Posts

Close-up of a dial showing high risk

Managing Risk After the Business Loan is Made

By Larry Middleman, President/CEO, CU Business Group, LLC

The business loan documents are signed and the funds distributed. That means your job is done, right?

Wrong. Due diligence and risk management are crucial steps after the business loan is made. Proper risk monitoring over the life of the loan is essential to identifying potential problems before they occur and early detection is the best way to fend off problems before they become big issues. 

Effective risk management practices also allow for frequent ‘touches’ of the loan in an efficient and cost-effective manner.  The days of simply doing an annual review on a business loan are long past.  As the late-2000s financial crisis amply demonstrated, conditions can change rapidly.

A Scaled Approach

In our work with credit unions across the country, we see many examples of excellent business lending risk management practices.  We also see credit unions where risk monitoring is non-existent.  In recent years, regulators have stepped up their oversight in this area, so be prepared for a rigorous review of your risk management practices in your next exam.

My view is that monitoring activities should scale depending on the general riskiness of the loan.  Important factors include the dollar amount of the loan, the type of loan, and the borrower’s industry.  Higher risk loans include lines of credit secured by accounts receivable or inventory.  Certain industries, such as retail and hospitality, often carry higher than average risk.

Many credit unions take an all-or-nothing approach to risk monitoring, e.g. “we only monitor loans over $250,000”.  While this attempts to balance monitoring efforts with the associated cost, in most cases a more thorough approach is warranted. 

I believe the right framework for credit unions is to adopt a risk management system for their business lending portfolio.  This holistic view encompasses all the key elements of risk monitoring, both on an individual loan basis and on the entire business loan portfolio.  Here are the fundamental steps in establishing a risk management system in business lending.

Tracking

Management must put a process or system in place for timely and effective follow-up.  A ‘tickler system’ is the best tool for setting key follow-up dates.  A typical follow-up activity would be sending a letter to the borrower requesting updated insurance records.  The trick is to re-set another tickler for two weeks later to ensure the insurance information has been received.  Simply sending the letter is not effective risk monitoring – actually receiving the information and analyzing it is true risk management.

Today, with the advent of cloud-based loan operation systems, tracking and follow-up is easier than ever. Automated tickler alerts can be set up that will email a notification to the loan officer, or even directly to the borrower.

Analyzing the Borrower’s Financial Condition

The fundamental activity in risk monitoring is reviewing the borrower’s financial situation. This will identify changes in condition as compared to the original underwriting and subsequent reviews of the loan, a key to identifying potential problems before they arise. You may notice that a borrower has had a decrease in sales or unusually high expenses, and that is the time to talk with your borrower. 

Global Cash Flow Analysis

It is critical to understand your borrower’s other obligations.  Other projects or commitments that go bad may drag down the performance of your good loan.  This takes expertise and resources, but again – early detection and fast action are the best methods of warding off loan losses.

Monitoring Industry and Market Conditions

When dealing with commercial real estate, look at the market conditions for the property. Are rents in the area rising or declining?  What are the occupancy trends of comparable buildings?

Consider the macro view of your member’s business. Will industry-related government regulations affect the company? Will potential state or federal taxes increase the price of the firm’s product or service?

Stress Testing

Stress testing is a tried-and-true method of identifying the key areas to watch for during the life of the loan.  At what point would the debt coverage be less than sufficient to support your loan payments?  How low can the lease income or occupancy rate go before there are potential problems with the cash flow of the property?

Multiple Touches

Automated risk monitoring solutions exist which allow for cost-effective loan monitoring between annual reviews.  We recommend at least two ‘touches’ of the loan in addition to the in-depth annual review.  These touches might identify certain situations, such as: Has the borrower’s or guarantor’s credit score recently decreased?  Are there any environmental issues with a property adjacent or near to your collateral?

Monitoring the Overall Portfolio

Credit unions must also step back and view the forest (the business loan portfolio) and not just the trees (the loans).  Does your portfolio have excessive concentrations in one loan type or industry?  What is the weighted-average risk rating of your portfolio?  What is your exposure relative to the credit union’s net worth?  Management must take the macro view to complement individual loan monitoring.

Reporting

I see it all the time…management believes the right things are being done, but they really don’t know – and sometimes they only find out when it is too late.  Proper management and board oversight is only accomplished with thorough and complete reporting from the business lending area of the credit union.  An effective risk management system includes a continuous feedback loop to keep everyone apprised of both the positive and negative aspects of the business loan portfolio.

As with individual loan tracking, systems exist today that take much of the manual effort out of portfolio monitoring and management reporting. Operational managers as well as senior executives and board members can have real-time access to detailed, easy-to-read dashboard reporting. Such reports can display information as varied as industry concentrations, portfolio profitability, and even average time-to-close.

I once heard a gem of wisdom that rings true: “The best way to make money in commercial lending is not to lose money.”  Implementing a risk management system will dramatically increase your odds of not losing money and being successful in business lending.

Larry Middleman is the President/CEO of CU Business Group, LLC, the largest business services CUSO in the industry, serving more than 580 credit unions in 47 states.  He can be reached at 866-484-2876 or lmiddleman@cubg.org.

Customer Due Diligence

New FinCEN Rules Require Credit Unions to Identify all Beneficial Owners of Legal Entity Accounts

From Claire White, CUBG Deposit Services Officer

On July 11th, new FinCEN rules clarifying and strengthening customer due diligence requirements went into effect. Credit unions will have until May 11, 2018 to comply with the rules.

The new rules contain explicit customer due diligence requirements and include a new requirement to verify the identity of beneficial owners of legal entity customers (i.e. business entity members) with certain exclusions and exceptions.

Under the new rules, credit unions will use Customer Identification Program (CIP) procedures, similar to those used for individuals, to identify the beneficial owners of a legal entity. The credit union may rely on copies of the identification documents used to identify the beneficial owner and may rely on information provided by the entity, as long as it has no knowledge of facts that would call into question the reliability of the information.

Legal entity customers are defined in the final rules as a corporation, limited liability company, or other entity that is created by the filing of a public document with a Secretary of State or similar office, a general partnership, and any similar entity formed under the laws of a foreign jurisdiction that opens an account. Sole proprietorships and unincorporated associations are not included in the definition, even if those such businesses may file with the Secretary of State in order to, for example, register a trade name or establish a tax account.

The final rules also include a list of entities that are not included as legal entity customers under the rules. The exclusions begin on page 17 of the link included in this article.

The final rules define beneficial owners as each of the following:

  • Each individual who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25% or more of the equity interests of a legal entity customer; and
  • A single individual with significant responsibility to control, manage, or direct a legal entity customer, including an executive officer or senior manager (e.g. a CEO, CFO, COO, Managing Member, General Partner, President, Vice President, or Treasurer) or any other individual who regularly performs similar functions.
  • If a trust owns directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, 25% or more of the equity interests of a legal entity customer, the beneficial owner(s) for the purpose of the final rules is the trustee.

CU Business Group recommends credit unions review their Bank Secrecy Act (BSA) procedures and other procedures related to the opening and monitoring of business accounts to ensure compliance with the new Customer Due Diligence (CDD) rules before May 11, 2018.

We have created the following list of action steps to help you get started:

  1. Review your current account opening, monitoring, and any related BSA procedures for business accounts.
  2. Update the procedures if necessary.
  3. Contact your form vendor regarding a Certification of Beneficial Owner(s) or use the form provided in Appendix A of the Customer Due Diligence Requirements at account opening or when significant changes occur.
  4. Determine which areas of operations will be affected by the changes and provide training to staff.
  5. Inform internal and external auditors of the changes.

You can view the final rules on Customer Due Diligence Requirements for Financial Institutions online.

If you have questions about FinCEN’s final rules on CDD for legal entity customers, contact CUBG’s deposit team at 866-484-2876, or TreasuryMgmt@cubg.org.