Rating Redo?


Federal banking agencies are considering revising
the Consumer Compliance Rating System

By Mary Thorson Wright

Bank compliance is not what it was in 1980 when the current Uniform Interagency Consumer Compliance Rating System was adopted. The rating system, more commonly known as the CC Rating System, provides a framework to evaluate compliance for financial institutions, including nonbank financial institutions. It is employed during consumer compliance examinations and other supervisory situations outside of examinations, as appropriate.

Earlier this year the Federal Financial Institutions Examination Council issued a proposal to revise the CC Rating System to address regulatory, supervisory, technological and market changes that have occurred since the system was established. One significant change would be the federal regulatory agencies’ move to a risk-based exam methodology. The proposed risk-based CC Rating System would rely less on transactional testing and focus heavily on whether an institution’s compliance management system is sufficient to ensure compliance with regulatory requirements and to prevent consumer harm.

“It’s clear all the regulatory agencies—not just the CFPB—are making compliance with consumer protection rules a high priority,” says Joe Gormley, ICBA assistant vice president and regulatory counsel. “By focusing on compliance management systems, the agencies not only want to know that a bank is compliant, they also want to know what compliance processes and systems the bank has in place.”

Three assessment categories and applicable assessment factors would be used to evaluate financial institutions under the proposed new system:

  • Board and Management Oversight. This would encompass an evaluation of oversight and commitment; change management; comprehension, identification, and management of risk; and corrective action and self-identification.
  • Compliance Program. Compliance would include assessing policies and procedures, training, monitoring or audit, and consumer complaint response.
  • Violations of Law and Consumer Harm. This would include examining for any violations of consumer protection laws and evidence of consumer harm, including the root causes of any violations, the severity of their consumer harm, the duration of time over which violations occurred, and the pervasiveness of violations.

“Regulatory burden is a message we continue to hit home with policymakers—both in Congress and at the regulatory agencies.”
—Joe Gormley, ICBA
regulatory policy expert

In recent years, community banks have implemented software systems and programs, procedures and records management to demonstrate their compliance. Community banks also have adopted these processes to establish valid data for an unprecedented number of existing, new and amended consumer protection requirements. The shift to a process management-driven rating system would most certainly require community banks to change how they track and evaluate the data needed to conduct self-assessments and to prepare for examinations.

However, in a July comment letter, ICBA voiced concerns about the general and imprecise rating scales in the FFIEC proposal, which offered no specific examples of what behavior or policies and procedures would earn a specific rating.

Gormley underscores the importance of ICBA’s commitment to avoid additional regulatory burdens for community banks. In fact, a survey of ICBA members about the FFIEC proposal found that a substantial majority would spend a substantial amount of time just reviewing and gauging how the proposal would impact their compliance operations. For these reasons, ICBA urged the banking agencies to thoroughly assess the burdens the proposal would impose on community banks before adopting final changes.

“Regulatory burden is a message we continue to hit home with policymakers—both in Congress and at the regulatory agencies,” Gormley explains. “Although the FFIEC indicated that it believes there would be no new regulatory burden with this proposal, that is simply not true. At a minimum, the proposed new standards will require analysis by community banks and may entail updates to bank policies and procedures to ensure regulators’ supervisory expectations are met.”

After reviewing the public comment letters filed, federal regulators could adopt a final revised Consumer Compliance Rating System as early as next spring.

Primary Documents

Read the joint-agency proposal to change the Uniform Interagency Consumer Compliance Rating System on the Federal Financial Institutions Examination Council’s website, at www.ffiec.gov. Find links within an April 29 press release.

Review ICBA’s comment letter on the FFIEC’s proposal online at www.icba.org/advocacy, under “Letters to Regulators.”

Mary Thorson Wright, a former Federal Reserve System managing examiner, is a financial writer in Virginia.