The CFPB just released their Summer Supervisory Highlights which I have linked below. I know that many people get this and look for their section of interest to see what is happening. Yet if you really want to know what you need to be concerned about, it’s important to read between the business lines. The CFPB has not wavered from a repeated message. No matter what type of institution they are supervising, there are some basic elements that we hear them talk about consistently!
Here are a few tidbits that I pulled out from the most recent supervisory highlights:
1. Policies and procedures were not updated to describe actual practices.
2. Policies and procedures included outdated information.
3. Did not conduct regular monitoring.
4. Lacked formal programs to oversee and manage data supplied by furnishers.
5. Did not have defined processes to verify the accuracy of information provided by their providers.
6. There were no quality control policies and procedures to test for accuracy.
7. The CFPB expects a financial institution under its supervision to maintain an adequate compliance management system (CMS) tailored to its operations. A robust and well-administered CMS is vital to preventing violations of Federal consumer financial law and the resulting harm to consumers.
8. One or more institutions’ boards of directors did not hold regularly scheduled meetings or receive information sufficient to adequately oversee compliance practices.
9. Institutions lacked formal follow-up or escalation procedures for personnel who were delinquent in completing their required training; and allowed to continue interacting with consumers, even when their training was overdue.
10. Institutions lacked comprehensive compliance audit programs.
11. Weaknesses in inquiry and complaint management and did not log or record consumer complaints.
12. Depriving compliance personnel of important tools for detecting violations
13. Complaints (consumer) and inquiries were not recorded, categorized, or processed by the financial institution receiving them.
14. Violated Regulation Z by failing to establish written policies and procedures as required by the rule.
15. Written policies on loan originator compensation, qualification and identification requirements, without written procedures instructing employees on how to comply with the written policies.
16. Systemic violations that were caused by weaknesses in training, monitoring and corrective action.
So if you find your practices lacking in any of these “heads up” warnings, it might be a good time to start locking down some of the issues, which are sure to be problematic when the CFPB greets you with their presence.