Posted on 04/24/2012 at 12:30 PM by The Newsroom
On April 13, 2012, the Consumer Financial Protection Bureau (CFPB) issued a bulletin advising of its expectations for oversight of business relationships with service providers, as defined in Section 1002(26) of the Dodd-Frank Act. Banks and non-banks often hire service providers to handle customer service issues, operate call centers, handle data, and process credit cards. The CFPB advised that it expects banks and non-banks to have an effective process for managing the risks of service provider relationships. The following steps were advised:
- Conducting thorough due diligence to verify that the service provider understands and is capable of complying with federal consumer financial protection laws;
- Requesting and reviewing the service providers policies and procedures, training procedures, and internal controls to ensure there is proper internal oversight of its employees and agents;
- Clearly setting forth expectations for the service provider regarding compliance and consequences and penalties for non-compliance;
- Establishing internal controls by banks and non-banks to monitor the service provider to ensure compliance; and
- Taking prompt action in the event of non-compliance by the service provider.