CFPB Releases Bulletin and Policy Guidance on Service Providers

The Consumer Financial Protection Bureau (CFPB) released Compliance Bulletin and Policy Guidance 2016-02 which discusses the Bureau’s expectations with regards to risk management programs for service providers. While the guidance is intended for CFPB supervised financial institutions and nonbanks, other credit unions may wish to review the bulletin.

The bulletin is intended to clarify that the depth and formality of risk management programs for service providers may vary depending upon the service being performed—its size, scope, complexity, importance and potential for consumer harm—and the performance of the service provider in carrying out its activities in compliance with Federal consumer financial laws and regulations.

To limit potential for statutory or regulatory violations and related consumer harm, credit unions should take steps to ensure that their business arrangements with service providers do not present unwarranted risks to consumers. These steps should include, but are not limited to:

  • Conducting thorough due diligence to verify that the service provider understands and is capable of complying with Federal consumer financial law;
  • Requesting and reviewing the service provider’s policies, procedures, internal controls, and training materials to ensure that the service provider conducts appropriate training and oversight of employees or agents that have consumer contact or compliance responsibilities;
  • Including in the contract with the service provider clear expectations about compliance, as well as appropriate and enforceable consequences for violating any compliance-related responsibilities, including engaging in unfair, deceptive, or abusive acts or practices;
  • Establishing internal controls and on-going monitoring to determine whether the service provider is complying with Federal consumer financial law; and
  • Taking prompt action to address fully any problems identified through the monitoring process, including terminating the relationship where appropriate.

Compliance Question of the Week

Under the SAFE Act, do Mortgage Loan Originators (MLOs) need to renew their registration?

The Safe Act requires MLOs to renew their registration annually (unless they initially registered on or after July 1st of the current year). The renewal period is open November 1st through December 31st of the current year. If an MLO is required to register and does not do so within this time frame, the MLO will be placed in an “inactive” registration status on the NMLS.

The NMLS created a resource page dedicated to renewal and reactivation information. This resource includes a handbook and FAQs regarding the renewal process.

Legal Briefs

National Credit Union Administration (NCUA)

The NCUA announced that it is accepting applications for its Consulting Assistance. The application is open through November 30, 2016 and is for credit unions that fall into one of the following categories: Assets of less than $100 million; Chartered less than 10 years; Designated as a Minority Depository Institution; or Credit unions that are low income designated.

The NCUA released a new guidebook that provides information on negotiating contracts with third-party vendors for digital services.

The NCUA and four other federal regulatory agencies are requesting comment on a joint notice of proposed rulemaking to implement parts of the Biggert-Waters Flood Insurance Reform Act. The proposed rule supports that requirement that creditors accept private flood insurance policies.

Consumer Protection Financial Bureau (CFPB)

The CFPB posted a blog entry about the Equal Credit Opportunity Act (ECOA) and how it can help consumers. The blog post also discussed recent actions against creditors that were found to violate parts of the ECOA.

CFPB Director Cordray delivered prepared remarks at the Financial Literacy and Education Commission. Cordray’s remarks focused on the need for financial literacy education at a young age and also discussed the CFPB’s 2016 Financial Literacy Annual Report.

The CFPB has released its Fall 2016 Supervisory Highlights which includes examination procedures for reverse mortgage servicers and student loan servicers.

Federal Reserve Board (FRB)

The FRB updated its Debit Card Interchange Fees and Routing FAQ. The recently added FAQ discusses routing networks when EMV cards are presented at a merchant.

The November issue of FedFocus is now available. In this issue, the FRB announces the 2017 pricing and product changes.

The FRB has published the November State of the Federal Open Market Committee. The statement discussed the target range for the federal funds rate and stated that it will remain at ¼ to ½ percent.

Nationwide Multistate Licensing System & Registry (NMLS)

The NMLS announced that the 2017 annual renewal period for MLO’s is now open.

U.S. Department of Justice (DOJ)

The DOJ announced a new program that will support enhanced enforcement efforts related to the Servicemembers Civil Relief Act (SCRA). The pilot program will provide fulltime support for SCRA enforcement through the end of 218.

Office of Foreign Assets Control (OFAC)

OFAC has updated the SDN list as of November, 2016. The last update prior to this was October 27, 2016.

Questions? Contact the Compliance Hotline: 1.800.546.4465,


Posted in Advocacy News, Compliance News, Compliance News, Federal, NWCUA.