Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Recently, the CFPB updated its Supervision and Examinations Manual to include a new section, Compliance Management Review – Information Technology, to assist examiners when assessing an institution and its service providers’ IT controls as part of a compliance management systems (CMS) review. All institutions under the Bureau’s supervision and enforcement authority are required to have a CMS adapted to its business strategy and operations. Among other things, the new CMS-IT examination manual outlines the following five modules: (i) Module 1: Board and Management Oversight; (ii) Module 2: Compliance Program; (iii) Module 3: Service Provider Oversight; (iv) Module 4: Violations of Law and Consumer Harm; and (v) Module 5: Examiner Conclusions and Wrap-Up. Each module addresses the examination objectives of the relevant policies and procedures, including those related to the oversight and commitment to an institution’s CMS, change management, risk management, self-identification and corrective action, and consumer complaint responses. The modules also discuss appropriate training, monitoring, and auditing of the various stages of an effective CMS program.
- Sherry-Maria Safchuk to discuss “Hot topics outside of CA” at the California Mortgage Bankers Association Conference
- Jon David D. Langlois to discuss “LIBOR Transition: How will the pieces come together in time?” at the American Bar Association In the Know-Live webinar
- Buckley Webcast: Dissecting the annual federal agency fair lending summit
- Jonice Gray Tucker to discuss “Regulators always ring twice: Responding to a government request” at ALM Legalweek