Four Key Steps to Comply with CFPB
- Board of directors & management oversight: A high-level executive in your organization with access to the BOD (if one exists) should be named as your organization’s Compliance Officer. This assignment must be more than a title – they need to take action.
- Compliance program: Whether an automated system or an excel spreadsheet, your organization must have a systematic way of tracking the distribution, attestation, and storage of policy and procedure to the entire workforce so you can prove you have a program in place.
- A consumer complaint management program: Your consumers must have a known way to communicate their concerns. Contrary to original thought, you don’t have to monitor every possible source of complaint (Facebook, Twitter…etc). If you have a centralized management system, such as Dealergripe you simply need to communicate that channel to your customers.
- Independent compliance audit: Audit your program in some fashion. The CFPB recommends an independent audit, however, the first step is just getting an audit program in place. Chances are if you are investigated and you have some form of audit occurring you will be in much more defensible position, even if it’s internal to start.
The Time is Now:
After watching a similar process take shape in the healthcare industry over the past five years with the updates to
HIPAA and the enforcement from OCR, it’s clear that the Feds recognize the ability to drive both consumer protection and financial gains for their agencies with this approach. You only have to look at what the FTC, OCR and others have done over the past decade to see where the CFPB is going.