Session Recap: Compliance Collaboration: Key Takeaways from Ami Iceman-Haueter at Future Branches Boston 2025

2025, Future Branches Boston 2025, Keynote: Bringing Your Compliance

Eric Hilaire, Co-Founder, VaultRight: Next, I'd like to welcome up on the main stage, our next keynote speaker. Oh yeah, grab that. I'd like to welcome up our next keynote speaker. Her name is Amy Iceman Hower, and she is the Chief Experience Officer at MSU Federal Credit Union. Welcome. Thank you.

Ami Iceman-Haueter, Chief Research and Digital Experience Officer at MSU Federal Credit Union: Good morning all. I'm so excited to be with you today. And following two other high energy presentations. I will try and keep the good vibes going when we talk about the glittering and exciting world of compliance, it and legal. First of all, I get to ask this first any compliance side to your legal friends in the room.

You are so appreciated and we love you very much. And that genuinely, but. Sometimes, especially in experienced land, these things feel like they conflict, right? Trying to create a really great experience for members or customers can sometimes conflict with what we are legally required to do to protect our institutions and all of those individuals that we care so much about.

So today I'm gonna talk about how we've built a system to bring those very appreciated partners along on the ride, but also to make sure that we're hearing them. And including their insights in what we're building day to day. If you have seen me speak before or if I've had the pleasure of speaking with you before, you may have seen this slide.

This is our process as we move through innovation projects, rolling out new technologies, how we bring on partners. If you don't wanna listen to anything else, I have to say, this is a good one to take a picture of. I will also have another fun thing at the end for you to take a picture of and then you can tell everyone.

You got something outta the conference from at least what I've shared. But these are the steps that we go through on a regular basis to evaluate how our partnerships are working. So I want you to take a good look at this slide and tell me where do you think we bring. IT and compliance in on our process.

It is in fact a trick question. It is on all of them. So everywhere there's a star is where we have our legal IT and compliance teams participate alongside our experience teams, our innovation teams, and all of our specialty teams. That's a lending project or all of that. And this is important because.

When we started this process five years ago, we did not do this right. We built the idea, we created the concept. We talked about what is the experience for the member and all of the cool things and shiny things that it could be, and then we'd get somewhere around the three or four. Mark on this process and realized we hadn't included the appropriate people in the conversation to make the experience viable.

And that's the important thing, right? You can build the coolest, most awesome, shiny thing, but if it is against compliance, if it puts your IT security at risk, or if your legal team can't get to a happy medium with the partner or vendor you wanna work with, it doesn't really matter what cool thing you built was.

So we're gonna take a couple steps through how we've navigated this, where we include our friends and how that has worked out for us in getting some of the success that we've had in our innovation and experience teams. Our main goal as an organization, as a total, meaning our entire leadership teams believe in this concept.

And I say that because the most common question I get across the board is. I don't get buy-in from our leadership, or I can't get X team to join me on this journey, or they don't see the value. So if we have all decided that we're gonna try to get to yes, how do we get to, yes. It doesn't mean that you have to say yes to me first.

It doesn't mean that my idea is automatically winning. It just means instead of starting with all the reasons we can't do something or why it won't work, or the risks associated, that would stop it in its track. Can we talk about how we would get to Yes. So this is really the fundamental principle that we've adopted at the credit union to keep these things moving.

The next big principle that we've bought into is to listen and to learn. This is where a lot of friction points happen, right? So I had said before when we first started our process. We would do all this fun, shiny build stuff and we'd bring our compliance friends in and they'd tell me all of the ways I needed to show the disclosures and how many clicks I needed to get through, and how we needed to log that information on the backend.

My legal team would tell me that there's this huge flaw in the vendor's contract or that we couldn't roll things out. And all I was hearing was no right. You are telling me that this really cool thing that's gonna make a great impact and have huge ROI isn't sustainable. But what I wasn't hearing was all of the reasons we were putting ourselves at risks and the reasons that when we came to have.

An audit done or when the NCA, because we're a credit union, came to talk to us that they were gonna be put on the hot seat to explain how we got this far without addressing these things. So we took a big step back and decided we were gonna start here. Let me understand the things I need to include to make sure that I am compliant, to make sure that we are secure, to make sure that the systems can talk to each other the way they're supposed to.

And then let's build the bright, shiny thing. And there's a concept in innovation where it's not boundaryless, right? So we always say dream big, think outside the box. Sometimes our most creative solutions come from when we have the boundaries already in place and we work within those systems. If we listen to understand each other, and I'm explaining to you the ROI of what this valuable product can produce, and you are explaining to me all of the things that I need to keep in mind while doing this and making sure that both of us have those things on the table from the beginning.

We can get to an understanding and then nobody feels left out of this. Experience, right? Because now we've all built this together and you have buy-in to an equal amount that I have buy-in to make this happen. But it also sets us up for the more regular conversations as we're building it to talk about how to get to, yes.

Because anyone who's ever designed a digital experience knows that. My least favorite part, I'll say mine, but I hope it's also yours, is figuring out where the disclosures live. How do I get members through 80 pages of content when I just want them to do three clicks so that they can have a product that's gonna change their life, right?

That's like where my brain lives. If we can get to an understanding, then we can work on what the experience can be to meet the necessary requirements and get to that experience that we've all dreamed of. This has helped a ton, and this seems super simple, but it is in fact what keeps us all on the same page, setting a target, especially when you're introducing a new product or service.

Explaining the goal, setting an ROI, demonstrating the gain also helps some of our more logistical teams understand the value of what we're trying to achieve. And so setting those goals and then measuring them for everyone to be on the same page also means that if something doesn't work, we can say no together.

But if something is working really well and there are hurdles. That we need to navigate from an IT standpoint. For example, we now know the value of figuring out how to cross those hurdles instead of just saying no because they exist. That's where we find the gap, right? So we've tested, we've done the experimentation, we understand what we're trying to get outta this product.

We have the potential for this huge ROI, and then collectively we've identified the gaps between what we need to succeed from a compliance and regulation standpoint, maybe where our technology stack is ready to adapt to these types of ideas, and then how do we get to that next step? But this is where we do it together, right?

So at the very beginning I showed you, we bring them at every step. When we talk about this as a team, they get a say in what the gap is to. So it and compliance legal also get to weigh in on how big is that gap to cross? Do we understand the risk and the mitigation of what we are trying to do next for when we're getting creative?

Because we can solve this. If we start with how we get to yes, because we think this is something we wanna pursue, we will have to get creative. This is also an important part of where I started by saying, if your leadership team is not on board, this part gets harder. Because if you're not on the same page about what your risk appetite is as an organization, if you haven't agreed upon how you're gonna mitigate and document the steps that you've taken.

This gets very confusing because you can come up with a million solutions to cross these things off your list to clear the hurdles, but if not everyone's on the same page, most likely this project is not gonna be sustainable in the long term. Or it may never see the light of day because we're gonna get hung up on how to bridge the gap because we haven't all bought in to what the value of the project is.

At some point, we then have to make the choice right together as a team, whether it's your executive leadership team who's decided this is our risk appetite. So if you haven't done that exercise as a collective whole, I highly suggest it. It was very informative to our group to understand we weren't really that far apart.

We all want the same things. We just see them in different capacities because when we have questions asked of us by regulating bodies or from membership, we are all coming at that from a different experience. I have to answer to the members when we have outages on our app or when something is broken and not performing the way they want.

But my compliance and regulation team has to answer to the NCA when it's not built to the extent that they're, excited about or when they have questions about what decisions we've made. We are all looking at it from those perspectives. So if we make the choice together and say we are going forward, this is how we want to move the needle, this is the ROI we can gain, and here are all of the steps that we've had to take to get there.

We create Brian from the top all the way through our teams. We've also invited that feedback at every other stage that I've explained to you to make sure by the time we get here, no one is putting their hands up and saying, wait, I didn't understand. What we were trying to accomplish. This is a big part of the structure we've built.

It's at the core of that first process slide I showed you is we all agree this is how we're going to go forward. And we spent a lot of years working on that. And so I'm not gonna pretend that we just sat in the room and all of the executive team and our VPs, our AVPs and our managers were like, oh my gosh, what a great idea.

Let's just do this. I would love that. That is like my dream state, but it's not how that happened. But we've done this now for five years together. We worked through all of the pain points. So when we get to these final choices, the teams have confidence that we did not just throw spaghetti at a wall and pick some random projects to go forward with the leadership.

Have confidence that the teams did the due diligence that they needed to in all of those other steps to make the right choices for the project. And when we get to a point, because we have gotten to the point where the answer is no, sometimes it is just no, sometimes it's not viable yet, and that's okay.

Sometimes from a security standpoint, I would always rather make sure my members are secure than I would have the shiny thing, because I can't build back reputational damage as fast as I can build the next cool, shiny thing. Sometimes the choice has to be no. And because we did all of that work leading up to it, when we make that choice, we've done it together and it won't feel as isolating to the next group of people who have to sometimes say no.

We do try to get to yes, because I don't wanna be a downer, so we're gonna stick with how do we get to Yes. As the main goal. At the very end of this, what we have decided is that we are a team. We are collaboration. First it can be no sometimes, but at the end of the day, we are still a team and the next project will come and sometimes I need my teams who feel a little bit more hesitation with the risk to understand that we've mitigated and documented and have all of the pieces in place to bring them along on the journey.

And that they feel confident that we did that for them as well. So I know I've lumped a lot of the wes together. I operate from a we mentality, but there's an important part of this where every phase has a different player. So I did bring a little case study. Please meet Fran and Jean. These are our virtual assistants.

So Fran is our member facing virtual assistant. She handles, with a about 92% success rate. 23,000 chats a month from our members. She falls back to my live chat team and to get Fran stood up, we went through this entire process. Now, Jean is our internal virtual agent. They support our employees. They do all of the work in terms of searching our databases.

They're like our internal Google, right? They can search all of the things. Why I'm sharing both of them with you is because Gene provides a really exciting opportunity for Fran in that gene is a safe place for us to test. So when we started working with our compliance and legals team, obviously there was a lot of legal to navigate with our partner.

We used to partner called Boost ai and the contract alone to get these bot alive. Alive. They're not alive to be super clear after all of the A content, AI content. But to get them running. It took a long time, but we also were very thorough that we were both getting what we needed. And by both I mean that the partner was understanding our legal requirements and that our legal team was being sure that as we navigated a really big project, we were protected.

And that might have taken a long time, and I will, I can promise you, I was probably not my best self during the six months that we navigated this contract negotiation. But once we got there. Everyone was happy and it was worthwhile because we've now had both of these bots for five years and a partnership that has stood the test of time because we took the time with the legal teams to make that possible.

But now Gene exists and I can start testing, which made compliance really happy because now in this interface, gene is all internal. Everything Gene knows everything. Gene operates off of lives inside my credit union's walls. So every time I roll out new technology, my IT team is happy. Because we can test with Gene.

How is it gonna perform when we roll it out to members? When Fran can do the same thing Gene does, what will that look like? How does that work? I'm not saying you have to get two bots, I'm just saying when we have these test spaces, it made everyone else feel more comfortable in the bigger leaps we were taking.

So we have rolled out large language models with Gene. We have generative, active generative actions with Gene. Harder to say than I was planning. But in any case, we're in a play state with Jean so that I can get to this state where Fran can have advanced servicing. She can already authenticate members, she can already do transactional things on the backend, but we weren't quite comfortable without knowing how that consistent performance would look.

So we took the time to listen and understand what it and compliance needed. And what I was gaining, trying to gain from this experience to roll it out. So in doing this, we were able to really demonstrate, not only have we navigated the partnership internally, we found great success with our partner, but we also had ongoing and regular conversations about their growth.

Because on day one, Fran was just essentially an FAQ bot, right? She could just answer the basic questions, which by the way, this, the number one question four or five years is still what is the routing number? So some of this is never going to change what is the routing number and how do I get into my account?

Are her top two questions always? How do I reset my password? But she can have potential to do so much more. And because we are working on testing that and proving it out and understanding what our IT team needs to bring to the table, how we're reporting and documenting for Gene in this process, we've created our AI policy.

So we've already done some of the legwork that's been discussed over the last two days. These types of projects where you really do need everyone at the table to scale them are a great example of the opportunities that you can gain by making sure that legal, it and compliance are at the table with you the whole time.

Because they have grown to be able to serve our membership in ways that my human chat team could never, fran is available 24 7. She serves people overnight that we weren't doing before. My live chat team now handles. Much more complex opportunities. They do a lot more in relationship building. We do a lot more cross-selling, and Fran is answering hundreds of times a day.

What is your routing number? And other really cool questions, but it never ceases to amaze me that's the top one. So it's just an example that I wanted to share because it's relevant to what we've talked about at this conference, but it's also relevant in talking about what the relationship between all of our teams need to look like.

Because I will own, and this is just a me personal thing, I can get really excited about the potential of something and really deflated when they say we can't do that because of. But once we shifted to that narrative to we could do it if we, on both sides, then it became more collaborative as opposed to someone always bringing a cool, fun idea and then being told no.

Or someone feeling like they always have to be the bad guy because they have to bring the logistical parts to the table and that's not as fun as some of the other things may appear. So across the board, my main message to you is just keep stretching. Work on this together, understand the importance that we all have as a collective team, and figure out how to repeat that process.

It doesn't have to be what I showed you at the beginning. It can be whatever works for your team, but at the end of the day, if you're doing it together, it will be more successful over time. So I always try to end with the five takeaways. This is just really a summary of what I've shared with you today, is trying to find that common ground and listening to understand.

To set the boundaries first and build within them instead of building outside of them and then trying to shove it all back in. Set the goals and measures so that you can prove to each other and to your membership base that this was valuable and worth the time and effort and energy you put in, or so that you can decide early that it's not.

Get creative about bridging that gap. Build trust for your teams, and then change the narrative from everyone coming to the table with just their goal or their responsibility. To how do we get to yes, even if it is sometimes no. And then a somewhat wise person said, compliance ensures that the experience still gets to exist.

And I try to remember this every time I start. Project says, if someday we don't listen to our friends in these areas. We don't get to do the cool thing anymore because we will have either lost reputational risk, we will have broken some kind of rule that we shouldn't have, and then be paying fines or be tied up in legal fees.

And if you are paying legal fees, you don't get to invest in the technologies that move your organization forward. So that somewhat wise person is me just now to you. But you can also insert anything where compliance lives, right? So legal ensures that we get to exist. It ensures that we get to exist.

All of these partners are enablers for our experience. Enablers is a weird word, but I'm going with it. They make sure that we get to do the cool fund stuff in a secure way so that in three years we still get to be doing the cool fund stuff and it's just important that we don't ignore their investment in what that looks like for us to succeed long term.

So that is my time. I appreciate you. Allowing me to share our journey with you. If you do have any questions, I'll hang out for a little bit afterwards. But thank you all for letting me join you today and have a wonderful rest of your day.