The reach of the Consumer Financial Protection Bureau (the “CFPB”) continues to expand. Debt collectors of all shapes and sizes must familiarize themselves with the structure, purpose and activities of the CFPB. If your company finds itself in the crosshairs of a CFPB examination, you must recognize that the process is going to be expensive and labor intensive. CFPB examinations have two objectives: (1) to assess the adequacy of your company’s internal procedures and controls; and (2) to assess substantive compliance. The CFPB’s approach to the examination is to request electronic copies of documents and other records that are reviewed to ensure compliance with every potentially applicable statutory or regulatory provision that affects your company. In order to comply with CFPB oversight, organizations must develop and implement a Compliance Management System (“CMS”).
What is a CMS? According to the FDIC, a CMS is how an institution: (1) learns about its compliance responsibilities; (2) ensures that employees understand these responsibilities; (3) ensures that requirements are incorporated into business processes; (4) reviews operations to ensure responsibilities are carried out and requirements are met; and (5) takes corrective action and updates materials as necessary. A CMS should focus on a “top-down” approach from the Board of Directors all the way down to employees performing routine business functions.
Currently, the CFPB is issuing consent orders and assessing civil penalties for not having an effective CMS and an established “culture of compliance.” If your organization has not implemented a CMS, do not delay. If your company is subjected to an examination, the CFPB will be looking back at least one year (if not more) to assess your internal procedures, controls and compliance. If you are concerned that the costs of implementing a CMS may be too costly and burdensome, please consider the price of not having an adequate CMS when the CFPB comes knocking at your door.