Photo Credit: nationalmortgagenews.com/
So I attended the NJ Bankers Compliance University in June 2014 and wanted to share some of the information that I came away with to try to assist community banks in knowing where the regulators are going to focus their attention. Please note that these are in no particular order and are things that I wrote down as regulators over three days explained their hot topics and things that they have been noticing during recent regulatory examinations. I hope these will be helpful to you.
- UDAAP in Advertising (i.e., use of the word “free”)—For example, offering a “free” checking account with a “free” ATM card – these are not free if the Bank charges a fee for use at non-Bank ATM machines – industry best practice should be to document in a memo format to the file for each advertisement that it was reviewed prior to production and found to be in compliance with UDAAP
- UDAAP in Vendor Management
- UDAAP in pyramiding of late fees
- UDAAP in charging of overdrafts and overdraft programs (i.e., paying items high to low) – adequacy of “per day” fees – do they have a maximum fee limit per day?
- UDAAP in complaint management – complaint process must be in place – must maintain a complaint log in a centralized location and have one person in charge of responding to all complaints – should also have a “question” log which you should analyze to determine if perhaps customers are asking a lot of similar questions about a particular product which would lead you to determine that perhaps there’s a disclosure problem with the product.
- BSA – Competency of the auditors, do they get enough training through seminars and conferences?
- BSA – SAR narratives incomplete
- BSA – Medical marijuana facilities – ensure you are monitoring and are aware of the risk
- BSA – Virtual currency
- Social Media – Banks should be checking their Bank name through Google search to see if something comes up where they find someone complaining about them on a website (i.e., facebook).
- Flood – Not ensuring that flood insurance is obtained prior to closing the loan
- RESPA – HUD1 and GFE errors
- Vendor Management – Due diligence on third party vendors – banks should request training materials and sign-in sheets to ensure that the third party is providing training to its employees – ensure Bank is doing site visits – request system validations – request copies of compliance certification or testing
- FDPCA – Calls not within proper timeframes
- SCRA – Make sure you check the Department of Defense website – be proactive and send the SCRA notice to all loans that become past due – some Banks are automatically sending out the SCRA notice on the rear side of the delinquency notice
- HMDA – Failure to accurately capture certain fields on the LAR – ethnicity, race, sex, gross income, – especially since new LAR will contain many more fields to capture data
- FCRA – Failure to provide notice when taking adverse action based on information in the credit report
- ECOA and Senior products – While the ECOA age is “62”, banks sometimes offer senior accounts for people older than “55” – with this product they may offer a free VISA credit card – when this happens, they cannot charge an annual fee for the credit card or it would be a violation of ECOA
- Disclosures – Ensure that all disclosures delineate between “business” days or “calendar” days
- Reg E – Banks cannot request customers who submit claims to provide a police report, a notarization, a signed affidavit, etc.
I hope these topics are helpful to Compliance Officers and BSA Officers so that they can focus attention on ensuring that your bank remains on top of these issues to ensure that you are not surprised during your next regulatory examination.