In its first report of examination findings, the Consumer Financial Protection Bureau stresses that institutions under its supervisory authority should have a good compliance management system (CMS). In the 14-page reported, titled “Supervisory Highlights,” the agency said one of its first supervisory responsibilities is to assess the quality of a financial institution’s CMS.
Published Oct. 31, the Highlights report contains a number of examples of problems it detected in exams it conducted between July 2011 and Sept. 30, 2012. The CFPB said the problems primarily included deficiencies in compliance management systems, regulatory violations related to credit cards, credit reporting and mortgage lending.
The Highlights report notes that “In a typical CMS examination, the CFPB evaluates both the understanding and application of the financial institutions’ compliance management program by its managers and employees. The CFPB has found one or more situations in which the financial institutions had articulated many elements of an appropriate compliance policy, but the policy was not followed. This has occurred, for example, where the necessity of an effective CMS is not fully appreciated by management or employees of the financial institution, or where a compliance department is not given access to the information, resources, and personnel necessary to carry out its compliance duties.”
The CFPB considers oversight of service providers to be a key component of an effective CMS. The Bureau warns against the idea that a financial institution can “outsource its responsibility” for compliance with federal consumer law by contracting with third-party vendors for particular services.
The Highlights report cites an example where a financial institution and a service provider fail to coordinate their correspondence with consumers, causing conflicting interest rate information to be mailed to delinquent credit card holders, accompanied by improper application of a penalty rate to the customers’ outstanding balances, in violation of the Truth in Lending Act.
The report also encourages financial institutions to focus on fair lending. “Every financial institution should establish fair lending policies, procedures and internal controls to ensure that it is operating in compliance with the Equal Credit Opportunity Act and its implementing Regulation B. The CFPB said the following characteristics are common of well-developed fair lending compliance programs:
- An up-to-date fair lending policy statement;
- Regular fair lending training for all employees involved with any aspect of the institution’s credit transactions, as well as all officers and board members;
- Ongoing monitoring for compliance with fair lending policies and procedures;
- Ongoing monitoring for compliance with other policies and procedures that are intended to reduce fair lending risk (such as controls on loan originator discretion);
- Review of lending policies for potential fair lending violations, including potential disparate impact;
- Depending on the size and complexity of the financial institution, regular statistical analysis of loan data for potential disparities on a prohibited class basis in pricing, underwriting, or other aspects of the credit transaction, and including both mortgage and non-mortgage products, such as credit cards, auto lending, and student lending;
- Regular assessment of the marketing of loan products; and
- Meaningful oversight of fair lending compliance by management and where appropriate, the financial institution’s board of directors.
The Highlights report notes violations of the CARD Act, which is designed to protect consumers from unfair credit card practices. For example, it reports that at one or more institutions, credit lines associated with credit card accounts issued to consumers under the age of 21 based on ability to pay of co-applicants age 21 or older were increased without the financial institution having received written authorization from the co-applicants.
In addition, the report cites an example where an institution failed to comply with the rate reevaluation requirements of the CARD Act by failing to perform a rate review of an acquired portfolio within six months, and failing to establish written policies for rate reevaluation practices.
CFPB’s examination of mortgage lenders turned up instances of “significant non-compliance” with the Real Estate Settlement Procedures Act and the Truth in Lending Act. “Violations under RESPA have included failures to make proper and complete disclosures to consumers of costs and other terms of a transaction due to inadequate or improper completion of the Good Faith Estimate and the HUD-1 settlement statement. Violations under the Truth in Lending Act have included failures to provide accurate interest rate disclosures, and payment amounts and schedules, as well as disclosures regarding late payments, security interest, and assumption policies.
CFPB said it also examined mortgage lenders for compliance with the Home Mortgage Disclosure Act and found “several financial institutions with significant error rates in data reported pursuant to HMDA.”
The CFPB has the authority to examine depository institutions with more than $10 billion in assets, and some additional financial institutions, including organizations that provide mortgages, private education loans and payday loans. It also can examine “larger participants” in the financial markets, as the CFPB determines. So far, those firms have been in the consumer reporting market and the debt collection arena.
The CFPB says its supervisory process is guided by three principles, which are:
- Focus on consumers. The CFPB’s reviews of financial institutions will focus on their ability to detect, prevent, and correct practices that present a significant risk of violating law and causing consumer harm.
- Data driven. The CFPB’s supervision function rests firmly on analysis of available data about the activities of entities it supervises, the markets in which they operate, and risks to consumers posed by activities in these markets.
- Consistency. The CFPB will apply consistent standards to its supervision of all financial institutions to the extent possible, and will use the same procedures to examine all supervised entities that offer the same types of consumer financial products or services, or conduct similar activities.
For the complete report, click here.