Strunk at the ABA’s Virtual Risk Management Conference 2021

We’re getting the hang of these virtual events at Strunk!  Strunk attended the ABA’s annual Risk Management conference last week. During the virtual event we hosted a virtual booth, met with many familiar and new faces via Zoom meetings and attended virtual sessions. We enjoyed the opportunity to connect with bankers across the country.

We welcomed the opportunity to discuss with attendees the latest features offered by our Governance, Risk Management and Compliance (GRC) software Risk Manager, which includes six GRC tools – Risk Assessor, Policy Manager, Controls Manager, Skills Manager, Issues Manager and Vendor Manager.

A state of the industry was provided by Dr. Catherine Mann, currently the Global Chief Economist for Citibank. The session included an update on the economy, focusing on pandemic recovery in all key sectors. She also shared thoughts on key economic risks for financial markets and how this impacts risk mitigation efforts. The session also included a keynote address by Rob Nichols, President and CEO of the American Bankers Association.

Attendees had the opportunity to discuss post-pandemic risk management, among many other topics. Bankers were encouraged to reassess and modify risk management frameworks as a result of the pandemic, especially reviewing and adjusting risk appetites and associated metrics.

Congratulations to the winner of Strunk’s giveaway, a $100 gift card to Amazon – Linda Schnitzler of The Canandaigua National Bank and Trust Company!

We hope to see you all in person next year. Until then, stay well.

Strunk at the ABA’s Virtual Conference for Community Bankers 2021

For the first time, Strunk attended the ABA’s annual Conference for Community Bankers virtually. During the virtual event we hosted a virtual booth, met with many familiar and new faces via Zoom meetings and attended virtual sessions. While a bit different than being together, it remains one of the most anticipated events of the year and we made the most of the connections with bankers and enjoyed seeing everyone.

We welcomed the opportunity to discuss with attendees the latest features offered by our Governance, Risk Management and Compliance (GRC) software Risk Manager, which includes six GRC tools – Risk Assessor, Policy Manager, Controls Manager, Skills Manager, Issues Manager and Vendor Manager. Strunk’s Overdraft Program is always a hot topic of conversation and we were glad to discuss our approach with long-time clients and potential clients.

Attendees had the opportunity to hear from keynote speaker, former NBA star Earvin ‘Magic’ Johnson in his session ‘The Power of Magic’. On top of his athletic notoriety, Magic is a driven and successful entrepreneur who shared what it takes to truly make an impact.

Another interesting session was hosted by Ron Shevlin of Cornerstone Advisors on the five forces shaping the banking industry today. He detailed how challenger banks, big tech, embedded finance, artificial intelligence, and cryptocurrency are affecting our banks and provided areas of focus for community FIs.

Congratulations to the winner of Strunk’s giveaway, a $100 gift card to Amazon – Mayra Rinaldi of Columbia Bank!

We hope to see you all in person next year and to once again host the conference t-shirt station. Until then, stay well.

Ensuring Employee Compliance With Policies and Procedures

Does your financial institution do annual employee reviews of compliance with your policies and procedures? If not you should. Training employees on specific areas of the bank is crucial to running a successful company and testing for product knowledge is critical to customer service.

All financial institutions have policies that are board approved on an annual basis and a set of procedures that are senior management approved. The question is do your employees know what the policies and procedure say and do they follow them?

In the middle of the 1980’s, the bank I worked at had a product knowledge contest with the winner receiving a trip to Las Vegas. There were three person teams and the questions came from all areas of the bank. So it was important to have a lending person, a retail person and an operations person on each team to have the correct answers. Needless to say, our team won.

Today, we don’t have product or policy knowledge contests but that doesn’t mean you can’t test your employees for knowledge of these. Strunk’s Skills Manager solution allows financial institutions to train your employees on products, procedures or policies. Then through the solution you can test their knowledge based on the training. Test results for each employee funnel up to one person responsible for the training. Many institutions use this for their security or ethics policy requiring their employees to take a test on an annual basis. Could Skills Manager help your financial institution?

Strunk Solution Fall 2020 Features

With Strunk’s most recent release, clients can now utilize new features in Risk Assessor, Policy Manager, Controls Manager, Vendor Manager, Skills Manager and ODP Manager. We’ve been busy!

Risk Assessor now provides the ability to pull multiple bank UBPR Data into one single risk assessment. This will simplify assessments for multi-bank holding companies.

Criteria based auto assignment for reader and editor groups is now available in Policy Manager. Users are able to assign specific documents based on physical location or job title, where assignment of a set of policies and procedures could dynamically change based on these rules. We have also adjusted the way the policy acknowledgement is assigned. Admin users have the ability to request that users read a policy at a configurable number of days in the event that a policy is updated throughout the year, rather than just every 365 days. Users will be notified of necessary policies to review via email.

Controls Manager now supports notification of the group owner rather than simply the control owner. Alerts will be triggered any time a significant change or update is made to a control.

Clients will be excited to see the improvements to Vendor Manager reporting. Users can sort by a customized list of vendor types, vendor risk level and renewal year within all summary reports. Reports will also include whether or not the vendor survey has been completed and if not, what the current status is.

Skills Manager exams have historically been comprised of multiple choice or true false questions. We now support the option to have an open ended comment for specified questions.

Lastly, ODP Manager provides the ability to mark old status codes as inactive or deleted so they no longer show on reports, such as the Status Tracking Report.

If you would like more information on any of Strunk’s new features or products, please contact us at 800.728.3116 or support@strunklp.com.

Is it time for your company’s next SOC 2 examination?

If your company is like Strunk, then a SOC 2 exam is an annual topic of conversation and the certification from your CPA firm is something you proudly provide your clients. At Strunk we have built a full-featured solution to help not only manage the policies your organization follows but to tie those policies back to the AICPA’s criteria and to your company’s own internal control procedures.

A SOC 2 audit can be time consuming, frustrating and burdensome. Strunk’s Policy Manager and Controls Manager modules can put much needed structure around this process. We keep on top of changes to the AICPA criteria so that you don’t have to. If changes need to be made to your existing policies as a result of any of these updates, you can easily address those within our software, and all modifications and approvals will be captured in our logs. The application will remind specific users within your organization when control activities need to be tested and the solution even supports breaking up this activity throughout the year so that your team is not focused on such a large task all at once.

The implementation with Strunk is extremely straightforward. Your company will submit your current policies for upload and creation within our system. If you are missing policies in any area we will provide you with a template document for you to customize but you will not need to start from scratch! We will work with your team to map these documents to the AICPA criteria in our solution.

Most companies are using Excel to track control activities. We ask that you simply provide this list of test procedures and we will set them up within the solution as well. Our Policy Map will provide a linked relationship from criteria to policies to controls. Once all of your company specific information has been uploaded and created we will host a training webinar for your team. It’s that simple.

Let Strunk help simplify and organize this process for you so that you can focus on what you do best – serving your clients.

Take advantage of new enhancements to Strunk’s Policy Manager

This summer Strunk has been hard at work making value added changes to enhance all of our applications. Customers will be able to leverage the convenience and organization of Policy Manager now more than ever. Through our next release the solution will now include a suggestions feature, criteria based auto assignment and the ability to automatically make changes to users. Dan Roderick, Strunk CEO, said ‘we continue to improve our solutions monthly based on client input and are pleased to announce these latest updates’.

For users with view only access, we have added functionality to allow them to suggest changes to policy documents via a comment feature within the user interface. This will then allow editors or approvers the option to decide whether or not to implement the suggested changes.

Policy Manager will now support criteria based auto assignment for Reader and Editor Groups rather than administrators having to makes all policy assignments manually. The auto assignment will take place based on defined criteria including any combination of physical location, department, and job role. Assignment of a set of policies and procedures could dynamically change based on these rules.

Updates to user accounts has been streamlined with automation of user changes. To simplify adding new users and deactivating former employees, an automatic user file import can be set up. Once configured, a file containing all current users will be uploaded and processed via a scheduled task.

Policy Manager organizes your hundreds of policy documents spread across different computers and file systems into a single database. It provides a structured, single source of truth for your organization.

Are your User Accounts up-to-date?

Part of effectively using Strunk’s cloud-based Governance, Risk Management and Compliance software is regularly reviewing, maintaining, and updating your user records and access. Our software provides your administrators with tools to make this process easier, rather than updating user records one by one. However, admins always have the option to view and change an individual user’s record and access rights.

A list of all users can be exported as a PDF for reporting purposes. In addition to the basic user information, it also includes each user’s roles and last login. To simplify adding new users and deactivating former employees, an automatic User file import can be set up. Once configured, a file containing all current users will be uploaded and processed on a scheduled basis. This allows you to add and deactivate users in a timely manner.

For other maintenance of existing users, admins can export the current user list to an Excel file. Any necessary updates can be made directly in the file and an admin will import the updated file to make the appropriate changes in the software.

Please contact Strunk Support at support@strunkaccess.com with any questions or for training on these helpful features. It is easier than ever before to keep your information up to date.

Broker Dealers and Broken Controls

Managing a financial advisory or brokerage firm is no small task; from finding clients, to advising the ones you already have, and everything in-between, compliance and governance can be a necessary burden.  While going through the vast regulations that shape the industry, the specific tasks of testing, preserving and repeating, are often asked.  Most firms utilize Excel, Word documents, and PDFs to build out their internal policies and controls in response to these regulations.  Almost all of these controls have a quarterly, bi-annual, or annual requirement to report activities, statements, or other documents to a host of stakeholders.  While utilizing an established Excel or SharePoint solution may seem like a “good enough” practice, the risk of missing one of these control events can be detrimental to your firm.

With a strong policy management software your firm can update processes to help save time, money, and reduce overall risk.  Strunk’s Controls Manager solution is one of the most intuitive products on the market, unwinding the complexity of your policy and compliance book, so you can automate your policy controls process and operation.  Through the use of a strong organizational system to address your regulatory obligation, your firm will have a more logical and considered approach to compliance, such as a Controls Calendar, enabling your company to effortlessly respond to your requirements.

While a patchwork of common Office tools seems like the easy and cheap solution, the downside risk far outweighs the upside risk.  Strunk can help you manage these risks, and put your firm on a better strategic footing.

No better time to implement a Cloud-Based GRC Solution

Over recent weeks, the ongoing spread of the COVID-19 coronavirus has forced companies around the country to make difficult decisions about how to protect their employees — as well as their communities as a whole.  In an effort to halt the spread of the virus, many organizations are instituting mandatory work-from-home (WFH) policies, engaging with new cloud service providers, and shifting resources toward supporting an expanding remote workforce.  The fast-moving, global reach of the coronavirus has illustrated that a forward-looking approach to risk management is more important than ever. Having a cloud-based tool that streamlines your compliance process should be in all companies’ future strategic discussions.

Strunk offers many great automated cloud-based solutions tools that streamlines compliance and risk management for our clients.  There are many benefits to these cloud-based solutions, especially in today’s environment where some many employees are working from home.  Our software is simple to implement, easy to access, very flexible and is reliable in terms of backing up data for your employees who are at different locations.  Implementing Strunk’s Risk Assessor, Policy Manager, Issue Manager and Vendor Manager software does not require extra hardware or software.  Implementing these tools can be done while business continues as usual which requires no downtime at all.  Strunk has created a new Version 2 of our Risk Assessor which is available to everyone.  Risk Assessor helps our clients complete risk assessments consistent with appropriate regulatory or standards body frameworks in days, instead of weeks.  Clients are able to upgrade for free from Version 1 to Version 2 and Strunk will help transfer results from your current Version 1 assessments.

Given the current coronavirus pandemic, the need for companies to centralize their policies and vendor management is more critical than ever.  Strunk’s Policy Manager software will organize hundreds of policy documents spread across different computer and file systems into a single editable database. With employees working remote, Policy Manager gives employee access to the companies polices for easy access and with the established review dates the system will remind employees to review the policy and make changes.  Centralizing your vendor manager process with Strunk’s Vendor Manager software will automate the process which reduces administrative burden and save time while giving employees who are working remote access to vendor due diligence, providing a practical framework for deciding which vendors to assess in depth, assessing the risks each vendor present, and the monitoring of each vendor performance.

Also, Strunk is offering additional free web training for our client’s employees.  There is no better time than now to get employees who are new or have changed job responsibilities trained on any of Strunk’s GRC software.

Strunk Policy Manager Software Now Includes GRC Policy Templates

In 2015 Strunk launched Risk Manager which has now evolved into a full featured Governance, Risk Management, and Compliance (GRC) solution including Risk Assessor, Policy Manager, Controls Manager, Vendor Manager, Issues Manager, and Skills Manager tools.  Today, as an added service for Risk Manager clients, we are announcing the availability of standard template policies for banks, credit unions, investment advisory firms and broker-dealers.

Policy requirements evolve, and often times organizations find that their existing policy has become outdated, or they don’t have a policy at all to address a particular issue.  No one wants to write a new policy from scratch – particularly regarding a complex issue. So, starting with a vetted template and customizing it to your particular organization is a big benefit both in terms of making sure the policy is complete and saving time. There are a variety of companies that provide policy templates for a fee.  But with Strunk, they are free for Risk Manager clients.

Dan Roderick, Strunk CEO said, ‘Clients have been asking us for quite some time if we can provide them with a specific policy that they don’t currently have in their existing policy manual and each time we would track down a template example for them.  Now we have assembled a database of standard documents to respond to those requests.  In fact, if a client were to ask for an entire manual of standard policies, we can now easily provide those documents.  Policy Manager has been one of the most popular components of the Risk Manager solution – it was the first module we developed five years ago.  This should be a valuable enhancement to our GRC solution.’  The current COVID-19 crisis is one example of an event that can create a need for a new or more thorough policy.  The Pandemic Policy and Plan documents have been frequently requested during the past month.