Exploratory Call

Notifications & Disclosures Impacting Compliance, Strategy, and Operational Risk to your Organization

by | May 30, 2025 | Business | 0 comments

As mentioned in the blog dated 04/29/2025 entitled, “To Understand Risk is to Understand People”, we highlighted 16 activities which could hinder a company’s ability to achieve their strategic goals and objectives.  Today, we will discuss the third (3rd):

Notifications & Disclosures

Daily, we as customers receive various notifications and disclosures from various sources and for a variety of reasons.  In discussing with my family and friends, in many cases, these notifications and disclosures are not reviewed nor the purpose and impact related to their receipt, acknowledgement, or acceptance understood. Personally, I will admit to being 100% guilty of having acknowledged or accepted without fully reading them myself and will share below a few instances this impacted me to my detriment, unfortunately! In many cases, my perspective, is we acknowledge and accept without question or reading for various reasons including but not limited to: 

  • Trust in the individual / company (e.g., doing business with a family member, friend, licensed professional, etc.)
  • Functionality of the product or service (e.g., phone app/tool features we want to utilize)
  • Requirement of the product or service (e.g. application processing).
  • Volume in receipt (e.g., number of documents from a particular company).

While the importance of the notifications and disclosures is a company/employee-imposed compliance activity and the customer actions are understandable, to assess customer impact significance, from my perspective, the notification and disclosure categories can be bucketed to include:

  • Documents received by a customer with the purpose of informing them of a company/employee-imposed business decision
  • Documents received to enable the customer to make modification/changes to a particular transaction
  • Documents received which provide contractual obligations (e.g., terms and conditions, privacy, transaction rights, etc.)

Now let me share a few personal examples to demonstrate the customer impact of based on a company’s/employee’s actions and customer impact: 

  • Last year, we acknowledged a package containing a real estate contract offer with the combined associated contract “Terms and Conditions” inclusive of an arbitration clause buried toward the last page of the package.  While I personally reviewed the actual financial offer terms and had suggested changes to the contingency clause and financial terms, we ended up not making any of the modification to the contingency language or financial terms nor did we read the remaining ‘terms and conditions” due to the agent’s feedback to us, our trust in her active, real estate license, as well as belief what we were acknowledging was standard real estate terms and conditions. Later we learned the “Terms and Conditions” language – specifically, the arbitration clause – had been modified from standard language leading practice without the agent making us aware of the modifications and the way the agent worded the contingency clause language and arbitration language prevented our ability to take cost effective legal remedies.  Ultimately, we were not licensed real estate nor legal experts so relied upon the licensed company/employee hired.
  • Recently when applying online for a small business account, the application was unsuccessful.  Unfortunately, I was not informed of the reason until over a week later when receiving a letter in the mail explaining the bank was unable to do an identity validation check due to my credit being frozen; however, this notification/disclosure was not communicated at the time of my online application or else I would have temporarily lifted the credit bureau freeze to allow the validation process to occur and continue processing my account application.  Ultimately, I was not made aware of the online requirements timely to allow actions to be performed enabling the activity to continue processing.

 

  • In the two above examples, you can see in both cases the compliance activity related to the actual notification and disclosure as well as acknowledgement, acceptance, and receipt was performed; however, the impact to the customer in both cases was significant and other company risks were unmitigated.  Specifically, other company risks unmitigated include: 
    1. First example, compliance risk due to activities being misleading, unfair, and deceptive 
    2. Second example, strategic and operational risk since activities impacted achievement of opening a new small business banking account impacting revenue/income growth 

While activities carry different customer impact significance and different company, employee, and customer risks, questions a company/employee might consider in execution of activities include but are not limited to: 

  • How transparent is the information being provided to enable a common individual (i.e., uneducated in the subject matter) to understand the impact of the document upon receipt or prior to acknowledgement and acceptance?
  • How is the information being communicated?
  • How is the information accessible?  
  • How timely is the information being provided to allow action to be taken (e.g., transaction sale and/or terms modification)?
  • Who has authority to approve modifications to standard factors?
  • How are employees educated should modifications to standard factors be made?
  • How are significant factors or modifications to standard factors (e.g., terms, liabilities, clauses, etc.) communicated and/or highlighted?
  • How are modifications to standard factors monitored to assess potential compliance concerns (e.g., unfair or deceptive activity)?
  • How are employees held accountable should activities not align to company expectations?

To me these are important questions for a company to consider not only to achieve compliance but also from a strategy and operational perspective!

In summary, as a company considers the above questions while assessing the Compliance, Strategic, and Operational risks, a good starting point would be to assess from each perspective, includes:

Company

  • What risks are attempting to be mitigated based on each type of notification and disclosure?

Employee 

  • How knowledgeable are they around the risks and impact to the customer around each type of notification and disclosure?

Customer

  • How do they become educated on what notifications and disclosures impact them the most?

As always, EROS would love to strategize and elaborate on risks as customized to your company’s specific strategy and activities.  Please contact us today!  

Cindy Hart, EROS Founder and CEO

Book An Appointment I EROS LLC I LinkedIn  

 

 

 

 

Submit a Comment

Your email address will not be published. Required fields are marked *