guess who? - microsoftroot/1609...guess who? 2 2 what did he say? •"always do right. it will...
TRANSCRIPT
1
Navigating the Regulatory EnvironmentBoard of Directors Responsibilities
Presented by:
Susan Costonis, C.r.C.m.
Compliance Training & Consulting for Financial Institutions
The Directors Education Series
Guess Who?
2
2
What Did He Say?
• "Always do right. It will gratify some people and astonish the rest."
‐‐ Mark Twain
3
Overview
• Dorothy slowly realized she wasn’t in Kansas anymore as shewandered through the forest with the Scarecrow, Tin Man, andCowardly Lion. Are there lions, tigers, and bears in YOUR back yard?Has the regulatory environment changed in the last 6 years after themortgage melt‐down? What are the director’s responsibilities tocreate an effective compliance culture at your bank?
4
Regulatory expectations and rules for the Board of DirectorsWhat are seven requirements for the Board of Directors?What are important elements of an effective compliance culture?What lessons can be learned from enforcement actions?
3
The New “Normal”
• Culture Change ‐ COMPLIANCE IS EVERYONE’S JOB!
• Compliance Management System ‐ Expect Change.
– Requires board and management oversight, compliance program, compliance audit and the enterprise approach to responding and analyzing consumer complaints.
• Consumer Risk Assessments – proactive management
5
Director’s Responsibilities by Agency
Agency Reference
OCC http://www.occ.gov/publications/publications‐by‐type/other‐publications‐reports/The‐Directors‐Book.pdfDIRECTOR’S TOOLKIT
Federal Reserve
https://www.federalreserve.gov/boarddocs/supmanual/cbem/500
0.pdf Statement of Policy
FDIC https://www.fdic.gov/regulations/laws/rules/5000‐3300.html ‐
Statement of Policy
6
4
Director’s Responsibilities ‐OCC
Agency Highlights – NOTE ALL REGULATORS SHARE THE SAME 7 GOALS
OCC Section 501, 30 pages
1. To select competent executive officers – set COMPLIANCE CULTURE2. To effectively supervise the bank’s affairs3. To adopt and follow sound policies and objectives4. To avoid self‐serving practices5. To be informed of the bank’s condition and management policies6. To maintain reasonable capitalization7. To observe banking laws, rulings, and regulations8. To ensure that the bank has a beneficial influence on the economy
of its community—
7
Director’s Responsibilities ‐OCC
Compliance with Formal and Informal Administrative ActionsDepository Institution Management Interlocks Act
Depository Institution Management Interlocks Act
8
5
Compliance Culture Warning
In addition to the typical consumer compliance regulation coverage and exam process, there are two additional areas of concern:1. Concept of “consumer harm” and unfair, deceptive, or
abusive acts and practices (UDAAP) have been the focal point of many recent enforcement actions.
2. The Bank Secrecy Act is examined under the Safety & Soundness exam. A violation of one of the 4 pillars can cause the CAMELS rating to be DOWNGRADED. (FinCENissued recent guidance on the “Culture of Compliance where BSA compliance is not compromised for the sake of earnings)
9
OCC Director’s Toolkit
10
6
OCC Director’s Toolkit – Seven Responsibilities
11
OCC Director’s Toolkit
12
7
Director’s Responsibilities ‐FDIC
Sources Highlights:
The Technical Assistance Video Program is a series of educational videos designed to provide useful information to bank directors, officers and employees on areas of supervisory focus and regulatory changes. These videos are available on the FDIC's YouTube channel.
Corporate Governance
Roles and Responsibilities – Duty of Loyalty and Duty of CareSupervision of Bank Operations; and Keeping Informed.
How? See next slide….
FDIC – Independent Decision Making
14
See slides on the risk of a “ONE‐PERSON BANK”
8
Risks of a “One Person Bank”
Potential Dangers:1. Incapacitation of the dominant officer may result in a management void.
2. Problem situations resulting from mismanagement may be more difficult to solve through normal supervisory efforts because problems are often attributed to the one individual that dominates the bank.
Potential Controls segregation of duties and
responsibilities; a sufficient number of outside,
independent, and engaged directors; and
independent board committees overseeing major risk areas.
15
Avoid Preferential Transactions By:
establishing and enforcing codes of conduct;
complying with laws and regulations on insider transactions; and
reviewing insider dealings rigorously and independently.
16
9
Research Unit
They will analyze trends in the provision of consumer financial products and review access to “fair and affordable credit for traditional underserved communities” and review
consumer awareness of the cost of credit; they will report on consumer behavior with various
products
Research Unit
They will analyze trends in the provision of consumer financial products and review access to “fair and affordable credit for traditional underserved communities” and review
consumer awareness of the cost of credit; they will report on consumer behavior with various
products
Community Affairs Unit
They will focus on educating consumers about consumer
financial products and ensuring broad access to financial
products
Community Affairs Unit
They will focus on educating consumers about consumer
financial products and ensuring broad access to financial
products
Office of Fair Lending and Equal Opportunity
They will enforce federal laws relating to fair lending, which the Act defines as “fair, equitable, and nondiscriminatory access
to credit for consumers.”
Office of Fair Lending and Equal Opportunity
They will enforce federal laws relating to fair lending, which the Act defines as “fair, equitable, and nondiscriminatory access
to credit for consumers.”
Complaints Unit
They will maintain a website and toll‐free number to centralize collection and monitoring of consumer complaints regarding consumer financial products and services, and will route complaints to other federal and state agencies
where appropriate.
Complaints Unit
They will maintain a website and toll‐free number to centralize collection and monitoring of consumer complaints regarding consumer financial products and services, and will route complaints to other federal and state agencies
where appropriate.
The Office of Service Member Affairs
They will focus on issues to “empower service members and their families to make better financial choices” and monitor complaints received by the CFPB or other federal agencies. Regional offices will be established near military installations
as needed.
The Office of Service Member Affairs
They will focus on issues to “empower service members and their families to make better financial choices” and monitor complaints received by the CFPB or other federal agencies. Regional offices will be established near military installations
as needed.
The Office of Financial Education
They will develop programs to improve consumers’ financial literacy and familiarity with consumer financial products
The Office of Financial Education
They will develop programs to improve consumers’ financial literacy and familiarity with consumer financial products
The Office of Protection for Older Americans
They will develop financial literacy programs for protection from unfair, deceptive and abusive practices on current and
future financial choices. Dodd Frank designates “older Americans” as being 62 and older and are referred to as
“seniors.”
The Office of Protection for Older Americans
They will develop financial literacy programs for protection from unfair, deceptive and abusive practices on current and
future financial choices. Dodd Frank designates “older Americans” as being 62 and older and are referred to as
“seniors.”
17
The Four D’s at the CFPB
1. Deceptive marketing
2. Debt traps & dead ends
3. Debt collection
4. Discrimination
18
The Four “D’s”
BOTTOM LINE after 3.5 years….$5.3 billion to 15 million consumers and $200 million in civil money penalties
10
An Effective CMS includes:
• Board and Management Oversight
• Internal Controls
• Training
• Corrective action
19
Basics for Compliance Management Systems
The Risk Assessment Process
Overall
Bank Compliance
Risk
Performance
Risk
Product
Risk
Regulatory
Risk
20
11
Performance Risk:
• Current & Past Enforcement Actions
• Reimbursement History
• History of Compliance with Fair Lending laws
• Current and Prior Regulator Ratings
• Audit Findings
21
The Risk Assessment Process
Regulation Risk:
• Applicable Regulations
• New Regulations
• Changes to Regulations
• Recent Enforcement Actions & Regulatory Guidance
22
The Risk Assessment Process
12
Product Risk:
• Major Product Line
• New Products/Services
• Growth in Operations
• Complexity of Operations
• Third‐party Affiliations
23
The Risk Assessment Process
Complaints ‐ What & Why
Why Care About Complaints?
1975 Federal Trade Commission Improvement Act tasked the federal banking agencies to respond to consumer complaints that reflected unfair and deceptive acts or practices by financial institutions .
CFPB Complaint Gathering ‐ Dodd‐Frank Act requires CFPB to:
• Collect, track and report on complaints
• Share complaint data with the FTC
• UDAAP
CFPB Exam Manual and Complaint Portal: “How the entity handles complaints is also a key element in evaluating its compliance management system.” The CFPB complaint portal solicits consumers to “tell their story”.
24
13
Complaints and 2015/2016 CFPB Enforcement
False claims & deception
Discrimination based on race or ethnicity
Inaccurate credit reporting (MANY COMPLAINTS)
Misrepresentation of loan costs
Failure to credit consumers for full deposit amounts
Mortgage Loan Servicing abuses
Unfair billing practices, credit card add‐on products (third party vendors)
Deceptive collection practices
25
26
14
What Should Financial Institutions Do?
It is critical for all banks to have some sort of “portal” or method to receive our own stories from customers. Sometimes these stories are compliments rather than complaints.
Considerations to Define Complaints:• One size does not fit all• Each bank must develop a definition based on unique
products, services, delivery channels, etc. • Must be able to defend it to the regulators
27
What is a complaint?
Agency Definition or Comment
OCC
Providing answers to common questions and assistance to filing complaints”
Does the bank have a strong record of acting on and monitoring consumer complaints?
FDIC
“an allegation by, or on behalf of, an individual, group of individuals or another entity that a particular act or practice of a financial institution is unfair, deceptive, incorrect or violates a federal regulation or statute under which the financial institution must operate”
Federal ReserveReg AA: “Unfair Deceptive Acts and Practices” the only regulation with actual definition of complaint but exam manuals describe complaints in function
Define Your Own:
Each financial institution must determine what is an appropriate definition for their organization
28
15
29
1. Proactive
2. Comprehensive Procedures
3. Transparent
4. Consumer Focus
5. Root Cause Review
6. Training
30
16
Pay Close Attention to Complaints
1. The CFPB’s Examination Manual: At a minimum, it would be wise to include routine monitoring of the two sites listed in the CFPB Manual in your complaint management system. They list www.ripoffreport.com and www.complaints.com.
This is in the CFPB Exam Manual:
31
Pay Close Attention to Complaints
2. The CFPB’s Consumer Complaint Database: Complaints can be downloaded and analyzed; two reports are made to Congress annually and a MONTHLY report is now issued.
3. Consumer Reports: This Consumer Reports online article dated August, 2011 provides an extensive list of complaint sites, including links and a brief description for each. Here is the link: http://www.consumerreports.org/cro/money/consumer‐protection/new‐ways‐to‐complain/overview/index.htm
4. Your Institution’s Facebook and Twitter Pages: As you follow posts on your own social media pages, keep watch for links in those posts that track to complaints aired outside your virtual doors.
32
17
The Dodd‐Frank Act Impact on UDAP
• The CFPB is assigned rule making authority for unfair, deceptive or abusive acts or practices
• The rules may include requirements for the purpose of PREVENTING unfair, deceptive, or abusive acts or practices
• UNFAIR is defined in the Dodd‐Frank Act and is similar to the FTC Act.
• Deceptive is NOT defined in the Dodd‐Frank Act and the definition remains the FTC’s definition until the CFPB makes a rule
• New standard of “abusive acts or practices” that will be defined by the CFPB. TO DATE THIS HAS BEEN DONE BY ENFORCEMENT ACTIONS, RATHER THAN BY REGULATION.
33
Lessons Learned from Enforcement Actions
1. UDAAP Is Everywhere
2. Say What You Mean, and Mean What You Say
3. Watch Over Third‐Party Providers
4. The Usual Suspects Still Trigger Violations
34
18
CFPB Enforcement Actions Against Bank of America for UDAAP Violations
• OCT 29 2015• CFPB Takes Action Against Nationwide Student Financial
Aid Scam• April 20 2015 • CFPB Takes Action Against Military Allotment Processor for
Charging Servicemembers Hidden Fees• October 9 2014 • CFPB Takes Action Against M&T Bank for Deceptively
Advertising Free Checking• Today we are putting $2.9 million back in the pockets of
consumers as a result.”
35
Five Steps to Manage UDAAP Risk
1. Keep up with the CFPB
2. Take a Close Look at your Website
3. Test your Marketing and Advertising Materials
4. Train, Train, and Train your Staff
5. Pay Close Attention to Complaints
36
19
Discussion Questions
1. Are there any current concerns about our “compliance culture” based on recent independent audits or compliance examinations?
2. Can we demonstrate that the board is effectively managing the Compliance Management System for our bank?
37
Thank You
Susan Costonis, C.R.C.M.
Compliance Training & Consulting for Financial Institutions