The CFPB, Obamacare for the financial industry, has reared its ugly head, again, and rattled the “unfair, deceptive or abusive acts or practices” sabre. The Bureau (and I don’t mean the piece of furniture where you keep your socks and underwear and sometimes hide a Christmas gift for your spouse) has announced that covered financial institutions may be held responsible for illegal actions of a service provider. Institutions are expected to be responsible for their service provider’s activities beyond the normal due diligence practices that have served the industry and consumers well for the past several decades. The Bureau’s expectations are summed up in the following bullet points:
• Conducting thorough due diligence to verify that the service provider understands and is capable of complying with Federal consumer financial law; (A nebulous expectation from a nebulous agency. Do we give them a 10 page multiple choice test to document their understanding? Is it a pass/fail grading system? And what about Spring Break?)
• Requesting and reviewing the service provider’s policies, procedures, internal controls, and training materials to ensure that the service provider conducts appropriate training and oversight of employees or agents that have consumer contact or compliance responsibilities; (Does the Bureau really believe that the large national or international service provider will turn over all the documentation that an institution needs to properly do this? And if they do, how many institutions have the staff, time, and wherewithal to properly analyze all this information provided? If they do comply, I have Las Vegas odds that the price of the service will increase.)
• Including in the contract clear expectations about compliance as well as appropriate and enforceable consequences for violating any compliance-related responsibilities, including engaging in unfair, deceptive, or abusive acts or practices; (Unfortunately, it’s the CFPB that determines what is an unfair, deceptive, or abusive acts or practice and only then when it can’t cite a violation of anything else.)
• Establishing internal controls and on-going monitoring to determine whether the service provider is complying with Federal consumer financial law; and (Again, how may large service providers will put up with this nonsense?)
• Taking prompt action to address fully any problems identified thorough the monitoring process, including terminating the relationship where appropriate. (This is the only sensible part of the expectations, and institutions are already doing this.)
Presumably, the resources that institutions would normally employ to serve their customers are thought, by the Bureau, to be better used in combatting the evils lurking in the service provider realm. Undeterred by the fact that most consumers neither care about the consumer compliance laws designed to protect them nor read the ream after ream of disclosures designed to make them better informed, the Bureau, in its never-ending quest to protect somebody from something, marches on making mountains out of molehills.
You should be concerned about this pronouncement even if your institution isn’t regulated by the CFPB. The tone set by the Bureau will, as does other kinds of…stuff, roll downhill and will be coming soon to a regulator near you.
ABS is ready, willing, and able to assist you with compliance strategies.
No comments:
Post a Comment