The Office of the Comptroller of the Currency reports that strategic, credit, operational, and compliance risks remain top concerns in its “Semiannual Risk Perspective for Fall 2016.”

The report, released on Jan. 5, focuses on issues that pose threats to the safety and soundness of those financial institutions regulated by the OCC and is intended as a resource to the industry, examiners, and the public. It covers risks facing national banks and federal savings associations based on data through June 30, 2016. It presents data in four main areas: the operating environment, bank performance, trends in key risks, and regulatory actions.

Highlights from the report include:

Strategic risk remains high as banks consider business model changes and face challenges in growing revenue. Strategic planning remains important as banks adopt innovative products, services, and processes in response to the evolving demands for financial services and the entrance of new competitors, including out-of-market banks and financial technology firms.

Banks continue to ease underwriting practices to boost loan volume and to respond to competition from bank and nonbank lenders. These actions are evident in commercial, commercial real estate and auto lending. The level of risk is increasing due to increased risk layering, rising loan policy exceptions, increasing loan-to-value ratios, and weaker covenant protection.

Operational risk remains a concern as banks face changing cyber-security threats, increased reliance on third-party relationships, and address the need for sound governance over sales practices.

Banks face challenges meeting the integrated mortgage disclosure requirements and amended Military Lending Act regulatory requirements, the latter of which compliance was required by October 3, 2016, and managing Bank Secrecy Act risks.

“While these concerns are broadly the same as in our prior report, we’ve added governance over sales practices to that list,” Comptroller of the Currency Thomas Curry said in a statement. “As I testified this past September after the OCC’s actions against Wells Fargo for failures in governance of its sales practices, [we] initiated a broader review to assess whether similar practices and weaknesses are occurring in other large and midsize banks. Work on the review continues.”

Curry stressed that strategic risk “remains a key risk for banks of all sizes.”

“Banks are adopting more innovative products, services, and processes in response to the evolving demands for financial services and the entrance of new competitors, such as out-of-market banks and financial technology firms,” he said. “In addition, some banks are considering business model changes, including mergers and acquisitions, as they search for acceptable returns in a prolonged environment of low interest rates. And, in some cases, banks face issues with succession and long-term planning.”

The noted increase in credit risk highlights the necessity that banks maintain appropriate level of loan loss reserves. “Recent supervisory activities have identified weaknesses in reserve method at some banks, specifically the inadequate consideration of rapid loan growth, greater concentrations of credit, and a higher risk appetite and tolerance for underwriting exceptions,” Cury said.

Operational risk “also remains high on our radar as banks adapt business models, transform technology and operating processes, and respond to increasing cyber threats,” he added. “Well-publicized breaches have made cyber-security a household topic, and banks and regulators must continuously up their game to protect against the latest cyber-attack and ensure they are capable of maintaining their operations and recovering in the event that an attack does occur.”

Curry noted that compliance continues to be a challenge for many banks, particularly with the Bank Secrecy Act and the change management necessary to comply with new or amended regulations.

“Compliance must receive the same focus as safety and soundness for a bank to succeed, which is why last year we created a new executive-level department dedicated to compliance policy and supervision,” he said.  By focusing OCC resources on compliance, we send a clear message of the importance of compliance and ensure issues are addressed appropriately in each exam to ensure fair access and fair treatment of consumers and compliance with other applicable laws and regulations like BSA.”