Compliance Update with Amy K
by Amy Kleinschmit
Chief Compliance Officer


The Consumer Financial Protection Bureau (CFPB) recently announced that the exemption threshold is adjusted to increase to $46 million from $45 million. The adjustment is based on the 2.6 percent increase in the average of the CPI-W for the 12-month period ending in November 2018. Therefore, banks, savings associations, and credit unions with assets of $46 million or less as of Dec. 31, 2018, are exempt from collecting data in 2019. The final rule making this adjustment can be found here.


The National Credit Union Administration (NCUA) began the year with a new regional structure. North and South Dakota are now in the Western Region. Contact information for our new region can be found here.

The NCUA also started the year off with a redesigned website: It is mobile friendly and also more user friendly. was also included in the website redesign and has a lot of great information and tools for consumers.

CFPB Enforcement Action$.

The CFPB recently announced an enforcement action that stems from stop payment, error resolution and deposit account re-opening practices. The bank, among other things, must provide approximately $12 million in restitution to certain consumers who were denied a reasonable error resolution investigation, and pay a $3.5 million civil money penalty.

Enforcement actions are a good reminder to review your credit union’s policy/procedure and practices, in this case error resolution and Regulation E requirements, and make sure everything is compliant and ready to go.

Some of the violations that were cited in this enforcement action include the banks failure to enter stop payment orders after account holders notified the bank of their desire to stop payment on Preauthorized EFTs, including by refusing to enter stop payments or by requiring consumers to contact the merchants initiating the EFTs as a prerequisite to implementing stop payment orders. In some of these instances, the bank failed to enter stop payment orders because consumers requested to stop payments to payday loan lenders.

Remember, Electronic Fund Transfer Act (EFTA), which is implemented by Regulation E, requires that financial institutions holding consumers’ accounts allow consumers to stop future payment on Preauthorized EFTs and to contest incorrect or unauthorized past EFTs through an error resolution procedure. 12 C.F.R. §§ 1005.10, 1005.11.

The bank also did not consistently honor oral stop payment requests for 14 days. Regulation E provides an oral stop payment request for a Preauthorized EFT is binding on the institution for 14 days.

EFTA requires that a financial institution “shall investigate [an] alleged error, determine whether an error has occurred, and report or mail the results of such investigation and determination to the consumer within ten business days.” Regulation E further mandates that the financial institution must “investigate promptly.”

The CFPB found that, “on numerous occasions, when consumers notified [the bank] about suspected errors regarding EFTs that were incorrect, unauthorized, or exceeded the authorization granted by the consumer, [the bank] failed to promptly initiate Error Resolution Investigations. Through May 2015, as a matter of policy [the bank] did not investigate reported errors unless the consumer asserting the error submitted a completed WSUD within 10 days of [the bank] sending the consumer the form.” This practice was a violation of Regulation E.

Another glaring violation of Regulation E, was the bank’s practices concerning consumers with payday loans. The bank had separate policy/procedures for these situations. The procedure said: “If the account holder wishes to dispute a pay day loan, instruct the account holder to contact the lender to dispute the transaction(s).” The CFPB found that on numerous occasions, the bank representatives refused to investigate errors because they concerned payday loans.

The procedure further instructed bank representatives to warn consumers about potential legal and financial consequences of proceeding with an Error Resolution Investigation. The procedure directed representatives to say: “If we determine that the ACH debit in question was authorized, you will be putting your [bank] membership at risk. What this means to you is that you may become ineligible to purchase additional [bank] products and that existing [bank] accounts may be closed. Also, please understand that it is a federal crime to make a false statement to a bank and this is punishable by a fine of up to one million dollars or imprisonment for up to 30 years, or both.” This warning was part of a general conversation with consumers about payday loan contracts. The bank would send WSUD forms only to consumers who said they wanted to proceed after hearing the warning. Finally, the bank required consumers contesting transactions from payday loan lenders to have their WSUDs notarized before submitting them. If a consumer contesting an error concerning a payday loan lender did not provide a notarized WSUD, the bank did not conduct an Error Resolution Investigation.

EFTA and Regulation E require that “When conducting an Error Resolution Investigation, a financial institution “must determine whether an error has occurred,” 15 U.S.C. § 1693f, and in so doing, must conduct, at a minimum, a “review of its own records regarding [the] alleged error.” 12 C.F.R. § 1005.11(c)(4). This review must include “any relevant information within the institution’s own records,” 12 C.F.R. Pt. 1005, Supp. I, Comment 11(c)(4)-5, and the investigation “must be reasonable,” 71 Fed. Reg. 1638, 1654 (Jan. 10, 2006).”

CFPB found that the bank lacked a procedure requiring that a reasonable Error Resolution Investigation occur whenever a consumer notified the Bank about a suspected error regarding an EFT. As a result, the bank routinely failed to conduct a reasonable review of all relevant information within its own records prior to making a determination about whether the consumer had asserted a valid error. The CFPB found that, “In numerous instances when [the bank] found no error, a reasonable review of all relevant information within the Bank’s own records would have resulted in a determination in favor of the consumer.”

Compliance Solution – Internal Audit Outsourcing.

Through the Credit Union Association of the Dakotas' partnership with AffirmX, we are pleased to present a full suite of compliance solutions for credit unions in the Dakotas. These tools have been designed to help your credit union reduce workloads, anxieties and costs.

Put AffirmX’s outsourced, internal auditing services to work for your Credit Union. AffirmX leverages its patented Risk Intel Center online platform, which enables them to work like a remote employee. Simply upload documents to their secure environment for off-site review. (Note: For clients where AffirmX has VPN connectivity, even uploading the documents is unnecessary.) Then the compliance analysists with AffirmX perform an independent and on-going third-party review of adherence to your credit union’s internal controls procedures in order to protect against fraud and ensure safe and sound internal operations.

AffirmX works with you to ensure compliance with your applicable operational policies and procedures. The credit union receives detailed reports on findings along with specific recommendations for addressing any noted deficiencies. AffirmX can also provide a year-end report, which is an invaluable tool at examination time. The AffirmX internal audit reviews vary according to your needs, but are comprehensive, covering such areas as:

Internal Control Reviews - Policy and Procedures

Finance/Accounting - Reconciliations

New Products/Services

  • New loans of all types, including real estate and business loans
  • Decline loans (all types)
  • New accounts (all types)
  • New members/customers
  • Credit card dispute and charge back processes

Core System Generated Reports/Special Report Monitoring

  • File maintenance report
  • Paid ahead loans
  • Accrued interest greater than schedule payment reports
  • No payments in the last 90 days reports
  • Interest rates less than 5% or greater than 18% reports
  • Supervisory override reports
  • First payment dates more than 45 days from original loan date
  • Accounts with post office box addresses
  • Non-amortizing loans
  • Cash transactions over $10,000
  • Cash payment loans reports
  • Negative share/account and draft/checking
  • Shares/accounts greater than $100,000Non-sufficient funds year-to-date reports
  • Dormant share accounts
  • Insider reports

Feel free to contact Amy Kleinschmit for more information and pricing, or with any of your compliance related questions.



<< Go to Memo List