On October 14, 2011, the Consumer Financial Protection Bureau
(CFPB) issued its Supervision and Examination Manual –
Version 1.0 (Manual), which provides the first insight into the
procedures the CFPB will use in examining the depository
institutions and non-depository consumer financial services
companies under its jurisdiction. The complete Manual can be found
The Dodd-Frank Wall Street Reform and Consumer Protection Act
provides that the CFPB is responsible for enforcing "federal
consumer financial law." To that end, the Manual builds upon
examination procedures for certain consumer financial laws,
including, among others, the Home Mortgage Disclosure Act, Truth in
Lending Act, Real Estate Settlement Procedures Act, Fair Credit
Reporting Act, Fair Debt Collection Practices Act, and
Gramm-Leach-Bliley Act. It also details its examination procedures
for detecting unfair, deceptive, or abusive acts or practices and
for assessing whether mortgage servicing complies with all
applicable consumer laws.
The Manual is structured in three parts. Part I describes the
supervision and examination process. Part II details the
examination procedures. Part III consists of templates of documents
that the CFPB will use in examining the entities under its
jurisdiction. Part II, the "Examination Procedures," is
probably the most helpful guide for entities that are supervised by
the CFPB, as it provides a "road map" of the factors upon
which the CFPB will focus in compliance examinations.
Prior to examining large depository institutions and their
affiliates, the CFPB will prepare a Risk Assessment that will be
the foundation for an institution's (and its affiliates')
custom "Supervision Plan." A sample Risk Assessment is
provided in Part III of the Manual. As explained in the Manual:
CFPB's Risk Assessment is designed to evaluate on a
consistent basis the extent of risk to consumers arising from the
activities of a supervised entity or particular lines of business
within it and to identify the sources of that risk. "Risk to
consumers" for the purpose of the CFPB Risk Assessment is the
potential for consumers to suffer economic loss or other
legally-cognizable injury (e.g., invasion of privacy) from a
violation of Federal consumer financial law. The risk assessment
includes factors related particularly to the potential for unfair,
deceptive or abusive practices, or discrimination. Two sets of
factors interact to result in a finding that the overall risk in a
business or entity is low, moderate, or high. The first set of
factors relate to the inherent risk in the particular line of
business or the entity overall. The second set of factors is the
quality of controls that manage and mitigate that risk. The Risk
Assessment also includes a judgment, based on current or recent
information, about the expected change in the overall risk:
decreasing, increasing, or unchanged.
Utilizing the Risk Assessment, the CFPB will prepare a unique
Examination Scope Summary that will dictate how the CFPB will
review an institution's compliance with consumer financial
The Manual includes many consumer financial law-specific
sections that, among other things, provide background about the
law, compliance, and specific examination procedures. For example,
the Fair Credit Reporting Act section provides information related
to obtaining consumer reports, sharing information among
affiliates, disclosing information, etc. In addition, some sections
include CFPB examination checklists, providing a useful guide for
internal review of regulatory compliance.
The Manual makes explicit the CFPB expectation that every
regulated entity will have an effective compliance management
system adapted to its business strategy and operations. The CFPB
will review and test the effectiveness of compliance management
systems, focusing on: (i) board and management oversight; (ii) the
compliance program; (iii) responses to consumer complaints; and
(iv) compliance audits. The CFPB will review each of those elements
to assess the overall quality of an entity's compliance
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
A federal district court in California recently ruled that a consumer who voluntarily provided a cellphone number in order to complete an online purchase gave "prior express consent" to receive a text message from the businessís vendors under the TCPA.
As previously noted on this blog, the Consumer Financial Protection Bureau (CFPB) issued an interim final rule in June 2012 to implement the Equal Access to Justice Act. At the time, the CFPB requested public comment on the interim final rule.
A federal court recently held that a vendor of a VoIP service that allows callers to circumvent caller identification is not secondarily liable for the alleged TCPA violations of the caller that uses that service. See Clark v. Avatar Techs. PHL, Inc., No. 13-2777.
The Consumer Financial Protection Bureau (CFPB) is preparing to make significant revisions to the regulations promulgated under the Home Mortgage Disclosure Act of 1975 (HMDA) (Regulation C) by requiring home mortgage lenders to disclose far more information to regulators. In its first step toward these revisions, the CFPB is convening a Small Business Review Panel (as required by the Small Business Regulatory Enforcement Fairness Act) to seek input from small lenders on the proposed changes bef
Three and a half years after passage of the Dodd-Frank Act, the much anticipated final Volcker Rule has been issued. On December 10, 2013, the federal banking regulators, the Securities and Exchange Commission ("SEC"), and the Commodity Futures Trading Commission ("CFTC") (collectively, the "Agencies") issued a final rule ("Final Rule") to implement Section 13 of the Bank Holding Company Act of 1956 ("BHCA") ...
The U.S. Court of Appeals for the Ninth Circuit ruled that a successor mortgage servicer violated Section 533(c) of the Servicemembers Civil Relief Act (SCRA) when it attempted to collect, or failed to remove, fees incurred in connection with a rescinded Notice of Default.
Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.
The CPSC is voting soon on whether to hold a workshop to discuss potential ways to reduce third party testing costs through additional "determinations" that certain products or materials do not require third party testing.