Working with banks on strategic planning and delivering on those plans for many years, I’ve experienced the critical importance of effective governance, risk management, and basic blocking and tackling for management and directors is fundamental and key to success. We are constantly reminded with every announced memorandum of understanding, cease and desist order, employee or director banishment, and the final straw, an institutional failure, that shortcuts never work in the industry. Strong fundamentals work.

The corporate shield isn’t always a failsafe for leadership. Board members and executives can be held personally liable for grossly negligent actions, including ignoring or failing to manage their institution. Issues can run the gamut from bank board policies to executive inaction. A recent example is the FDIC considering legal action against several former bank officers and directors for “breaches of duty” related to managing their bank’s finances. While we won’t know the specifics of enforcement until after Inauguration Day, the FDIC board’s vote suggests a tough stance against the individuals named. This would not be the first time bankers went to jail, nor would it likely be the last.

Bankers must be prepared for all scenarios because, when things go wrong, there is no one else to blame. For the bank’s sake and leadership’s peace of mind, a New Year’s resolution for boards and management should be to assess their institution. Review corporate governance and related frameworks as well as all policies. They should also ensure a leadership team that prioritizes its fiduciary duties to the bank, its shareholders, and its customers. This duty extends informally to the financial system and peers, who bear the cost of failures and face the risk of contagion from large, public incidents.

It all ties back to business planning. The board should have a robust framework for reviewing and management of governance and risk, and senior management should execute while preparing for special cases. Banks need a clear governance structure with extensive oversight and defined roles and responsibilities. The board should define acceptable risks grounded in a thorough risk management framework, and managers should implement mechanisms for monitoring and managing risks. Leaders must always act in good faith based on their fiduciary duty.

A strategy is a living framework that the board should update regularly in response to market and organizational changes. It should reflect the bank’s purpose and core values, strengths, weaknesses, opportunities, long-term strategic goals and priorities, resource allocation, and risk management associated with the plan.

A risk management plan is a part of the strategic plan. Outlining the identification, assessment, surveillance, and mitigation of risk is crucial to an effective strategy. It should cover risk appetite, governance, and culture. The board should revisit the plan annually to reflect the bank’s performance and the changing risk environment. A key part is clear risk management roles and responsibilities.