Responsible Business Conduct: Self-Assessing, Self-Reporting, Remediating, and Cooperating

  • Source:

Treliant Takeaway:

Treliant knows consumer protection, fair lending, and unfair, deceptive, or abusive acts and practices (UDAAP). If you need assistance with assessing and managing your conduct risk, Treliant can help.

Article Highlights:

On March 6, 2020, the Consumer Financial Protection Bureau (CFPB) released CFPB Bulletin 2020-01, “Responsible Business Conduct: Self-Assessing, Self-Reporting, Remediating, and Cooperating.” The bulletin updates CFPB Bulletin 2013-06, “Responsible Business Conduct: Self-Policing, Self-Reporting, Remediation, and Cooperation.” The update is intended to reiterate the importance of responsible business conduct and to clarify the CFPB’s approach to responsible conduct. The CFPB notes responsible conduct supports two CFPB focus areas. Responsible business conduct prevents consumer harm by building a culture of compliance among regulated entities. In addition, early detection of problems and speedy remediation can minimize consumer harm. As a result, responsible business conduct is in the public interest, and will be favorably considered in addressing violations of federal consumer financial law through supervision or enforcement.

Bulletin 2020-01 includes four categories of responsible business conduct:

  1. Self-assessing. Does the entity have a robust compliance management system (CMS) that is consistent with its size and complexity to prevent and detect potential consumer harm? Did the entity detect the issue in question as a result of an effective CMS? How did the issue arise? Have CMS gaps that permitted the issue been adequately addressed?
  2. Self-reporting. Did the entity promptly, proactively, and appropriately disclose the issue to the CFPB, other regulators, and self-regulatory organizations (when applicable)? If the entity delayed self-reporting, why was reporting delayed? Did the delay affect the ability of the CFPB to investigate? Did the delay harm consumer interests?
  3. Remediating. How quickly did the entity effectively respond after identifying the issue? What steps did the entity take to discipline the responsible individuals, identify affected consumers, and remediate consumer harm? Did the entity complete an effective root cause analysis and modify policies, procedures, and practices to prevent recurrence?
  4. Cooperating. Did the entity cooperate fully with regulatory and law enforcement personnel during the investigation? Was the entity’s review adequately independent and thorough? Did the entity share the internal review and supporting documentation with the CFPB? Did the entity take any steps beyond what was required by law or regulation to resolve the issue and cooperate with the CFPB?

Bulletin 2020-01 notes that a regulated entity’s good faith assertion of privilege during an enforcement investigation does not make the entity ineligible for favorable consideration for cooperating. With this clarification from Bulletin 2013-06, the CFPB encourages regulated entities to engage in more responsible conduct that prevents and minimizes consumer harm.