Thomas Grundy | Wolters Kluwer
  • Wolters Kluwer Financial Services Banner Image

Our Experts

  • Thomas Grundy, CRCM

    Thomas Grundy

    Senior Director, U. S. Advisory Services

    Tom Grundy joined Wolters Kluwer’s U.S. Advisory Services group in January 2013. With over 33 years of experience as a former federal regulator with the Office of the Comptroller of the Currency and Federal Reserve Board, as a financial industry compliance professional for banking, mortgage and fintech financial service providers, and as an advisory consultant to a wide-range of clients, he leverages his experience advising compliance and risk management executives on solutions to effectively manage risk in a complex and rapidly changing regulatory environment.

    Grundy has a broad-base of expertise including assessment and development of Compliance Management System (CMS) frameworks; compliance program gap analysis, development and implementation; risk governance processes; applied risk assessment methodologies covering consumer protection laws and regulations, fair lending, UDAAP, and BSA/AML; compliance training; pre-charter conversion reviews; and regulatory examination management and response. Throughout his career he has had the experience of assessing compliance with, as well as first-hand application and implementation of a wide range of laws and regulations applicable to lending, deposits, electronic banking, consumer and enterprise information privacy and security, trust and fiduciary operations, the Community Reinvestment Act, and the Bank Secrecy Act.

    Grundy is a graduate of the University of Kentucky, the Graduate School of Banking at the University of Wisconsin, and the American Bankers Association National Graduate Compliance School. He is a Certified Regulatory Compliance Manager (CRCM).  In addition, he has authored published commentaries and served as a speaker at industry conferences on a variety of regulatory risk and compliance management topics.

  • Insights

    Sort By: Sort Order: Results Per Page:
    1 to 9 of 9
    Is Your Mortgage Servicing Program CARES Act-Compliant?
    (Published June 8, 2020) The current crisis presents potential financial challenges to borrowers; the CARES Act Section 4022 and 4023 are intended to provide some measure of related relief. However, there is a risk of confusion for borrowers, lenders and mortgage servicers. Read more to better understand how agency guidance factors into the equation.
    Paycheck Protection Program and Bank Secrecy Act Compliance: Be True to Your Risk-Based Program
    (Published May 11, 2020) In lenders’ rush to get PPP loans to small businesses, there have been obvious concerns that funds could be accessed by bad actors poised to take advantage of vulnerabilities in the program. Wolters Kluwer expert Thomas Grundy addresses those concerns.
    Basic Concepts for Managing Third-Party Risk
    (Published October 16, 2019) In this National Mortgage Professional magazine article, Thomas Grundy elaborates on the various risks that may emerge for financial institutions—operational, credit, compliance, reputational and strategic—when there is misalignment of goals between an institution and its third-party partners.
    ECOA Baseline Basics…Getting to Know Your Fair Lending Program
    (Published January 11, 2016) In this article, Tom Grundy a Senior Regulatory Consultant at Wolters Kluwer provides a high-level walkthrough of the ECOA Baseline Review (“Baseline”) with respect to fair lending, published by the Consumer Financial Protection Bureau (CFPB).
    Third Party Vendor Management: Taking Due Diligence and Oversight Beyond the Checklist
    (Recorded June 4, 2015) Third-party vendor management has become one of the most hotly scrutinized management issues in the banking industry, and several recent high profile security breaches have brought sharp attention to vulnerabilities created by engaging third parties. Banks have responded by putting in place oversight measures focused on addressing the potential gaps and pitfalls outlined in regulatory guidance from the OCC, Federal Reserve, CFPB and the FDIC. But do those measures go far enough? This session outlines the need for differing risk approaches and, based on a recently completed survey of over 200 bank executives, details how leading banks are managing due diligence and ongoing oversight of third-party service providers to minimize risk exposure. View a recording of this webinar to hear about emerging areas of risk, approaches to monitoring exposure, and insight into how your peers are approaching third party relationships.
    Heightened Expectations for Some—a Message for All to Consider: The Evolution of the 3 Lines of Defense
    (Published April 23, 2015) Mark Twain once said that, "Climate is what we expect, weather is what we get." The words and wisdom of this great American author and humorist succinctly describe the mindset and experience leading up to and following the most recent global financial crisis. From what seemed like endless sunny days of possibilities for an economy riding the real estate boom, the weather took a significant turn. Whether your institution falls under the direct coverage of the OCC's late 2014 Guidelines, risk management practices in all aspects are being scrutinized across the industry. The concepts covered by the Guidelines provide a good indication of what regulators might consider when reviewing your risk management practices. You can expect that your system of checks and balances along the three lines of defense will be reviewed by your regulator like never before. In this white paper, Mr. Grundy discusses how risk governance frameworks should be developed with a view to addressing risks relating to the core categories of risk by each of the three lines of defense.
    Compliance Zen: Finding the Path to a Strong Compliance Management System
    (Published April 2015) The Federal Reserve Board expects that institutions embrace a top down culture of compliance. Learn how financial institutions can move beyond “mere compliance” and find their path to a stronger compliance management system.
    Risk Management: Best Practices for Effective Monitoring and Testing
    (Recorded April 22, 2014) Ongoing monitoring and testing of controls is a critical component of your organization’s Enterprise Risk Management program. Identification of controls, attestation of key controls and testing of control efficiency are intertwined with the risk management program and should be conducted in harmony across the organization. View this recording to learn best practices for breaking down organizational silos and achieving a “Zen-like” control environment which is proactive, informative and timely.
    How to Adaapt to UDAAP Staying Out of the Headlines
    Unfair, Deceptive or Abusive Acts or Practices (UDAAP) is one of the most talked about compliance issues today.  Three key activities from the CFPB specifically have provided greater guidance and insight and this whitepaper considers each of the events and what they indicate for the future of the financial services industry and how they are actionable today. If an institution has not already taken a look at where it stands with respect to UDAAP, the time for action is now.  The key to establishing an effective UDAAP compliance program within the framework of a compliance management program is having strong controls. When reviewing compliance efforts with respect to UDAAP, there are a few key risk areas to focus on: Advertising and Solicitations, Loan and Account Disclosures, Servicing and Collections, and Third-Party Services Provider Oversight. Many institutions are struggling with UDAAP compliance due to its highly subjective nature—understanding where you stand with efforts to comply requires introspection and careful analysis of internal and external communications.