There are many “tangible activities” that can be done to maintain the compliance management system and improve the framework, said Mike Lavin, executive vice president and chief legal officer at Consumer Portfolio Services Inc.
Lenders preparing for regulation and eventual exams by the Consumer Financial Protection Bureau need to make maintaining their CMS a top priority, which is exactly what CPS is doing, Lavin said.
Three to four years ago, “it was all about developing the CMS machine — which everyone was doing,” he said. Now, it’s about maintaining the CMS, “and making it a living, breathing thing that operates on a daily basis, and not just a binder on a bookshelf.”
The CMS is a “guidepost, or a playbook — if you will — but you still have to make the plays,” Lavin said, “and the plays are activities, tangible activities that are being done to make sure you remain compliant.”
Here are three activities lenders can do to improve the CMS machine:
- Issue Frequent Compliance Reports
Lenders need to issue more than just an annual compliance report, Lavin said. Quarterly and monthly compliance reports to the board of directors are also needed. Lenders can then analyze the reports every month to see what they are doing right and wrong, he said, and they can also issue quarterly compliance reports before each board meeting, then talk about compliance issues for at least 20 minutes during the meetings.
- Perform Online and Live Compliance Trainings
Another way to maintain the CMS machine is by performing monthly, quarterly, and annual trainings, Lavin said. CPS utilizes “real-time technology to do quarterly trainings,” then performs annual live training seminars on things like collection practices, data security, privacy, and fair lending, among other topics, he said. CPS also conducts monthly training seminars on consumer finance law issues with the company’s business units.
- Conduct Quarterly and Annual Audits
Lenders should also conduct quarterly and annual audits, Lavin said. CPS conducts an internal quarterly audit with its independent audit manager, “where we go over every control on a quarterly basis,” he said, then an outside law firm will perform an annual audit on the company’s compliance functions.
All of these activities are part of the CMS machine, Lavin said. They are actual things being done, versus a binder full of paper sitting on a bookshelf. These activities take “man hours, extra staffing, extra supervision, extra time for management, and extra time for the board of directors, he added, “but it’s all part of the new environment that we live in today.”