Legal Blog

Compliance Checklist for CFPB Examinations

Compliance ChecklistAs you may remember from one of our previous blogs, “Financial Institution Compliance and Loan Officer Compensation,” the Consumer Financial Protection Bureau (CFPB) has begun to crack down on non-depository lenders and community banks that had previously flown under the radar. The CFPB has already come down hard on several small businesses, including a midsized non-depository with fewer than 350 employees nationwide that originated a little over $1 billion in loans last year, its president, and vice president.

Now do we have your attention?

Your institution, regardless of its size, is on the CFPB’s radar. And with the Bureau’s examinations in full swing, you have to ask yourself one simple question: Am I prepared if the CFPB came calling tomorrow? CFPB examiners take a comprehensive look at your operations, policies and procedures, results of previous examinations by other regulators, your complaint history and your responses to those complaints to assess your commitment to consumer compliance.

Compliance Checklist for CFPB Examinations

Use the following checklist to assess your institution’s level of readiness.

☐ Do you have policies and procedures in place covering:

☐ Federal regulations under the CFPB authority, such as RESPA, TILA, ECOA, FCRA, HMDA, FDPCA, SAFE and GLB?

☐ Tracked distribution of compliance information and updates?

☐ Third-party service provider due diligence, monitoring and accountability?

☐ Origination, underwriting, and servicing practices, particularly in areas where the exercise of individual discretion is required?

☐ Receiving, reporting, and resolving customer complaints, including the tracking of customer complaints to detect trends and the actions taken in response? (indent)

☐ Loan officer compensation and any other incentive programs for employees who interact with consumers?

☐ Fair Lending Compliance, in connection with both origination and loss mitigation?

☐ Credit reporting and the handling of credit disputes?

☐ Collection of past due accounts, including policies on written and verbal communications to borrowers?

☐ Document retention and management that complies with state and federal law?

☐ Do you perform periodic compliance audits and self-assessments, especially with regard to fair lending and mortgage servicing issues?

☐ How active is your company’s board of directors/senior management in regards to compliance? Do they receive reports and provide guidance on compliance issues?

☐ Are minutes taken at regular meetings of your company’s board of directors/senior management and do those minutes document involvement in consumer compliance issues and efforts? If sub-committees exist such as compliance/audit committee and credit/pricing committee, do they have documented minutes showing involvement in consumer compliance issues?

☐ Do you have a company-wide training plan that documents training efforts, particularly with regard to fair lending issues?

☐ Have you satisfactorily resolved all issues arising during examinations conducted by other regulators?

☐ Do you have an examination plan in place that covers:

☐ Identification of a liaison/organizational contact who will interact with the CFPB?

☐ Assignment of a coordinator, who is responsible for coordinating the collection and delivery of requested information/documentation as well as implementing a strategy for dealing with requests for privileged documents?

☐ Assignment of personnel to assist with the examination process, including distribution of materials, collection of documents, demonstration of systems and explanations of procedures?

☐ Is your IT department aware of the CFPB e-examination system and how your systems will be able to communicate with them?

☐ Are you able to run reports and analyze data in the same way that the CFPB can, using its e-examination system?

If you have any questions about Financial Institution Compliance or the above checklist, please contact Offit Kurman attorney Ari Karen at Mr. Karen is a principal of the firm in its labor and employment group and the Founder and Director of C3 Compliance Consultants Inc. (C3CC).

C3CC has extensive experience representing industry professionals undergoing CFPB audits. They understand the process and how to prepare for it:

  1. Review and revise policies and procedures
  2. Conduct compliance GAP analyses
  3. Perform compliance risk assessment
  4. Review Compliance Management System
  5. Develop third-party service provider (TPSP) program

For more information about C3CC and its team, please visit, or contact C3CC Managing Director, Kenneth Fick at (301) 575-0324 or