CFPB Publishes Supervisory Highlights, Appeals Process and update on Examination

On October 31, 2012 the Consumer Financial Protection Bureau (CFPB) released its first Supervisory Highlights fall 2012 report highlighting problems CFPB examiners discovered through the agency’s supervision process. The Bureau also released an appeals policy for supervised institutions as well as an updated version of the CFPB Supervision and Examination Manual, a field guide used by examiners.

Selected excerpts of key points follow:

Compliance Management Systems

  •  A critical component of a well-run financial institution is a robust and effective compliance management system (CMS), designed to ensure that the financial institution’s policies and practices are in full compliance with the requirements of Federal consumer financial law
  • The CFPB understands that compliance management will be handled differently by large, complex financial organizations at one end of the spectrum, and small entities that offer a narrow range of financial products and services at the other end. While the characteristics and manner of organization will vary from entity to entity, the CFPB expects compliance management activities to be a priority and to be appropriate for the nature, size, and complexity of the financial institution’s consumer business.
  • A financial institution’s CMS is inadequate where appropriate policies have been adopted, but management fails to take measures to ensure compliance with those policies
  • The CFPB has found one or more situations in which the financial institution had articulated many elements of an appropriate compliance policy, but the policy was not followed

Vendor Management

  • The CFPB has noted instances in which a financial institution has failed to establish a comprehensive service provider management program or failed to effectively manage service providers acting on its behalf to ensure compliance with Federal consumer financial law.
  • Programs typically include consistent, risk-based procedures governing the retention and monitoring of service provider relationships, as well as policies and procedures to monitor and test for compliance with Federal consumer financial law by service providers acting on behalf of the financial institution

Fair Lending Programs – Deficiencies found as follows:

  • An up-to-date fair lending policy statement;
  • Regular fair lending training for all employees involved with any aspect of the institution’s credit transactions, as well as all officers and Board members;
  • Ongoing monitoring for compliance with fair lending policies and procedures;
  • Ongoing monitoring for compliance with other policies and procedures that are intended to reduce fair lending risk (such as controls on loan originator discretion);
  • Review of lending policies for potential fair lending violations, including potential disparate impact;
  • Depending on the size and complexity of the financial institution, regular statistical analysis of loan data for potential disparities on a prohibited class basis in pricing, underwriting, or other aspects of the credit transaction, and including both mortgage and non-mortgage products, such as credit cards, auto lending, and student lending;
  • Regular assessment of the marketing of loan products; and
  • Meaningful oversight of fair lending compliance by management and where appropriate, the financial institution’s board of directors.

Mortgage Originator Violations

  • Violations under RESPA have included failures to make proper and complete disclosures to consumers of costs and other terms of a transaction due to inadequate or improper completion of the Good Faith Estimate and the HUD-1 settlement statement
  • Violations under TILA have included failures to provide accurate interest rate disclosures, and payment amounts and schedules, as well as disclosures regarding late payments, security interests, and assumption policies


  • HMDA plays a key role in the work of the CFPB’s examination teams and its Office of Fair Lending and Equal Opportunity, as well as other regulatory agencies
  • The CFPB expects financial institutions to have strong systems in place to ensure HMDA compliance.
  • The CFPB has also directed financial institutions to improve their HMDA data collection and reporting systems, for example, by modifying policies and procedures to provide proper guidance to employees who prepare and submit HMDA data.

Financial service providers under the CFPB’s jurisdiction may request a review of a less than satisfactory compliance rating or any underlying adverse finding set forth in the relevant examination report, or adverse findings conveyed in a supervisory letter. CFPB Appeals Process

In conjunction with the report and appeals policy, the Bureau published the second version of the 2012 CFPB Examination Manual v2. The updated manual incorporates procedures released for such markets as mortgage origination and servicing, payday lending, consumer reporting, and consumer debt collection. The manual has also been revised to reflect the renumbering republication in the Code of Federal Regulations of those regulations that fall under the Bureau’s rulemaking authority, among other updates.

CFPB orders American Express to pay $112.5 Million

The Consumer Financial Protection Bureau (CFPB) today announced an enforcement action with orders requiring three American Express subsidiaries to refund an estimated $85 million to approximately 250,000 customers for illegal card practices.

In addition, the banks, their holding company, and its parent company are required to pay a total of $27.5 million in civil monetary penalties to the CFPB, the Office of the Comptroller of the Currency, the Federal Reserve Board, and the Federal Deposit Insurance Corporation.

This action is the result of a multi-part federal investigation which found that at every stage of the consumer experience, from marketing to enrollment to payment to debt collection, American Express violated consumer protection laws.

“Several American Express companies violated consumer protection laws and those laws were violated at all stages of the game – from the moment a consumer shopped for a card to the moment the consumer got a phone call about long overdue debt,” said CFPB Director Richard Cordray. “Today’s orders require the American Express companies to fully refund about $85 million to consumers and it requires them to make specific changes in their business practices. The American Express companies will identify the harmed customers, notify them, and make sure they get back their money.”

The Federal Deposit Insurance Corporation (FDIC) together with the Utah Department of Financial Institutions discovered the illegal activities during a routine examination of an American Express subsidiary, the American Express Centurion Bank. The FDIC transferred portions of the investigation to the CFPB when the Bureau opened its doors last year and together the agencies pursued the matter. The CFPB later concluded that many of the same violations that occurred at American Express Centurion Bank also took place at American Express Travel Related Services Company, Inc. and American Express Bank, FSB.

The investigations found that the violations occurred at various points in time between 2003 and spring 2012. They occurred at every stage of the consumer experience, from shopping for cards, to applying for cards, to paying charges, and to paying off debt. More specifically, American Express subsidiaries:

  • Deceived consumers who signed up for the American Express “Blue Sky” credit card program: Consumers were sometimes led to believe they would receive $300 in addition to bonus points if they signed up for this American Express Centurion Bank program. But consumers who met the qualifications did not receive the $300. This violates federal laws prohibiting deceptive practices.
  • Charged unlawful late fees: American Express Centurion Bank and American Express Bank, FSB billed late fees on certain cards based on a percentage of the debt in violation of the Credit CARD Act.
  • Unlawfully discriminated against new account applicants on the basis of age: American Express Centurion Bank used a credit scoring system that treated charge card applicants differently on the basis of age. For a period of time, the bank did not fully implement the system for applicants over the age of 35. This violated the Equal Credit Opportunity Act because it requires credit scoring systems that take age into account to be properly designed and implemented.
  • Failed to report consumer disputes to consumer reporting agencies: American Express Centurion Bank and American Express Bank, FSB failed to report the existence of certain customer disputes to credit bureaus, which is a violation of the Fair Credit Reporting Act.
  • Misled consumers about debt collection: All three of the American Express subsidiaries deceived consumers into believing there were certain benefits to paying off old debt. Consumers were wrongly told that if they paid off the old debt, the payment would be reported to credit bureaus and could improve their credit scores. In fact, American Express was not reporting the payments and the debts were so old that even if they had tried to report them, many of the payments would not have appeared on these consumers’ credit reports or affected their credit scores. American Express also told some consumers that a portion of their debt would be waived or forgiven if they accepted certain settlement offers. But for customers who applied for a new American Express card, the company was not really forgiving or waiving the debt.

Enforcement Action
In accordance with the orders issued today, the American Express subsidiaries have agreed to correct their practices and refund consumers who were harmed by the illegal practices. Specifically, they have agreed to the following:

  • End the illegal practices: American Express Centurion Bank will not deceive consumers with marketing for the Blue Sky credit card, or any other card, by falsely promising a rebate or points feature. The banking subsidiaries will not charge illegal late fees. They will properly report disputes to credit bureaus and will make sure that cardholders are told about their rights regarding such disputes. American Express Centurion Bank will not unlawfully discriminate based on age when it comes to credit decisions, and it will be required to certify that all qualified consumers who suffered unlawful age discrimination were given an opportunity to reapply for credit.
  • Full repayment of an estimated $85 million to approximately 250,000 consumers:These American Express entities will be paying their customers full restitution, specifically:
    • Consumers who were misled into paying old debt because they thought it would be reported to the credit bureaus will be reimbursed the money they paid plus interest.
    • Consumers who were promised their debt would be forgiven and who were denied new credit cards because the debt was not really forgiven, will receive $100 and a pre-approved offer for a new card with terms the CFPB and the FDIC find acceptable. If the consumer already paid the waived or forgiven amount in order to get a new card, they will be refunded that amount plus interest.
    • Blue Sky customers who were promised $300 for signing up will get their $300.
    • Consumers who paid an illegal late fee will be reimbursed, with interest.
  • Convenient repayment for consumers: These American Express companies are responsible for notifying the affected consumers. Consumers are not required to take any action to receive their credit or check. If the consumers are still American Express customers, they will see a credit in their account. If they no longer have a card account with American Express, they will receive a check in the mail. American Express expects that consumers who will be receiving payment will receive the payout by no later than March 15, 2013.
  • Inform consumers of debt collection rights: These American Express subsidiaries will inform consumers when the debt they are seeking to collect will not be reported to a consumer reporting agency because it is too old. And they will not collect debt unless it has documentation evidencing the debt. Going forward, this will include, at a minimum, the complete terms and conditions of the account and a complete transactional history of the debt.
  • Independent audit: These American Express subsidiaries will implement new procedures to ensure compliance with consumer financial protection laws. They will also use independent auditors to ensure compliance with the terms of today’s orders.
  • Pay civil monetary penalty of $27.5 million: Several federal government agencies seeking action against these American Express companies have ordered monetary penalties. With jurisdiction over the three subsidiaries, the CFPB’s fine is $14.1 million; with jurisdiction solely over American Express Centurion Bank, the FDIC’s fine is $3.9 million; with jurisdiction over American Express Travel Related Services Company, Inc. and American Express Company, the parent company, the Board of Governors of the Federal Reserve System’s fine is $9 million; and with jurisdiction over American Express Bank, FSB, the Office of the Comptroller of the Currency’s fine is $500,000.

American Express Enforcement Factsheet

Link for Consumer who are covered by this action