bulletin 2012-03 service providers

Bulletin 2012-03 Service Providers

May 14, 2014

Presented by Ken Shim

Background

• April 2012 - CFPB issued Bulletin 2012-03

• Federal Reserve, OCC and FDIC issued similar guidance on vendor management prior to CFPB

Bulletin 2012-03

• Bulletin was issued to clearly communicate the Bureau’s expectations for financial institutions to oversee service providers

• Financial institutions will also be liable for the service providers’ non-compliance with Federal consumer financial laws

Guidance

Perform Due Diligence

• Review the service provider’s policies & procedures

• Determine the training level

• Do they have adequate internal controls?

• What is the scope of their monitoring?

Contract with Service Providers

• Contract should include clear expectations about compliance and the consequences for violating any compliance responsibilities

Conduct Ongoing Monitoring

• Financial institutions should establish sufficient ongoing monitoring and testing to independently assess the level of compliance by the service provider

• Should take prompt action to address any issues identified through monitoring, including terminating the relationship

Compliance Certification

Compliance Certifications

• Financial institutions are not relieved of their own oversight responsibility by using umbrella organizations or third party to vet of certify servicer providers

Compliance Certifications (cont.)

• Third party organizations that vet service providers for financial institutions may not suggest that CFPB endorses the organization or require that service providers be certified by the organization

Compliance Certifications (cont.)

• Financial institutions must make sure that fees paid by service providers to be on an approved list of servicer providers do not constitute illegal referral fees

Why now?

• Bulletin 2012-03 is not new. Service provider oversight has been part of the examination scope since the start

Examination

• Examiners will evaluate the effectiveness of Compliance Management System (CMS)

• Board Oversight, Policies, Training, Complaint Process, and Monitoring (includes service provider oversight)

• Scope includes interviews, transaction testing (listening to sample calls), reviewing payment processes, disclosures, marketing

Are you subject to CFPB oversight?

CFPB Oversight Authority

• Banks over $10B

• Non-depository institutions (i.e. mortgage originators/ servicers, debt collectors, payday lenders, money transmitters, auto lenders)

• Any service provider that provides material services to a supervised institution

CFPB, a different Regulator

Enforcement Division

Why is service provider oversight

important?

Enforcement Cases

• Cap One – $210 million

• BoA – $772 million

• Discover – $214 million

• Amex – $112 million

Press Release for CFPB Bulletin 2012-03 (April 3, 2012), available at: http://www.consumerfinance.gov/newsroom/consumer-financial-protection-bureau-to-hold-financial-institutions-and-their-service-providers-accountable

/

 Regulatory QuestionsCFPB_RegInquiries@cfpb.gov