Insights: Article

Getting the Grade – A New Consumer Compliance Rating System

By Linda Albrecht

May 21, 2017

You can look forward to a new compliance rating system with your next consumer compliance exam. In November 2016, the Federal Financial Institutions Examination Council (FFIEC) issued an updated Uniform Interagency Consumer Compliance Rating System (CC Rating System). The new rating system was developed to better align with changes that have occurred since the release of the original rating system established in 1980 and takes into consideration the new tailored, risk-based exam approach.

The FFIEC member agencies (CFPB, FDIC, Federal Reserve, NCUA, OCC, and SLC) will apply the new rating system to consumer compliance exams beginning March 31, 2017. The new rating system promises not to generate new examiner expectations or increase the regulatory burden for financial institutions.

Details of the New System

The new system is designed with an emphasis on evaluating a financial institution’s Compliance Management System (CMS). It creates a comprehensive, consistent framework for all member agencies to apply, focusing on consumer protection, self-identification and proactively addressing compliance issues.

The rating system is based on a five-point scale, with “1” being the highest/best rating and “5” reflecting a critically deficient program. The new exam rating system will focus less on transactional testing and more on the financial institution’s CMS, paying particular attention to practices that may cause consumer harm. The new rating system will be applied to all institutions regardless of size, allowing examiners to tailor their activities based on the size, complexity, and risk profile of the institution.

Guiding Principles
The new CC Rating System was designed based on four key principles:

  • Risk-Based – Emphasize that a financial institution’s CMS will vary based on the size, complexity and risk profile of the organization. Even though the same framework will be applied to all financial institutions, it is not meant to be a one-size fits all.
  • Transparent – Create uniform rating categories to promote consistency across member agencies.
  • Actionable – Communicate areas of strength and appropriately emphasize areas for improvement.
  • Incent Compliance – Encourage institutions to establish a strong CMS that focuses on preventing consumer harm, prompt identification and correction of weaknesses.

The CC Rating System is split into three categories and includes specifically assessment factors within each category:

  • Board and Management Oversight - This should include oversight and commitment to the CMS, effectively support change management, driven both internally and externally, identify and manage risks, and detect and correct weaknesses. Along with this, your board should periodically evaluate your fi institution’s needs to ensure sufficient resources are allocated to the compliance program. If third parties are used to supplement your bank’s compliance program, there should be on-going due diligence of these vendors.
  • Compliance Program – This should contain policies and procedures designed for your organization, a training program tailored to staff responsibilities, effective monitoring aimed at identifying potential violations or weaknesses, and a process for addressing consumer complaints.
  • Violations of Law and Consumer Harm – These are rated based on the root cause, severity and impact of consumer harm created, the duration of the violation, and the pervasiveness of the violation. Identifying violations and correcting them is key, but more important is ensuring prior exam recommendations have been addressed.

There seems to be some common themes throughout the foundation of the new CC Rating System—consumer harm, self-identification and corrective action. It goes without saying that if you have a strong CMS that includes board and management oversight, policies and procedures, training, and monitoring with effective corrective action, your next compliance exam should go well.

Latest Insights

January 18, 2019
While having your audit team onsite can be stressful, there are certain steps you can take to reduce that stress and make the most of your audit.
January 17, 2019
In this installment of our Common Single Audit Findings and Remediation Series, we discuss the three distinct parts that make up Requirement “G.”
January 17, 2019
Here’s a list of what the IRS is and isn’t doing as the  partial government shutdown rolls on.
January 17, 2019
Eide Bailly recently sat down with Bill Stovall, CEO of Community National Bank in Texas, to hear his thoughts on the current state of the banking industry.
January 15, 2019
The back and forth on tariffs is wreaking havoc for many businesses. Here’s what you can do to help ease the pain.
January 15, 2019
If you are a farmer who sold to a cooperative in 2018, you will need to provide additional information if you’re looking to take advantage of deductions this tax season.