistency of its execution of its remediation plans. Leadership Shelley Metz-Galloway Shelley Metz-Galloway is a Managing Director in Protiviti’s Metro D.C. Office. She has more than 25 years in the financial services industry. Shelley offers expertise in consumer regulatory compliance, enforcement action response and remediation, compliance, fair ... Learn More Mark Highton Mark Highton serves as Protiviti’s global Financial Crime Compliance leader with 20 years of industry experience and 10 years of consulting experience. Mark is responsible for the development of innovative solutions, pursuit and delivery of large-scale engagements, and ... Learn More