A major change in the way our government functions began in 2012 and is today a powerful ad hoc 4th branch of our federal government, the Regulatory Branch. The output of this branch and the bureaucracy driving it creates new laws - it’s their primary goal. These new laws are referred to as regulations, guidance, interpretations, rulemaking, amicus briefs, supervisions, and administrative acts or enforcements. In virtually every case, the new 4th branch has far more effect on us than what comes from Congress.
It’s easy to see that the greatest risks are visited upon small and medium-sized businesses. There are about 1,000 times more SMBs than enterprises. SMBs have never before been audited for federal consumer laws while enterprises have long been active in the compliance (GRC) space. Up until recently SMBs have chosen to largely ignore this risk – the CFPB is changing their focus with $12 billion in fines and penalties, vigorous supervision and demands that some say sound as much like a threat as a recommendation.
Take Consent Orders for example. A Consent Order occurs when the bureau identifies what they believe is a violation. The targeted company signs a stipulation of agreement to the findings and pays the penalties set by the bureau but the orders are made public. There’s no suit, no finding or admission of guilt. Orders have been issued against all sector and sizes, from a one-man company to large entities such as American Express and Citibank. Making it more exciting, all companies must help the CFPB by ensuring compliance by all of the company’s vendors.
In a speech to the Consumer Bankers Association (March, 2016) the Director of the CFPB announced this intention of the bureau, “suggesting” we all study the consent orders pertaining to our business and be sure to “…clean up whatever” we’re not handling properly. Actually it’s more than a suggestion. We are directed to consider the orders as guidance and to be aware that failure to take “careful bearing” from these orders will be “compliance malpractice.”
DIR CORDRAY - “These (consent) orders provide detailed guidance for compliance officers across the marketplace about how they should regard similar practices at their own institutions. If the same problems exist in their day-to-day operations, they should look closely at their processes and clean up whatever is not being handled appropriately. Indeed, it would be “compliance malpractice” for executives not to take careful bearings from the contents of these orders about how to comply with the law and treat consumers fairly. These orders are intended as guides to all participants in the marketplace to avoid similar violations and make an immediate effort to correct any such improper practices.”
STEP 1: We all need to locate relevant Consent Orders and study these. Unfortunately, the CFPB has redesigned their site, removing an easy to locate Consent Orders online. Before March, 2016, finding the Consent Orders was quite simple - after the Director's consent order mandate, a search form is displayed and finding orders is much more complicated. My first search (ITEM: consent order, DATE RANGE: 2012-2015) returned "Sorry, no results based on your filter selections"
Is it possible this is a total coincidence? We have written a legal analysis of all Consent Orders, available to subscribers. Our summary (written and published by Compliance Umbrella) contains all issued Consent Orders, with a short summary of the Rules or laws claimed to be violated, the metrics on the damaged group and a summary of the penalty or fine.
A subsequent mandate directs us all to read and be familiar with the complaints submited to the CFPB by consumers and available at CFPB.gov. The Director points us to the complaints regarding our individua business sectors and cautions us to guard against similar mistakes. THIS IS RULEMAKING BY ENFORCEMENT. I've covered the subject in my "4th Branch of Government" blog.
Thanks for reading. We invite you to join us in the turn-key Compliance Management System offered here at Compliance Umbrella.