Under the spotlight

Banking regulators are making “Regulation W” a priority. Implications and approaches for Banks to consider.


Rethinking compliance management

Bank leaders and boards, which must come to terms with the new reality of compliance. Which “shoulds” are really sometimes “shalls?”


Dodd-Frank Act push-out

Banks are now focused on the decisions that they need to make and determining the best course of action to be in compliance with “push-out” in 2015.


Stronger: OCC's heightened expectations

Enhancing risk management and driving growth

The latest guidance issued by the Office of the Comptroller of the Currency (OCC) continues the trend of greater regulatory involvement. The OCC has proposed minimum standards for the design and implementation of a Risk Governance Framework and the role of the board of directors in administering its oversight. These proposed standards apply to large national banks and are consistent with the principles embedded in the Federal Reserve's expectations for large bank holding companies.

Download PDF

Find out more about Stronger: OCC’s heightened expectations

Six key takeaways

Within this paper, six possible takeaways are identified for boards of directors and executives responsible for leading their institutions' governance- and risk-related initiatives. The six areas deserving special focus are:

  • Risk and strategy alignment
  • Board responsibilities
  • Three lines of defense
  • Internal audit
  • Risk data and infrastructure
  • Talent and culture

Back to top

Our thoughts

In this report, you will find our thoughts on the implications of new guidelines on each of these area —as well as actions your institution can begin taking in order to not only comply with them, but to use them as a springboard to growth.

Back to top

Strong risk management

Fundamental components of strong risk management:

  1. Governance: Board of directors and senior management set the right “tone at the top".
  2. Policies and procedures: Should address the complexity of an institution’s business and risk appetite.
  3. Internal controls: Effective internal controls should prevent and detect inappropriate/unapproved risk taking.
  4. Measure, monitor, and report Institutions: Should have the ability to identify, measure, monitor, and report all risks, including concentrations and risk appetite breaches.

Back to top

More topics


Center for Regulatory Strategy

The Deloitte Center for Regulatory Strategy provides deep knowledge and practical insight into regulatory matters across heavily regulated industries.


Governance, Regulatory, and Risk Strategies

Deloitte can help you create and protect value and enhance effective management of governance, regulatory and compliance risks on a sustained basis.