Learning Center
Plans & pricing Sign in
Sign Out



									      Handout #1

                                 Inherent Risk Indicators

Risk Sources - Overview:
1. Retail Footprint
      a. Customer Demographics
      b. Product and Service Offerings
      c. Complexity of Products and Services
      d. Delivery Channels
2. Strategic Direction
      a. Marketing Strategy
      b. New Product and Service Development
      c. Advertisements and Solicitations
      d. Pricing and Profitability
3. Operations
      a. General
      b. Role of Third Parties
      c. Compliance With Traditional Regulations
4. UDAAP Environment
      a. External: Supervisory Focus
      b. Internal: Customer Complaints

Risk Source #1 – RETAIL FOOTPRINT (4 sub-factors)

1(a) Customer Demographics
  Does the bank’s business or marketing plan target less financially savvy customers or
  are there a significant percentage of these customers in its market and / or CRA
  assessment area?
       Elderly
         Students
         Military
         Immigrants or other Customers who speak English as a second language
         Consumers with poor credit
         Consumers living in LMI areas
         Others that could be considered less financially savvy

      2013 ABA Regulatory Compliance Conference
      Handout #1

  Does the bank regularly review its customer demographics?
  Has the bank’s retail footprint changed recently? Has that had an impact on the
  customer base that it serves?
  Has the bank’s customer demographics shifted in line with changes in census data?
  Do the bank’s strategic growth plans reflect community growth and demographic

1(b) Product and Service Offerings
  Does the Bank offer any of the following products?
        Credit Card Add-On Products
        Secured / Subprime Credit Cards
        Subprime or High Cost Mortgages
        Non-Traditional Mortgages (allow negative amortization)
        Gift Cards
        Fee-Based Overdraft Protection Plans
        Payday, Deposit Advance or Tax Refund Anticipation Loans
        Payroll cards
        Reverse Mortgages
        Other new and non-traditional banking products or services
  Do products or services penetrate geographic or consumer markets differently?
  Can consumers apply for a specific product or service and end-up with a different
  product or service than that requested?

1(c) Complexity of Products and Services
  Does the bank offer inexpensive basic checking and savings products?
  Does the bank’s product mix include any that are complex in nature?
  Does any bank product require customers to jump through complex or non-transparent
  hoops to obtain a benefit?
  Do traditional bank products or services have non-typical features or requirements?
  Is pricing structured or products bundled in a way that makes it difficult for
  consumers to understand?

      2013 ABA Regulatory Compliance Conference
      Handout #1

1(d) Delivery Channels
   How does the bank distribute its products?
        Third Parties
        Subsidiaries or Loan Production Offices
        Any which generate business outside its retail footprint?
  Is the bank utilizing any new delivery channels?
  Do marketing efforts differ by delivery channel or geographic area?
  Do product and service terms vary by delivery channel?
  Are special prices, products or services offered in some markets and not others?

Risk Source #2: Strategic Direction (4 sub-factors)

2(a) Marketing Strategy
  Have marketing and advertising media varied recently?
  Does the bank utilize social network channels to communicate products to customers
  and potential customers?
  Do marketing and advertising materials vary to promote special or limited time
  Is the level of marketing and advertising tailored or targeted to address market
  Is scripting for telephone sales representatives used?
  Do the bank’s advertising patterns or practices include all customer demographics?

2(b) New Product and Service Development
  Has the bank introduced any new products or fee-based services recently?
  Do community groups in the bank’s retail footprint express concern about any of the
  products and services offered or not offered?
  Is there pressure to provide any products or services to stay abreast of competition?
  Is the bank at the forefront in developing new and non-traditional products and
  services within its market place?

      2013 ABA Regulatory Compliance Conference
      Handout #1

  Does the local economy and competition impact willingness to experiment with new
  products and services?

2(c) Advertisements and Solicitations
  Do advertisements provide customers with all the information needed to make an
  informed decision about the product in a clear, transparent and accurate manner?
  Are customers reasonably able to obtain the products and services, including interest
  rates, amounts of credit or rewards, as represented?
  Does the bank market using a language other than English? Does it continue to provide
  customers with relevant disclosures and subsequent correspondence in the same
  Are advertisements in print, audio, or visual media consistent with advertisements and
  product descriptions provided on the bank’s web site?
  Does the bank use prescreened or “pre-approved” solicitations?

2(d) Pricing & Profitability
  Do all new products and services provide customers with a benefit that will exceed
  their costs?
  Is pricing reasonable in relation to costs and risk?
  Does profitability depend on penalty fees?
  Is fee income from product and services sales a significant portion of net income?

  Do the board and senior management push specific product or service offerings because of
  significant fee income?
  Is fee income significantly higher than at peer banks?

  Are product and service volumes exceeding management expectations?

  Is there an undue percentage of bank capital invested in loan/deposit products that
  have been associated with abusive, unfair, or deceptive acts or practices?
  Does the bank track products to ensure customers are utilizing what they have paid
  for? If they are not using a product, are fees refunded?

      2013 ABA Regulatory Compliance Conference
      Handout #1

Risk Source #3: Operations (3 sub-factors)

3(a) General Operations
  Does the bank have decentralized or outsourced operations?
  Does the bank have an effective enterprise-wide consumer protection compliance function?

  Does the bank use scoring systems in any aspect of offering and maintaining customer
  product and service accounts?
  Are mandatory arbitration clauses required in product terms?
  Does the bank have a high rate of employee turnover in key areas such as marketing,
  underwriting or delivery?
  Does the bank incent staff by sales volume, interest rates or other methods which
  could encourage steering to specific product offerings or other unfair practices?

3(b) Role of Third Parties (Broker, Dealer, Vendor)
  Does the bank use any brokers or dealers?
  How frequent or voluminous are staff or customer complaints about third party
  conduct, including chargeback rates?
  Does the bank use third-party marketers/advertisers to develop
  marketing/advertising programs or scripts for any products or services?
  Does the bank use third party processers?
  Has the bank’s use of third party vendors changed recently?

3(c) Compliance with Traditional Regulations
  Has the bank had recent violations of traditional lending regulations?
  Has the bank had recent violations of traditional deposit regulations?
  Does the bank protect customer information from hackers and follow the Right to
  Financial Privacy Act?
  Does the bank inform customers when fraud detection is noted?

      2013 ABA Regulatory Compliance Conference
      Handout #1

Risk Source #4: UDAAP Environment (2 Sub-factors)

4(a) External -- Supervisory Focus
  Are regulator publications emphasizing consumer issues that impact the bank directly?
  Have bank products and service types been the focus of news coverage?

  Has the bank been subject to any enforcement actions or been investigated by a
  regulatory or law enforcement agency for violations of consumer protection laws or
  Have any peer banks been subject to enforcement actions or investigated by a
  regulatory or law enforcement agency for violations of consumer protection laws or
  regulations related to products the bank offers?
  Has anything material changed recently in consumer protection regulations or UDAAP
  standards or related state law? If so, did the bank have adequate time to implement
  and do all affected personnel understand the new requirements?
  Has the bank’s regulator recently communicated any information requests for
  specific bank data or related to specific activities?

4(b) Internal -- Consumer Complaints
  Is there any pending litigation regarding any of the bank’s product or service offerings?

  Is there litigation activity concerning products or services the bank offers?
  What is the level of bank, third party, and operating subsidiary consumer complaints?

  Are there specific areas or specific customer demographics within the bank’s retail
  footprint with higher levels of consumer complaints than other areas?
  What is the level of complaints as a percentage of product or service volume?

  Can any bank employee handle and resolve consumer complaints on their own initiative?

      2013 ABA Regulatory Compliance Conference
      Handout #1

           Quality of UDAAP Risk Management (Risk Controls and Mitigation)

Control Sets -- Overview:
1. General: Compliance Management Program
      a. Board of Directors and Senior Management Oversight
      b. Compliance Program
               i. General
               ii. Policies and Procedures
              iii. Training
              iv. Monitoring and Corrective Action
               v. Compliance Audit
2. UDAAP Specific
      a. Marketing
      b. Disclosures
      c. Customer Service
      d. Vendor Management
      e. Complaint Response
      f.    Customer Friendly Features

Control Set I: Compliance Management Program (2 sub-factors)

1(a) Board of Directors and Senior Management Oversight
  Has the Board adopted clear consumer protection policies and operating procedures
  appropriate for the size and complexity of the bank’s operations?
  Does the board foster a strong consumer protection compliance culture with clear and
  demonstrated compliance expectations and bank fairness objectives for the bank and third
  party vendors it uses?
  Do business line staff and managers understand that “they own” their unit’s consumer
  protection and “harm to consumers” risks and are responsible for managing it?
  Does senior management incorporate bank enterprise-wide consumer protection risk and
  performance reports in their business decisions and on-going corporate strategies?
  Does the bank have appropriate communication or reporting across board, senior management,
  business lines and compliance groups to enable each to perform their roles and be accountable
  for their performance?
  Does the bank write specific consumer protection compliance and “harm to consumers”
  requirements into job descriptions of line management and staff, and is the compliance unit

      2013 ABA Regulatory Compliance Conference
      Handout #1

  consulted to obtain feedback when performance reviews are done or before bonuses or other
  compensation are paid?
  Does management respond promptly to consumer protection and UDAAP examination findings?
  Are root causes determined for any weaknesses or violations found and are appropriate
  program changes implemented?
  Has senior management communicated the importance of compliance and commitment to
  consumer fairness throughout the organization?
  Do the Board and Senior Management receive regular and ongoing reports of consumer
  compliance adherence including compliance audits?
  Does the Board or a Board committee follow up on significant consumer protection issues?
  Does management have a process in place to anticipate changes in the market, consumer needs
  or regulatory requirements?
  Has the Board appointed an appropriately qualified and experienced chief compliance officer
  to manage its compliance and consumer protection program? (In smaller or less complex
  entities where staffing is limited, a full-time compliance officer may not be necessary.)
  Has the Board appointed staff and allocated resources to the compliance function
  commensurate with the size and complexity of its operations and practices, the Federal
  consumer financial laws and regulations to which the entity is subject, and necessary to avoid
  potential consumer harm associated with violations of such laws and regulations.
  Has Senior Management addressed consumer compliance issues and associated risks of “harm
  to consumers” throughout product development, marketing, and account administration, and
  through the entity’s handling of consumer complaints and inquiries?
  Does the Board require audit coverage of compliance matters and review the results of
  periodic compliance audits?
  Does the Board review annually the consumer protection and UDAAP risk management
  program effectiveness?
  Does the Board incorporate consumer protection and UDAAP requirements in its strategic
  planning process?

1(b) Compliance Program (5 elements)

1(b)(i) Compliance Risk Management
   Does the Compliance Department have sufficient authority to carry out its mission, including
   monitoring, testing and performing self-assessments?
  Is Compliance sufficiently independent of the business lines?
  Does the compliance officer have direct access to the Board or to any governance units or
  Are all employees held responsible for compliance and “harm to consumers”?

      2013 ABA Regulatory Compliance Conference
      Handout #1

  Is the compliance program tailored to the size and complexity of the institution and consistent
  with adopted Board policies related to compliance?
  Does the program promptly address potential consumer protection or UDAAP issues?
  Does the program ensure corrective action for all identified system weaknesses and violations
  Is Compliance involvement included throughout the product life cycle?
  Are telephone and advertising scripts developed with compliance staff involvement and periodically
  Does the bank have processes for assimilating legislative and regulatory changes, and new
  compliance hot topics being emphasized by regulatory agencies that affect its operations?

1(b)(ii) Policies and Procedures
  Regarding consumer protection policies, guidelines or standards:
      Are they clear and objectively determined?
      Are they easy to incorporate into daily employee tasks?
        Do they guide employee discretion clearly and objectively including for referrals to
         other products or lending channels?
      Are they maintained to remain current?
      Are they amended when exceptions become the norm?
      Have there been any recent changes?
      Are changes clearly communicated to all appropriate personnel?
      Do they incorporate applicable regulatory guidance?
      Are they designed to detect and prevent violations and other “harm to consumers”?
  Do policies and procedures cover processes for development and implementation of new consumer
  financial products, services, or other activities, distribution channels, and strategies to determine
  the degree of compliance function participation?
  Are there well-defined standards that can be applied to each consumer product, service or
  Are there well-defined parameters for bank staff regarding exceptions to offering
  products, services, or activities?
  Do customer files have complete documentation showing the application and transaction
  history covering loan or deposit products or services requested and provided to the

      2013 ABA Regulatory Compliance Conference
       Handout #1

1(b)(iii) Training
  Does the bank offer the compliance officer and other bank compliance staff training
  opportunities to stay current with changing regulatory requirements and industry compliance
  Does the compliance officer or other compliance staff participate in compliance working
  groups with other local bank compliance officers or with state association compliance efforts?
  Does the bank have a regular, ongoing documented compliance training program that covers all
  staff to ensure all Federal rules are followed?
  Are training courses developed for specific staff audiences and include compliance with bank
  policies and procedures?
  Does the bank use review tests to certify that staff acquired the compliance knowledge
  necessary to perform their job?
  Does bank staff involved in product and service development and delivery activities have
  consumer protection and UDAAP knowledge appropriate to their responsibilities?
  Are all employees trained to take customer complaints seriously?
  Is there a formal new hire training program that includes existing employees with new roles?

1(b)(iv) Monitoring and Corrective Action
  Does the compliance function sample transactions of relevant product types and decision
  centers, including sales, processing, underwriting, collections, and servicing to ensure that
  policies are being followed on a day-to-day basis?
  Are the following monitored and tracked:
       Product, service and servicing activity volume and solutions by customer demographics?

       Consumer acceptance rates for loan solicitations or pre-screened offers?

       Policy or procedural exceptions?

       Call center volume?
       Recorded telemarketer calls for consistency with product features and compliance with
          bank policy and regulatory requirements?
       Advertising reviews?
       Customer satisfaction with products?
  Does the bank manage servicing activities in an adequate control environment, including
  policies and procedures, quality assurance, ongoing monitoring, training, automation and
  management oversight, billing, call handling, automated dialers, payoffs, lien releases and
  payment processing?

       2013 ABA Regulatory Compliance Conference
      Handout #1

  Does the bank conduct UDAAP mystery shopping?
  Does the bank review UDAAP risk issues by severity and frequency of occurrence?
  Does the bank review UDAAP control factors to determine strength?
  Does the bank perform follow-up reviews for all identified UDAAP issues?
  Does management monitor the timeliness and accuracy of established consumer protection
  and UDAAP management information systems?

1(b)(v) Compliance Audit
  Is the compliance audit work performed consistent with the established audit plan and scope?
  Are the frequency and depth of audit coverage and review appropriate for the size and
  complexity of the bank and the nature and extent of its activities?
  Is employee practice in complying with consumer protection compliance consistent with bank
  policies and procedures and regulatory requirements?
  Do compliance auditors determine the root causes for operational weaknesses, violations of
  law, or other deficiencies?
  Does management take corrective action to follow-up on any identified weaknesses or
  violations of laws and regulations?
  Does the bank track recommended and corrective actions and perform follow-up reviews
  ensure appropriate changes have been implemented?
  Does the compliance audit scope include a review of potential UDAAP?
  Does audit assess UDAAP compliance throughout the product or service life cycle?

Control Set II: UDAAP Specific Controls (6 sub-factors)

2(a) Advertisements and Solicitations:

Does the compliance program support the following marketing controls?
  Bank policy ensures that all marketing materials will be consumer friendly
  Messages are in no way misleading
  All pertinent and asterisked information is in a location where customers can easily
  locate it
  Any specific offer dates within which a product or service is available are specifically
  and clearly noted
  For pre-approved offers at a specific rate or at a specific cost, the bank guarantees
  that customers will get that rate or cost if they apply

      2013 ABA Regulatory Compliance Conference
      Handout #1

  A significant majority of consumers who accept solicitations for rates ‘up to’ or ‘as low
  as’ actually obtain the product or service advertised
  The bank can substantiate all claims made, especially in regard to fees
  If customers must affirmatively act to cancel a service following any “free trial period”
  to avoid being billed for it, the bank explains how to do that both at sign-up and as the
  trial period is ending
  Customers may close accounts that have been guaranteed without incurring any fees or
  Ads do not contain any word play (e.g., “no annual fees” have instead monthly fees or
  credit life insurance)
  If the bank offers products and services such as insurance, travel services, credit
  protection and consumer report update services with a credit product, it is clear
  whether they are optional or required
  All marketing pictures are reflective of what customers can expect
  All bank testimonials or endorsements are genuine
  Any TV or radio advertisement disclosures are placed in a way that customers can
  reasonably understand all of them
  Contact information is always provided so customers can reach someone if they have
  questions or complaints
  The bank immediately stops solicitations when a customer requests it
  The bank can actually deliver all the features of its products and services
  The bank tracks advertising and monitors to ensure it is not just in media serving
  specific customer demographics and ensures that advertisements reflect a diversity of
  All persons who review marketing materials also review complaints to ensure they
  understand the customer’s point of view

2(b) Disclosures

Does the compliance program support the following disclosure controls?
  Bank policy ensures that disclosures are clearly written and provide customers with the
  information they need, regardless of whether it is required by regulation
  All disclosures clearly and accurately describe terms, benefits and material limitations
  such as limits on interest rates, expiration dates, pre-requisites, and cancellation
  requirements, both affirmatively and by lack of omission
  All fees, penalties, and other charges are disclosed transparently

      2013 ABA Regulatory Compliance Conference
      Handout #1

  All disclosures are worded in a way that customers can understand (i.e., without jargon
  and legalese and written at an 8th grade level or below)
  The bank periodically reviews all disclosures to ensure they are current, clear and
  Complicated disclosures draw attention to key terms, including limitations and
  Disclosures clearly explain when product or service terms may be changed
  Customers are informed before any less favorable rate takes effect

2(c) Customer Service
  Procedures articulate bank expectations on providing consistent and good consumer
  assistance in daily banking activities
  The bank ensures customers do obtain the specific product or service that they have
  requested rather than a more expensive alternative
  The bank has friendly, consistent and knowledgeable staff that can talk to customers
  in a way they can understand
  When counter-offering a customer request, the bank clearly, prominently and
  accurately explains the difference between the requested product and the offered
  Employees are required to obtain clear and affirmative assent before enrolling
  customers in a new product or service

2(d) Vendor Management
  There are policies in place to ensure customers are treated fairly by all vendors and
  All third parties contracts and agreements incorporate consumer protection
  compliance, employee training, and audit reporting to compliance
  Compensation arrangements or performance evaluation criteria do not create
  incentives to treat customers unfairly
  All vendors are vetted to ensure they are legitimate and that their products are useful
  and of value before offering it to customers
  There is a formal re-approval and risk assessment process to consider third party
  performance over the past period (year, quarter, etc.) to ensure that on an overall
  basis the relationship with the bank and its customers is satisfactory
  Regulatory agency guidelines are considered in managing third party relationships
  The bank approves all marketing or advertising scripts developed and used by third

      2013 ABA Regulatory Compliance Conference
      Handout #1

  parties for its products and services
  Third parties do not use the bank’s name in their advertisements without an express
  agreement. Vendors do not using the bank’s name or supposed bank letterhead without
  receiving consent
  The bank offers or provides compliance training to third party vendors it uses or the
  third party otherwise provides compliance training to their staff
  Third parties have a process to receive complaints and it is clear to customers how and
  who to contact if they have a question or problem
  Weaknesses in third party operations are corrected promptly
  Bank policy is to discontinue using a third party if the third party is treating
  customers unfairly
  The bank performs periodic compliance reviews of third party vendors that it uses to
  provide or service products or services on its behalf
  The bank monitors third party compliance with state or federal consumer protection
  and UDAAP laws and regulations, and its policies or procedures?
  The bank tracks chargeback rates for its vendors and escalates concerns to senior
  management when that rate exceeds a certain percentage

2(e) Consumer Complaint Response
  The bank has a process to respond to consumer complaints in a timely manner and determine
  whether consumer complaints raise potential UDAAP concerns
  Customer concerns or questions about their experiences with bank products, services,
  activities, or custom service are recorded and evaluated by management for UDAAP red
  Consumer complaints and inquiries are defined and differentiated and staff is knowledgeable
  of the differences. Are they handled differently?
  Complaint staff has the ability to escalate issues of concern to management apart from
  normal complaint monitoring and reporting processes. These efforts are documented and
  reviewed for resolution?
  UDAAP complaints and outcomes are tracked to ensure that bank staff is adhering to bank
  policies and procedures, following regulatory requirements and treating customers consistent
  with bank customer service standards
  Complaints are assessed for the following:
       Information that may result in changes to products, services, marketing activities,
         policies, procedures or customer service standards to reduce issues
       Regulatory concerns that could result in violations of law or regulations such as

      2013 ABA Regulatory Compliance Conference
      Handout #1

         discouraging applicants, discriminatory practices, unfair and deceptive acts and
         practices or abusive or predatory practices
  Consumer response feedback programs are shared with managers so they can correct staff
  Management monitors complaints for response back to the customer and provides
  appropriate resolution as possible
  Social media is monitored for consumer statements regarding the bank, subsidiaries and
  third party vendors
  Remedies are implemented to resolve consumer complaint root causes
  Processes for customer appeals are readily available, consistently provided and clearly
  Complaints and inquiries are categorized by type
  There are enough employees responding to complaints so that customers will receive a timely
  There is a policy to ensure that complaints will be escalated to the appropriate management
  Similar complaints or inquiries are aggregated to see if there are systemic problems or the
  potential for violating the law

2(f) Customer Friendly Features

Does the compliance program support the following loan product controls?
  Application Processing
  Loan applications are straightforward, easy to understand and request only personal
  and creditworthiness information relevant to the credit product
  If it will cost customers to apply for a loan, those fees are clearly disclosed before the
  application process
  The following loan features are fully explained to customers:
        Negative amortization

        Balloon payments

        All loan costs

  All requests for information are clear

      2013 ABA Regulatory Compliance Conference
    Handout #1

Customers receive clear communication through the process so that they know what to
Customers receive clear and un-contradictory information about closing costs
Underwriting relies on ability to repay rather than collateral value
Bank employees work consistently with all customers who have a low credit score or
problems identified in their credit bureau that can be explained
Marginal applicants that could be approved receive the same treatment as other more
qualified applicants
Customers receive all disclosure documentation in advance of their closing date
Bank employees are available to answer any questions a customer may have
Payments are promptly posted
The bank reports good payment history to the credit bureau, including for both joint
The bank explains how it applies monthly payments and any fees or penalties
It is simple and clear for customers to determine their account balance
It is simple and clear to obtain a payoff amount
Nothing the bank does could be perceived as harassing
Collections practices are clearly spelled out such that customers will be treated
objectively and consistently
Credit Cards
The amount of usable credit customers can expect is clearly spelled out
Fees and charges are low enough that customers have available credit on their cards
Available credit is verified before any convenience checks are mailed
Customers can rely on the ‘please pay by date’ to make timely payments
The bank clearly explains what will happen if customers pay the minimum amount or less
than the minimum amount
Secured Credit Cards
When customers obtain a secured credit card, they have access to the majority of
their credit line

    2013 ABA Regulatory Compliance Conference
      Handout #1

  The bank’s secured card program provides customers with an opportunity to “graduate”
  to a higher credit line — and, eventually, to an unsecured card — through incremental
  credit line increases when they repay the card
  Since the credit card is cash-secured, the interest rate is reasonably lower than an
  unsecured card
  The bank avoids marketing with terms like “refundable account holds”
  If refinances are a large part of the bank’s portfolio, the customers are receiving a
  Lending personnel regularly explain how to reduce the interest rate with points
  If ‘no closing costs’ are advertised, then no closing costs are charged
  Credit Card Add-on Products
  If there is an upfront fee for this product, then the benefits and downsides of the
  product are explained before the fee is charged
  It is clear to customers whether this product is included with the card or required to
  obtain one
  If customers must pay in advance for credit insurance, any unearned amounts are
  returned to the customer
  Payday Loans
  The bank sets limits to prevent customers from getting into a cycle of debt
  Customers may cancel payday loan transactions within one day
  The bank can explain all the costs and fees associated with this product before selling
  it and provides customers with a way to compare the fees with other similar products
  Tax Refund Loan
  The product is marketed as a loan rather than as an advance of a tax refund
  All costs are explained before a sale of this product

Does the compliance program support the following deposit product controls?
  Account Opening
  Deposit products are explained in a simple and straightforward manner
  The costs of each product are explained clearly and in a way that customers can
  reasonably compare products
  All fees and penalties are clearly explained before they could be charged

      2013 ABA Regulatory Compliance Conference
    Handout #1

Account Maintenance
All fees and penalties that apply in customer periodic statements are clearly labeled
More than one overdraft product is available
The bank is clear about when it will charge fees and when it will pay overdrafts
The bank is clear about what it guarantees with regard to overdrafts
The bank clearly and neutrally explains the consequences of opting in to overdraft
protection including what transactions will be covered
The bank clearly informs customers when terms are changing
The bank does not advertise an account as “free” if there could be overdraft charges
Gift Cards
The bank is clear about any charges before a customer obtains a gift card including any
monthly maintenance, dormancy or usage fee
The bank explains what will happen if a card is lost or stolen and who to call if this
The bank explains what can happen if the card is used at gas stations, hotels,
restaurants, or other locations that may seek payment authorization
The bank explains when it may or may not authorize payments on a gift card
The bank explains how customers can redeem de minimis balances
Customers understand how to obtain balance information
Payroll Cards
The bank explains the risks of this product before customers obtain it
The bank clearly explains any costs for accessing funds
It is clear that there is no deposit insurance associated with this product
It is clear what happens if the holder of the funds declares bankruptcy

    2013 ABA Regulatory Compliance Conference
   Handout #1

                                UDAAP Risk Summary

UDAAP Inherent Risk Profile
Risk Sources                                   Rating   Observations
               Retail Footprint
               Customer Demographics
               Products & Services
               Delivery Channels
                 Retail Footprint Conclusion:
               Strategic Direction
               Marketing Strategy
               New Products & Services
               Pricing & Profitability
                Strategic Direction Conclusion:
               Third Parties
               Traditional Compliance
                Operations Conclusion:
               UDAAP Environment
               Supervisory Focus
               Customer Complaints
                UDAAP Environment Conclusion:
Overall Inherent Risk Rating:               Notes:

Quality of UDAAP Risk Management (Risk Mitigation and Controls)
Risk Controls                          Rating           Observations
& Mitigation Compliance Program (General Controls)
              Board & Sr. Management
              General Risk Management
              Policies and Procedures

   2013 ABA Regulatory Compliance Conference
   Handout #1

               Monitoring & Correction
               Compliance Audit
                  Compliance Program Conclusion:
               UDAAP Controls
               Customer Service
               Vendor Management
               Complaint Response
                  UDAAP Controls Conclusion:
               Customer Friendly Features – Loans
                 Application Processing
                 Credit Cards
                 Secured Credit Cards
                 Credit Card Add-Ons
                 Payday Loans
                 Tax Refund Loans
               Loan Features Conclusion:
               Customer Friendly Features – Deposits
                 Account Opening
                 Account Maintenance
                 Gift Cards
                 Payroll Cards
               Deposit Features Conclusions:
Overall Control Strength Rating:           Notes:

Consumer Residual Risk
Consumer        Gap 1

   2013 ABA Regulatory Compliance Conference
   Handout #1

Gaps            Level of Risk Concern
Identified      Observations
                What Action Taken
                Gap 2

                Level of Risk Concern
                What Action taken
Level of Risk Controls and Mitigation          (Strong, Adequate or Weak)

                                   Risk Summary
   Inherent Risk Rating       Risk Controls and Mitigation          Overall Risk

Risk Direction (Increasing, Decreasing or Stable)
Date of Last Directional Change

   2013 ABA Regulatory Compliance Conference

To top