Are you a bank, lendor, attorney, law firm - 1st or 3rd Party Collections - Pay Day lender - SMB With monthly receivables - Autodealer or vehicle business - Vendor of any of the above? Then you're on the radar screen at the CFPB and below is a turn-key solution. The Bureau enforces numerous consumer protection laws. Maximum risk lies within the Fair Debt Collection Practices Act and the Unfair, Deceptive, Abusive Acts (UDAAP). When auditing a business, their objective is to “assess the quality of the entity’s CMS.” They also state: “THE CFPB EXPECTS EVERY ENTITY TO HAVE AN EFFECTIVE CMS.” This is in their exam manual. The CMS is not optional, it’s required and it has to be populated. (http://ComplianceUmbrella.com)
1. The CFPB is a real risk: They’ve assessed over $12 billion in fines, shut down violating businesses, won’t allow businesses to cover civil money penalties with insurance. They’ve enforced against every size company (yes, one-man companies). They find targets from consumer complaints, social media, BBB, etc. Do you know any business that never had a complaint from a customer— or that manages to comply 100% with every statute or regulation?
2. Compliance requires having a CMS: A Compliance Management System is a company-wide computer program containing (1) An Operating Procedure to match each covered statute; (2) a Training Program for these procedures; (3) a complaint database to hold all your complaints, helps you manage and responds within certain time limits to EVERY complaint received.
3. GRC companies say they will sell you a CMS . . . But don’t because most of these products are merely document repositories, providing a snazzy template for your procedures, training and complaints—these are empty boxes. They may be a template, or a document management system, but they are NOT a CMS.
4. No company can withstand an audit, without having a CMS.
Nor the milder inquiry from the CFPB (or any sister agency—all are now getting into the act) This is the base level risk and requirement. According to a noted CFPB Law webinar statement from a former enforcement attorney at CFPB, When the CFPB arrives for a meeting or an audit, their first words are ‘Please show us your CMS.’ and they look for an operating procedure that matches every statute.
5. The first requirement in CMS shopping, for a business between 5 and 500 employees is to look for a total solution SaaS program where each client’s CMS resides, including their own documents they load into the system if desired (but not needed to comprise the full CMS at Compliance Umbrella). And the subscriber’s File Cabinet module (a free cloud storage area) will hold your uploaded documents of any sort—any business purpose (user guides, HR documents, daily communications, special department or team communications).
6. Pricing? Look for one license fee covering all employees
A per seat license does not fit the SaaS CMS model for SMBs. And most law firms may not need to purchase a governance infrastructure, delivered via a consultancy model. A fully populated CMS should cost under $5,000 a year, maybe even less
than $2,500 a year. And if used properly, satisfy the CFPB and protect customers.