In this episode, Dean Stockford and Len Suzio discuss what compliance risk management should look like in 2026 as financial institutions face rising fraud, cyber threats, AI-related risks, third-party exposure, and an uncertain regulatory environment. Dean argues that compliance functions can no longer remain purely advisory and instead must evolve into active risk management and oversight roles, with stronger risk assessments, enhanced monitoring, root-cause analysis, more targeted training, better frontline tools, and closer alignment between risks, controls, and institutional risk appetite. He emphasizes that a strong compliance culture begins with understanding the organization’s structure, risk tolerance, and operational realities, then building a more robust compliance management system around those insights. The episode closes with Dean’s view of the biggest compliance risk areas in 2026, including data privacy and cybersecurity, AML/CTF, digital banking, AI compliance, third-party risk, regulatory fragmentation, and the growing cost of top-tier compliance talent. Brought to you by GeoDataVision and M&M Consulting

Len explains that the OCC issued a December 18, 2025 proposal to create a “Simplified Plan Process for Community Banks” to make the CRA strategic plan option easier, but he believes its real value extends beyond banks using strategic plans because it reveals how regulators think about “Satisfactory” and “Outstanding” performance under normal CRA standards. The proposal distinguishes between “custom” bank-specific goals (which Len says offers little practical guidance) and “elective” goals, which are quantifiable targets drawn from approved plans and OCC supervisory experience. Len highlights that the most useful—and historically murky— CRA test is Community Development. The OCC's proposal provides explicit benchmarks for CD lending, investing, combined lending/investing, and CD services, using ratios tied to Tier 1 capital or total assets (including notably lower investment thresholds when a bank relies heavily on donations, acknowledging their significance). He notes the proposal also introduces measurable expectations for CD service hours per employee, while offering little new insight on traditional lending tests. Although the OCC states elective goals are not “safe harbors” and not formal benchmarks outside the simplified process, Len argues they align with what regulators historically expect and can help CRA officers set internal performance targets; this is where you would provide a linik to the 67 tests, performance standards and ratings. https://geodatavision.com/content/occ-proposed-elective-goals-for-cra-strategic-planning/ Brought to you by GeoDataVision and M&M Consulting

This podcast episode discusses the alarming rise of cyber fraud in financial institutions, highlighting that global losses exceeded $1 trillion in 2025 and AI-powered attacks increased by 93%, including deepfake videos, voice cloning, and sophisticated phishing campaigns. The hosts explain that financial institutions are investing heavily in fraud prevention technologies such as AI fraud detection, predictive analytics, Open APIs with Agentic AI, and solutions like Glassbox that analyze user sessions for anomalies. They emphasize that combating this crisis requires a collaborative approach between financial institutions, tech companies, law enforcement, regulators, and third-party providers—noting that no single entity can win this fight alone and that information sharing, best practices, and enhanced training are essential for protecting customers while maintaining a positive user experience. Brought to you by GeoDataVision and M&M Consulting