As the director of compliance at $739 million-asset Reliabank in Estelline, South Dakota, Ann Buckmiller is required to stay on top of any and all changes to laws and regulations related to banking. That’s been a challenge, especially recently.
“The last two years have been very interesting, to say the least,” says Buckmiller. That’s been due largely to regulation and guidance issued within that time period, and then a new presidential administration “changed the pendulum so it swung in the other direction,” she explains. “It’s very much a fluid situation.”
At the same time, community banks have been deploying digital technology to provide customers with better, faster services, which opens the door for more regulatory and compliance complications.
“As bankers get a little bit more strategic about the solutions they’re providing to their customers, it naturally lends them to be more digital savvy, and the digital world itself introduces a whole other level of complexity for oversight and compliance,” says Charles Potts, executive vice president and chief innovation officer for ICBA.
Regulatory technology, also known as regtech, can help address challenges that arise with the changing tides of compliance.
Operational challenge 1: Time concerns
Instead of trying to pull all information on all things from different sources on her own, Buckmiller uses third-party vendors to “summarize everything in one area for me,” she says.
She logs into a portal to see important news, like what regulatory guidance has been issued, changes, and new and final proposals. “They can summarize everything and put it into a one-stop shop,” she says of the solution.
She supplements that information by reading ICBA’s NewsWatch Today emails to stay on top of any major announcements, news from the presidential administration or whatever else she needs to know.
Operational challenge 2: Staffing constraints
Even as COVID-related work shortages have eased, staffing continues to be a challenge, says Potts. That not only leaves banks shorthanded but can also stifle growth. If the “staggering amount” of regulatory compliance paperwork that banks have to do every single day can’t be done, he says, any growth is stopped before it starts.
Automation can help, taking rote, mundane tasks off the plate of compliance professionals. “I can free up my very valuable and knowledgeable people to do valuable and knowledgeable things,” says Potts.
Operational challenge 3: Risk mitigation

The last thing a community bank wants is a security breach. Regtech can help community banks find and close security gaps, says Elaine F. Duffus, senior specialized consultant in the Compliance Program Management program at Wolters Kluwer.
“It’s easy to do a map and gap,” she says. This work identifies where a cybercriminal could get in—and not just once, but in a continuous process, with automated reports keeping compliance and cybersecurity professionals informed. “If there’s an area that can be breached by a fraudster, you’re going to see it quicker if it’s automated than you would if it’s not.”
Additionally, every time a community bank partners with a third-party vendor, it could be opening the door to whatever risks and cybersecurity gaps those vendors have within their own systems. Regtech can help with vendor management due diligence, says Zach Duke, CEO and cofounder of Finosec.
Each vendor might have hundreds of pages of documents in their due diligence packets. Regtech can “help assess risk automatically based on the function of the solution,” Duke says.
For example, something handling customer information would get a different assessment than something for back-office operations. Regtech can help manage what information a community bank would share with a vendor and vice versa, and if a vendor is a possible risk, a bank can help them address it.
Operational challenge 4: Lack of uniformity
It’s never a good look if one person at a community bank says one thing and another something else, or worse, if different employees apply the same policies in different ways.
“You’re taking massive amounts of documentation that the regulatory agencies have produced on practices and policies and procedures,” says Potts, “then you’re taking the bank’s own policies and procedures, and you’re trying to ensure that everybody is performing uniformly across the organization.”
An AI solution could help “making sure that a bank’s policies and procedures are uniformly applied across the enterprise,” says Potts. “Every employee inside the bank is seeing the same information and applying it correctly and uniformly.” That way, they can also give customers the same answers too, “to ensure I have uniformity across all of my practices.”
More from ICBA
Looking for answers to all your regulatory questions? ICBA’s Compliance Vault can answer them with its Q&As, eLearning courses and thought leadership. icba.org/compliance-vault