The Consumer Financial Protection Bureau (CFPB) recently released its Supervisory Highlights Summer of 2013. Within this document, the CFPB discusses Compliance Management Systems (CMS). The CFPB defines a CMS as how a supervised entity:
- Establishes its compliance responsibilities;
- Communicates those responsibilities to employees;
- Ensures that responsibilities for meeting legal requirements and internal policies are incorporated into business processes;
- Reviews operations to ensure responsibilities are carried out and legal requirements are met;
- Takes corrective action, and
- Updates tools, systems, and materials, as necessary.
The CFPB goes on to state that a successful CMS program will incorporate the following four interdependent control components:
- Board of directors and management oversight;
- A compliance program;
- A consumer complaint management program; and
- An independent compliance audit.
The last point here is something that the CFPB did take some time to include more information about in their Supervisory Highlights. “The CFPB has noted that an effective CMS implements both a system of periodic monitoring reviews and an independent compliance audit. The periodic monitoring reviews are conducted by either the individual business lines or the compliance department on a relatively frequent basis.” What this means to you and your credit union, is that you should be conducting internal reviews on a frequent basis to ensure that you are meeting the regulatory requirements.
The CFPB goes on to say that, “The independent compliance audit then conducts similar assessments on a less frequent basis, usually annually, to ensure that compliance with Federal consumer financial law is ongoing, that the CMS as a whole is operating properly, and that the board is aware of consumer compliance issues noted as part of these independent reviews.” The CFPB is also saying here, that a very good CMS will include independent reviews of your credit unions departments, products, and services to ensure that you are meeting all necessary regulatory requirements and keeping current with all of the updated changes. These changes are happening more frequently, due to Dodd-Frank, and it is a good idea to ensure that you and your staff are not only following the current requirements, but those new requirements as well.
PolicyWorks helps provide these independent reviews to credit unions. We provide them for Full Scale Compliance, BSA Compliance, Website Compliance, Lending Compliance, and Marketing and Communications Compliance.
Take a look at your own Compliance Management System and see if it meets those areas the CFPB is looking for.