Compliance Audit
Topic Center

As with the burden of cleaning out a fridge, no one wants to undergo an audit – not even a compliance audit.
Audits are arduous and time-consuming, and they routinely shine a light on host of messy, sticky issues— but, in an industry bound by strict regulations, audits need to happen.

Audits: Painful But Necessary

Can you remember the last time you cleaned out your refrigerator? A grimy fridge isn’t just unpleasant; it can hasten spoilage, encourage mold and bacteria growth, and even increase your electric bills. Still, many of us don’t sort through the food we keep in cool storage as much as we should—it’s just not very high on anyone’s list of priorities. And, as long as no one gets sick, it’s probably no big deal… right?

If you’re lending to consumers, it’s like you’ve got a giant commercial fridge. And compliance audits help you get rid of the rotten stuff.

A Compliance Management System contains 4 areas of focus:
Mouse over each area to learn more.

Compliance audits are one of a few mechanisms through which government agencies, banking partners, and members of executive leadership can ensure that a business is following fair lending practices. Audits not only allow capital lenders to verify that clients conform to their standards and industry regulations, but help organizations uncover areas of risk and take proactive corrective action.

And don’t forget about third parties. Consumer lenders must themselves audit their third parties (e.g. collections agencies) to ensure they are complying with fair lending practices as well.

The level of complexity in lending regulations has reached an all-time high, but lenders have unprecedented access to auditing tools that uncover compliance data at the granular level. Imagine that your fridge could clean itself, or at least notify you when it’s time and illuminate the yogurt cups and salsa jars that need to be tossed out. This is the power of a robust compliance management system.

What the CFPB Looks for in an Audit Program

Clearly, the CFPB insists that the lenders it oversees have some kind of audit functionality in place, but what exactly are regulators looking for? In assessing an organization’s CMS, examiners will seek to determine whether:

  • The audit program is sufficiently independent and reports to the board or a committee of the board.

  • The audit program addresses compliance with all applicable Federal consumer financial laws.

  • The schedule and coverage of audit activities is appropriate to the size of the entity, its consumer financial product offerings, and its manner of conducting its consumer financial products business.

  • All appropriate compliance and business unit managers receive copies of audit reports in a timely manner.


  • Audit results lead to appropriate, timely corrective action.
Download theCompliance Audit Worksheet

The Last Line of Defense

Just as stocking and using the right ingredients will help keep your fridge clear before a mess can accumulate, your CMS should provide several defensible compliance processes in addition to audit functionality. A well-structured CMS includes three lines of defense against regulatory action:

Complaint Management

Your first line of defense is your complaint management program.

Your organization’s CMS should have a system and procedures in place for consumer complaint intake, categorization, escalation, resolution, and analysis. Also consider whether your team follows a documented, repeatable procedure when taking corrective action based on trends among the complaints you receive.

See How It Works

Audits + Automation = Awesome Compliance

Make life easy for your auditors and your compliance staff: consider adopting and implementing an automated compliance management system. An automated compliance management system provides with you a single platform with which to store, assign, and track the policies and training your financial and customer-focused staff are accountable for. This, in turn, gives auditors one place to go for the reports, evidence, and documentation they require.

With an automated CMS, you will no longer encounter any nasty surprises or missing documentation—because you’re already tracking compliance across your business, always. It’s about as close as you can get to a self-tidying fridge. In terms of audits, that is.

Recent Articles on Compliance Audits

Compliance audits are always a hot topic for our readers. Here’s the latest research and perspectives.

  • Hate Internal Audits? Read This.

    There are two general truths about internal audits: They provide you with the information necessary to make pivotal decisions that reduce risk and improve operations. Federal and state regulators expect [ More... ]

Compliance Audit Resources

Study up on the topic be downloading these great resources.

Join our Newsletter

lightbulb-iconGet consumer lending tips, tools, and articles sent to your inbox weekly.

New Call-to-action

  • CMS University

    Enroll in CMS University today! Nobody likes a 1,500-page textbook. But, that’s the material regulators expect you to know about consumer lending compliance and building a ... [More]

  • Worksheet: Audit Your Compliance Initiatives

    This worksheet will help you think through how to effectively audit your compliance initiatives. Get an in-depth view of the quality of your compliance program ... [More]

  • Internal Audit Blueprint eBook

    Learn what the CFPB looks for when evaluating your company’s internal audit program, and how to create a rock-solid internal audit program that protects your ... [More]

  • CMS Blueprint eBook

    Building a solid Compliance Management System is no easy task. It’s a big, hairy, complicated beast. But an important one. Let’s demystify what the CFPB ... [More]

  • CFPB Workshop: Compliance Audit

    When you have employees and managers inspecting their own work, they can either miss or hide the truth.  The key is an independent, objective audit. This ... [More]

Compli is a great platform that integrates every part of the business, from compliance to operations to HR.
Julie Kim
In-House Counsel & Compliance Officer / Sierra Credit Corp.
Compli offers a great, purpose-built platform that assigns, tracks and monitors any workforce compliance activity – not just training. The platform can help any organization rein in its compliance processes and execute them more efficiently, consistently, and effectively.
David Wentworth
Principal Analyst / Brandon Hall Group
Compliance has never been optional, but there are a lot of companies in the past who have operated that way. In light of recent events, compliance has really stepped up in the last few years, so we really have to make sure all of our bases are covered and make sure we're always in compliance at all times.
Andy Page
Director of Operations / Road Auto Finance
The training was pretty flawless. You know, I've dealt with a lot of different third party vendors as far as software, and they're usually not very fun to deal with. Compli was very, very good. I was honestly shocked about how easy it was. I just answered a few questions, and everybody over at Compli just kind of took it from there.
Andy Page
Director of Operations / Road Auto Finance
All my employees know what the rules are and they know where the boundaries are, and they know not to step out of bounds. So my capital source feels much more comfortable knowing that my employees know where out of bounds is.
Andy Page
Director of Operations / Road Auto Finance
All policies, procedures, training material, and personnel files are in a central location, and the search function makes it easy to find any file in the system.
Julie Kim
In-House Counsel & Compliance Officer / Sierra Credit Corp.
Compli eliminated inefficient internal processes and enabled us to focus on actual business matters.
Julie Kim
In-House Counsel & Compliance Officer / Sierra Credit Corp.




Phone: 866.356.1735
Support: 877.522.4276
Menu
Customer Login

Send this to friend