WBK Industry News - Federal Regulatory Developments

CFPB Fines Bank $12 Million for HMDA Reporting Violations

The CFPB recently issued a consent order and a $12 million fine against a large national bank for failing to accurately collect and report HMDA data.  According to the CFPB, instead of asking applicants for their race, ethnicity, and sex, the bank’s loan officers falsely recorded that the applicants chose not to provide the information.  The CFPB concluded that by reporting inaccurate information, the bank violated HMDA, Regulation C, and the CFPA.

In addition to the $12 million civil money penalty, the consent order, among other things, requires the bank to develop, implement, and maintain policies and procedures to ensure compliance with HMDA and Regulation C that includes:

  • Training loan officers and other employees on the requirements under HMDA and Regulation C;
  • Electronically identifying the specific phone call on which HMDA data related to an applicant’s race, ethnicity, and sex is collected;
  • Recording phone applications and periodically auditing a representative sample to ensure HMDA data is accurately collected and recorded;
  • Providing monthly reports to individual loan officers’ managers and leadership showing information-not-provided rates of individual loan officers;
  • Promptly coaching loan officers whose information-not-provided rate exceeds a target rate set by the bank and documenting when the coaching occurred;
  • Reviewing all phone applications for any loan officer who exceeds the bank’s target information-not-provided rate for three consecutive months;
  • Initiating progressive discipline of any loan officer if call recordings show non-compliance with the HMDA data collection requirements;
  • Designating an executive or management-level individual or committee that is responsible for HMDA data collection compliance;
  • Documenting any changes made to an applicant’s race, ethnicity, and sex during the loan-application process; and
  • Ensuring that the HMDA Disclosure is identical for loan applications taken in person, over the phone, or submitted online.

The consent order further requires the bank to create and implement a compliance plan that includes, at a minimum, detailed steps for addressing each action required by the consent order, a mechanism to ensure the bank’s board is kept apprised of the status of compliance actions, and specific timeframes and deadlines for implementation of the steps described above.