Skip to main content

Looking for Valuant? You are in the right place!

Valuant is now Abrigo, giving you a single source to Manage Risk and Drive Growth

Make yourself at home – we hope you enjoy your new web experience.

Looking for DiCOM? You are in the right place!

DiCOM Software is now part of Abrigo, giving you a single source to Manage Risk and Drive Growth. Make yourself at home – we hope you enjoy your new web experience.

Create and maintain an effective loan policy

Kate Randazzo
May 2, 2022
Read Time: 0 min

Confident risk management begins with sound loan policy

A risk-based approach to loan policy can effectively improve your institution's profitability.


You might also like this webinar on loan policy best practices.


Financial institutions must take risks to be profitable, and one of the most common risks is in extending credit to borrowers. Risks are acceptable so long as they are identified, understood, measured, monitored, and controlled to the best of a bank or credit union’s ability. Loan policies make up the foundation for managing that credit risk.


Starting points

When and how to update your loan policy

Loan policies establish and prescribe credit risk parameters. But too often, financial institutions only review their policies annually, even though risks can vary based on the economic climate, mergers and acquisitions, and the addition or removal of certain loan products. In a recent webinar, Paula King, Senior Advisor for Abrigo Advisory Services, recommended that lending institutions make time to review loan policies quarterly and every time they make a change, such as an increase in asset size, a new branch, or an acquisition.

King also recommended setting up a time where your credit team can review how your loan policy is working advantageously for your bank or credit union as well as discuss new underwriting and credit risk associated with any new loan types. In some cases, loan policy changes can help your financial institution’s bottom line. For example, tightening up underwriting can improve a bank’s net interest margin by adjusting aspects of a policy that were unnecessarily narrow. Whatever changes you make, the entire credit team must know them and communicate them clearly to lenders, who will carry out the changes.

Loan policy framework

Designing your lending guidelines

Design your loan policy according to the size and complexity of your institution. This means keeping the following in mind:

  • Policy should be consistent with your strategic loan plan. Your policy should include what type of loans you are actively seeking and what loans you don’t have an appetite for so regulators understand your institution’s direction.
  • Loan policy is the foundation that guides the institution’s loan decisions. Your policy should keep in mind your institution’s size and target market, and must be broad enough to ensure you can operate without every loan needing a policy exemption due to policy guidelines. Don’t back lenders into a corner by making your range of tolerances too tight.
  • Underwriting requirements should be based on your risk tolerance. Let credit risk be the driver throughout your policy and consider loan pricing determined by risk factors. This means creating directional consistency to risk indicators (if a borrower has a lower credit score, their rate will be higher, and vice versa).

Policies are typically written at a high level to provide a framework of tolerances and limits for your institution. Documents such as procedural manuals bring policy requirements to the practical level. But frequently, banks and credit unions include processes in their loan policy without realizing it. Since policy documents are often hundreds of pages and procedures tend to be more dynamic, keeping process and policy separate can help simplify your review.

When determining whether a particular item belongs in a loan policy or an implementing document, consider the question it is answering. Policies generally contain “what and why” answers while implementing documents cover “who, when, and where.” For example, specific numbers and ranges, such as your bank’s established debt-to-income (DTI) limits for each of its consumer loan products, should be in your policy. The data and the documents you will use to enforce the loan policy belong in a procedural or process manual. For the example above, this would mean the list of forms that you would use to prove income, such as pay stubs and W2 forms.

Put your loan policy into practice with this implementation guide.

keep me informed Download whitepaper

Consistent application

Implementing your policy

A financial institution may have an excellent policy, but if the loans in its portfolio don’t align with the parameters in its policy, internal miscommunication is likely the culprit. Include all stakeholders when reviewing and making changes to your policy to ensure everyone is on the same page—especially lenders, who must understand what your institution is willing to accept.

Implementation documents and procedure manuals can help establish parameters for your institution. Make sure it includes all necessary steps to carry out your policies, and that staff roles are clearly defined. Your institution should also monitor its operations by comparing loan policy to recent originations through loan reviews, checking that staff is adhering to your policy with minimal exceptions. During examinations, regulators pick a sample of loans to compare with your policy, so it is wise to make sure your institution’s loans are up to code.

A third consideration is to check that your policy is applied, where appropriate, on a consolidated institution basis. This means that all branches and offices are applying your loan policy and procedures consistently, especially for consumer lending. Rather than an annual tickler, review the policy quarterly, and revise it to account for growth expectations, competitive factors, economic conditions, staff expertise, and level of capital across your institution’s offices.

Risk-based approach

Controlling risk is one of the central tenets of regulatory expectations around loan policies. One of the challenges with implementing policy is knowing which elements need to be controlled and the best way to effectuate that control. Make sure your policy sets ranges or maximums for each of the following:           

  • Loans/Deposits  
  • Loans/Assets
  • Loans/Capital
  • Growth rates – generally and for the upcoming year  
  • Fixed vs. Variable               
  • Specific loan type limits or segment limitations

Set thresholds for certain ratios should be in your policy, especially for loan type limits or segment limits. In the event of a recession or market change, the importance of quarterly review will become apparent as these limits may need to be changed or updated to reflect conditions.

A good rule of thumb is to structure each section of your policy by asking how your bank is at risk and at what point it would run into trouble with each section. Answer those questions in your risk indicators section, and address the risk indicators in each policy component. Once you’ve set benchmarks and thresholds to watch out for, your institution will have defined how to control risks.

Red flags

Regulatory perspectives on loan policy

The first defense against regulatory criticism is a sound loan policy, but any mismatch between loan terms and your actual loans will send up red flags. If your bank or credit union has an excessive number of loans that are exceptions, it could indicate that your policy is too stringent and restrictive or that you haven’t appropriately communicated the policy to lenders. Other red flags for regulators include:

  • The policy has not been reviewed, reapproved, or revised in a year
  • The date on your policy is not current, even if it’s a clerical error
  • There are multiple versions of the policy, or different versions from branch to branch
  • The table of contents is not updated to match the sections, which can show examiners that the policy isn’t a top priority
  • The policy contains attachments or addendums that have not been worked into the policy officially
  • Staff names, target markets, or loan products are not current

While some of these red flags may seem like clerical errors, even minor inconsistencies can signal to regulators that your loan policy is not a priority. If you face criticism, be proactive in addressing it and avoid receiving the same comments at your next examination.

If your financial institution needs an objective review to get on the right track, consider a third party for loan policy review assistance to help prepare for your next examination. An outside reviewer can help by making recommendations for your loan policy, developing and crafting loan procedures, conducting an annual review, and assisting with risk-based loan price modeling. If you are utilizing a credit risk-based approach, addressing risk in all elements of your loan policy and communicating policy parameters will clearly set up your financial institution for success.

About the Author

Kate Randazzo

Content Marketing Manager
Kate Randazzo is a Content Marketing Manager at Abrigo, where she works with industry thought leaders to create digital content that helps financial institutions better serve their customers. Before joining Abrigo, Kate managed social media and produced articles for Campbell University’s quarterly magazine and other university content initiatives. She earned

Full Bio

About Abrigo

Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.

Make Big Things Happen.