On June 25, 2013, the Consumer Financial Protection Bureau (“CFPB”) issued a bulletin in which it made public the types of “responsible conduct” that it would consider in exercising its enforcement discretion. While none of these factors is particularly shocking, it is reassuring for financial institutions to have some public statement from the CFPB about how to handle legal violations (or potential violations) that they remediate internally.
The Bulletin explains that the CFPB considers four categories of conduct when evaluating whether “some form of credit” is warranted in an enforcement investigation: self-policing, self-reporting, remediation, and cooperation during the CFPB’s enforcement investigation. Additionally, if an institution engages in another type of special activity that is both “substantial and meaningful,” the CFPB may take that activity into consideration.
With respect to each category of conduct, the Bulletin describes how it will evaluate and award credit for a financial institution’s activities:
- Self-policing: The CFPB will consider
- (a) the nature of the violation, how it arose, and whether it was pervasive or isolated;
- (b) how the violation was detected and who uncovered it, including procedures that were in place to prevent, identify, or limit the conduct and to preserve relevant information;
- (c) whether the institution’s self-policing functions have previously been the subject of examination and the outcome; and
- (d) the culture of compliance within the organization.
- Self-reporting: The CFPB notes that it will provide special emphasis and credit for this conduct. Further, the CFPB will consider
- (a) whether the party completely and effectively disclosed the conduct to the CFPB, other regulators, and consumers;
- (b) whether the conduct was reported promptly; and
- (c) whether the party proactively self-reported.
- Remediation: The CFPB will consider
- (a) how long the institution took to stop and implement an effective response;
- (b) whether responsible individuals were held accountable;
- (c) whether the institution took prompt and effective steps to preserve information and recompense those adversely affected; and
- (d) assurances that the misconduct is unlikely to reoccur.
- Cooperation: Cooperation relates to the institution’s interactions with the CFPB after it becomes aware of a potential violation of federal consumer financial laws (through self-reporting or the CFPB investigation function). The CFPB will consider
- (a) the nature of the party’s cooperation and identification of additional misconduct;
- (b) whether the party took steps to develop the truth quickly and share its findings with the CFPB; and
- (c) whether the institution made its records available and produced a complete report.
This summary explains the core of the Bulletin but additional details about each level of conduct are provided in the Bulletin. For additional questions, please contact Spilman or other knowledgeable counsel.