Consumer Compliance Supervisory Highlights 

  • Source:


As compliance officers and risk managers, you often have to get your hands dirty, dig deep, and ask the hard questions.

The FDIC, in their review of the close to 900 consumer compliance examinations performed in 2023, noted that for covered institutions rated “Needs to Improve” or “Substantial Noncompliance”, all were in some way a result of overall weakness in their Compliance Management Systems (CMS). Findings spanned across a variety of consumer regulatory requirements including but not limited to, Truth in Lending Act (TILA) Reg Z, the Flood Disaster Protection Act (FDPA), and the Electronic Fund Transfers Act (EFTA) Reg E.

Treliant helps financial institutions with the design and implementation of a CMS and enhancement of their overall strategic risk management program. These programs are more than just to meet supervisory expectations—they are necessary to effectively manage ongoing risks associated with consumer regulations and compliance. Moreover, a sound CMS and risk management program can prevent violations of law and enforcement actions and helps to ensure that customers are treated fairly.


The FDIC’s Spring 2024 Consumer Compliance Supervisory highlights shines a “high”-light on the breadcrumbs that financial institutions tend to leave behind.

Of the top regulatory areas cited for violations, the following were the most frequently cited:

  • TILA/Regulation Z: Accurately disclosure of closing cost information by the Creditor on the Closing Disclosure.
  • FDPA/12 CFR Part 339: Adequate flood insurance being in place at the time a covered loan experiences a MIRE event.
  • EFTA/Regulation E: Timely investigation, resolution and correction of electronic funds transfer errors.
  • TISA/Regulation DD: Accurate inclusion of timing and content requirements for deposit account disclosures.
  • Section 5 of FTC Act: Multiple NSF fees for re-presentment of the same transaction, with disclosure not clearly describing the financial institution’s re-presentment practice.

On top of the breadcrumbs making up approximately 74% of the findings the FDIC report also highlighted several more significant findings related to consumer compliance issues.

Misrepresentations of Facts:

  • Third-Party’s Misrepresentations of Insured Status
    • 12 CFR Part 328, Subpart B (Part 328), prohibits any representation that an uninsured financial product is insured.
    • In a number of instances, the FDIC found that third parties that both did and did not have relationships with a bank, falsely represented that a financial product was FDIC insured.
  • Advertising of Credit Builder Products
    • Section 5 of the FTC Act prohibits unfair methods of competition and unfair or deceptive acts or practices.
    • The FDIC found identified violations of the act in the connection with the advertising and structuring of Credit Building products. Specifically, false or unsubstantiated claims were made in connection with the potential increase to a consumer’s credit score. In other instances, Credit Building products were advertised along with other products that had no bearing on the consumer’s credit score.

Third-Party Activities:

  • Third-Party EFT Dispute Investigations
    • Section 1005.11(c) of Regulation E sets forth the timing limits and extent of an investigation for electronic fund transfer errors.
    • The FDIC noted a situation where a third-party disputes investigator automatically denied any disputes for transactions that were processed via a security program that was used to authenticate transactions in an attempt to mitigate chargebacks. In these instances, both the third-party and the financial institution failed to conduct an EFTA investigation.
  • Strong Third-Party Oversight and Internal Controls
    • Section 39 of the FDI Act requires the FDIC to establish safety and soundness standards which apply to all insured institutions.
    • The FDIC found that a covered institution that partnered with a third-party lender failed to establish and maintain internal controls, information systems and underwriting practices in accordance with the FDIC’s Safety and Soundness Standards leading to its inability to effectively identify and mitigate heightened fair lending risks. The institution’s lack of access to records hindered accurate risk assessment, monitoring, prudent underwriting, and compliance with fair lending laws. Additionally, inadequate oversight of the third-party lenders’ pricing and underwriting systems, along with unreviewed model changes, exacerbated the situation.

Business Practices:

  • Anti-Discrimination Laws and Regulations
    • While not directly responsible, the FDIC conducts a fair lending review as part of their consumer compliance exams; any findings are referred to the DOJ.
    • In 2023, the referred matters involved discrimination relating to redlining, generally as a result of branching activities in non-minority areas. The FDIC also noted that banks had varying underwriting criteria for applicants based on prohibited basis and other instances of unmonitored discretion with pricing of credit leading to pricing for financing varying based on prohibited basis.
  • Payments for Mortgage Brokerage Services
    • Section 8 of RESPA implements a prohibition around giving or accepting a thing of value for referrals of business related to mortgage loans. Any payments from a lender to a broker must be when goods, facilities or services were performed, and the payment must be commensurate with value of the former condition.
    • The FDIC found that while many brokers can address the first aspect of the condition, some have not been able to sufficiently demonstrate that payments are reasonably related to the value of the services provided.

What This Means for Financial Institutions

The FDIC’s findings from their 2023 Consumer Compliance Examinations only point towards increased scrutiny of instances where consumers can be directly negatively impacted by a financial institutions activities and practices that are not compliant with a variety of regulatory requirements. Treliant’s Regulatory Compliance specialists can help your institution with ensuring you are compliant across all services and products.

Ready to Talk?

We work with you to understand your needs, so we can tailor our approach to your engagement. Learn more when you connect with our team.