First County National Bank
Regulatory Compliance Examination
Kirschler Peterson & Associates
Certified
Regulatory Compliance Manager
Initial Review
First
NOTE:
The following is provided for illustration purposes only; referenced Exhibits
are not attached.
SCOPE
An
initial review of the First County National Bank's consumer compliance program
was conducted
·
Community
Reinvestment Act (CRA)
·
Equal
Credit
·
Fair
Credit Reporting Act (FCRA)
·
Fair
Housing Act (FHA)
·
Truth-in-Lending
Act (TILA)
·
Real
Estate Settlement Procedures Act (RESPA)
·
Flood
Disaster Protection Act (FDPA)
·
Truth-in-Savings
Act (
·
Expedited
Funds Availability Act (EFAA)
·
Electronic
Fund Transfers Act (EFTA)
·
Bank
Secrecy Act (BSA)
·
Bank
Protection Act (BPA)
·
Right
to Financial Privacy Act (RFPA)
·
Fair
Debt Collection Practices Act (FDCPA)
·
Credit
Practices Rule
COMPLIANCE
MANAGEMENT
To
determine the bank's approach to managing its compliance program, the most
recent compliance examination report, board of directors meeting minutes,
policies, and procedures were reviewed and the Compliance Officer interviewed.
The
examination report stated that the bank's level of compliance with consumer
laws and regulations was less than satisfactory. The examination report noted
many violations of the RESPA,
As
stated in the examination report, the review was limited to approximately half
of the applicable consumer laws and regulations. The scope of this initial
review was more broad and included all applicable consumer laws and
regulations.
As further described below, this review revealed substantive violations of Regulation Z as well as technical violations of the ECOA, RESPA, TISA, EFAA, and EFTA. To prevent future similar violations, it is recommended that additional staff training be conducted and that regular monitoring be implemented. It is also recommended that policy statements be adopted by the board and implemented by management that will provide staff with guidance regarding compliance with specific consumer laws and regulations.
It is further recommended that the bank establish a Compliance Committee to oversee daily operations. The Compliance Officer will chair periodic meetings to ensure that management receives timely information regarding regulatory changes as well as recommendations for implementing such changes.
It is
recommended that the committee be comprised of Executive Vice
President/Lending, Executive Vice President/Operations, Senior Vice
President/Security Officer, Assistant Vice President/Training Officer, Internal
Auditor, and a CRA Officer (preferably the President or a member of senior
management). The Compliance Committee will ensure that staff receive sufficient
training and guidance and that the bank's compliance status is assessed at
least annually.
The
following describes the specific findings of, and recommendations resulting
from, the review.
SPECIFIC FINDINGS
Community
Reinvestment Act (CRA)
The
bank's CRA Statement, CRA Notice, CRA Public File, and board of directors
meeting minutes were reviewed to assess the bank's level of compliance with the
CRA.
The
CRA Statement, CRA Notice, and CRA Public File all contain the information
required by regulation. In addition, the board of directors reviewed and
approved the CRA Statement at its June 1995 meeting. The board also regularly
discusses the bank's CRA-related activities.
It
is recommended that subsequent to the end of 1995 a self-assessment be
conducted that will detail the bank's compliance with CRA regulations. While
not required, it is recommended that the results of the self-assessment be
provided to the board of directors.
Fair
Lending Laws and Regulations
Equal
Credit Opportunity Act (ECOA)
Fair
Credit Reporting Act (FCRA)
Fair
Housing Act (FHA)
To
determine the bank's level of compliance with fair lending laws and
regulations, the bank's loan policy, twenty-five (25) denied loan applications,
and fifty (50) approved loans were reviewed. The bank does not currently
operate under formal policies or procedures concerning compliance with specific
consumer laws or regulations.
The
board has adopted and management has implemented nondiscriminatory lending
standards. There are no recommendations in this regard.
Review
of the denied loan applications revealed ten instances in which the
documentation contained in the file did not support the reason for denial in
violation of Section 202.9(b)(2) of Regulation B. It is recommended that
lending staff be instructed to clearly document all reasons for denial.
The denied loan application review also revealed that in twelve situations, the Adverse Action Notice was not provided within the time frame required by Section 202.9(a) of Regulation B. It is recommended that lending staff be instructed regarding the importance of adhering to these regulatory time frames.
SPECIFIC
FINDINGS
Fair
Lending Laws and Regulations (continued)
Review of the approved loan applications revealed that in each instance the borrowers were not provided with the Appraisal Availability Notice required by Section 202.5a(a)(2)(i). To prevent future violations, it is recommended that management determine whether to automatically provide customers with a copy of an appraisal (independent or internal) or to provide customers with the notice advising them of their rights to obtain a copy of the appraisal used in connection with their loan application. It is recommended that this determination be described in formal procedures that will provide staff guidance.
While
not required by regulation, it is recommended that the board of directors adopt
a policy statement concerning compliance with fair lending laws and regulations
that will assign responsibility and provide for periodic training and
monitoring. In addition, it is recommended that management develop and
implement procedures that will provide specific staff guidance.
A list of the denied and approved loan applications reviewed is contained in the Exhibit section of this report.
Lending
Laws and Regulations
Truth-in-Lending Act (TILA)
Fifteen
(15) denied residential mortgage loan applications, thirty (30) approved
residential mortgage loans, the bank's initial home equity line and credit card
disclosures, two consecutive months of home equity lines statements for five
customers and two consecutive months of credit card statements for five
customers were tested to assess the bank's compliance with the TILA and
Regulation Z. The bank does not currently operate under a formal policy or
specific procedures.
Review
of the residential mortgage loans revealed three instances in which the
rescission period was waived at the borrowers' request. As stated in Section
226.23(e) of Regulation Z, this is permissible only in financial emergencies.
In one situation, the borrower was going out of town and had bills to pay;
another customer perpetually waived her right to rescind based on unspecified
financial emergencies; and one couple waived their right to rescind due to
Christmas expenses. Management is reminded that permitting non-emergency
rescission waivers is a substantive violation and may result in significant
financial liability to the bank. In that regard, management is cautioned to
only permit rescission waivers in extreme circumstances. To prevent these
situations from occurring in the future, it is strongly recommended that
specific procedures be immediately implemented and that all lending staff
receive training concerning rescission provisions.
SPECIFIC FINDINGS
Truth-in-Lending Act (TILA) (continued)
The
approved residential mortgage loan review also revealed one instance in which
it appears that the loan was funded during the rescission period in violation
of Section 226.23(c). This is considered a substantive violation. To prevent
future such violations, it is recommended that lending staff be provided
training concerning rescission provisions.
In
addition, there was one instance in which the finance charge was overstated by
an amount that exceeded regulatory tolerance. Given that this is an isolated
incident, there are no recommendations for improvement.
Review
of the denied applications revealed one instance in which the initial
Regulation Z disclosure was not provided as required by Section 226.19(a).
Continued monitoring is recommended to determine whether additional staff training
is necessary.
The
bank's home equity line initial disclosure generally complies with regulatory
requirements but does not disclose when fees are payable to third parties. It
is recommended that this information be inserted or separately provided to
customers. Review of the credit card application/disclosure revealed that it
does not contain the statement that charges incurred are due when the periodic
statement is received. It is recommended that this information be inserted or
separately provided to customers.
Review
of the home equity line statements revealed that the statements contain the
required information; however, payments do not appear to be credited on the
date they are received. Specifically, payments listed as being received on a Friday
are not credited until Monday and a payment submitted four days prior to the
due date was not credited until the due date. Of the statements reviewed, only
one payment, that was submitted after the due date, was credited when received.
Regulation Z specifically states that payments should be promptly credited
unless the payment does not conform to the bank's requirements for payment
(i.e., account number, payment stub, etc.). It is recommended that the accounts
be researched to determine whether immediate credit should have been provided
to these customers. If so, the bank may be required to re-credit the customers
during the following billing cycle as the difference in crediting will affect
the average daily balance that is used to calculate the finance charge.
Following are the accounts requiring research:
NAME ACCOUNT
NUMBER
Burton 82818
Grant 82825
Tracy 82883
SPECIFIC FINDINGS
Truth-in-Lending Act (TILA) (continued)
Review
of the credit card statements revealed that the statements contain the
information required by regulation and that the average daily balances and
finance charges are accurately calculated. No adverse findings were noted.
While
not required by regulation, it is recommended that the board of directors adopt
a policy statement concerning TILA/Regulation Z compliance that will assign
responsibility and provide for periodic training and monitoring. In addition,
it is recommended that management develop and implement procedures that will
provide specific staff guidance.
Real Estate Settlement Procedures Act (RESPA)
To determine the bank's level of compliance with the RESPA
and Regulation X, the OCC examination, five approved residential mortgage transactions,
and five denied residential mortgage loan applications were reviewed. The bank
does not currently operate under a formal policy or procedures.
The
examination report stated that disclosures required by the RESPA, including the
HUD-1 Settlement Statement, the Mortgage Servicing Transfer Disclosure, the
Good Faith Estimate, and the Special Information Booklet, were not provided or
copies, or evidence of receipt by the customer, were not maintained in the
files.
To prevent future violations of the RESPA, the Executive
Vice President in charge of lending discussed RESPA requirements with lending
staff. In addition, a form has been developed and implemented to verify that
required RESPA disclosures were provided; customers will sign and date this
form.
Review of the five approved residential mortgage
transactions revealed that, with one exception, RESPA disclosures were provided
as required. It is recommended that continued monitoring of RESPA transactions
be conducted to ensure that corrective action initiated by management is
sufficient.
Review
of the five denied residential mortgage loan applications revealed one instance
in which the mortgage servicing transfer disclosure was not provided as
required by Section 3500.21. It is again recommended that continued monitoring
of RESPA transactions be conducted to ensure that corrective action initiated
by management is sufficient.
SPECIFIC FINDINGS
Real Estate Settlement Procedures Act (RESPA) (continued)
While not required by regulation, it is recommended that the
board of directors adopt a policy statement concerning RESPA compliance that
will assign responsibility and provide for periodic training and monitoring. In
addition, it is recommended that management develop and implement procedures that
will provide specific staff guidance.
Flood Disaster Protection Act (FDPA)
The compliance examination and five residential mortgage
loan files were reviewed to assess the bank's compliance with the FDPA. The
bank does not currently operate under a formal policy or specific procedures.
The examiners noted no exceptions with regard to the bank's
FDPA compliance. The file review also revealed no errors.
It is recommended; however, that the board of directors
adopt a formal policy statement concerning FDPA compliance that assigns
responsibility and provides for periodic training and monitoring. It is also
recommended that management develop and implement formal procedures that will
include the Standard Flood Hazard Determination form the use of which is
mandatory beginning January 2, 1996.
Credit Practices Rule
Three
consumer loans having co-signers were reviewed to test the bank's compliance
with the rule. The consumer contracts do not contain prohibited provisions and
the appropriate co-signer notice is contained on the back of the combination
note/TILA disclosure.
SPECIFIC FINDINGS
Savings Laws and Regulations
Truth-in-Savings Act (TISA)
To assess the bank's compliance with the TISA and Regulation
DD, the examination report, bank policy, and account brochures were reviewed.
In addition, periodic statements for interest bearing accounts held by
individuals were tested regarding the accuracy of the interest paid and the
Annual Percentage Yield (APY) earned.
The bank's current TISA policy reflects general regulatory
requirements but does not provide for periodic training and testing. In
addition, implementing procedures have not been developed. It is; therefore,
recommended that the policy be amended to provide for training and testing and
that management develop and implement specific procedures that address
Regulation DD compliance.
Review of the account brochure revealed that for the
18-month (both fixed and variable) and the 30-month IRA accounts, there are
conflicting statements regarding the withdrawal of interest. Specifically, the
brochure states "You can withdraw interest credited to your account in the
term before maturity of that term without penalty"; then under transaction
limitations, the brochure states "You cannot withdraw interest from your
account before maturity". The brochure should be revised to correctly
reflect whether interest withdrawals are permitted.
The bank's account brochure states that the bank requires a social
security card and picture identification to open a checking account. While
demand deposit accounts are not subject, per se, to fair lending rules and
regulations, it is recommended that management consider alternative
identification such as an alien identification card or cards issued to elderly
persons for identification purposes.
The bank's periodic statements contain the information
required by Regulation DD. In addition, the interest paid and the APY earned
are within regulatory tolerance. The periodic statements contain the
"average balance for APY" which does not appear to correspond to the
interest paid or the APY earned. It is; therefore, recommended that this be
deleted from the periodic statement if possible.
SPECIFIC FINDINGS
Expedited Funds Availability Act (EFAA)
The bank's policy, procedures, account brochure, and a
sample of eight recently completed hold notices were reviewed to determine the
bank's level of compliance with the EFAA and Regulation CC.
The bank's policy and procedures generally reflect
regulatory requirements and bank practices; however, it conflicts with the
account brochure regarding the availability of electronic deposits. The
policy/procedures state that such deposits are available the next day following
deposit while the brochure states that deposits are available the day they are
received by the bank. It is recommended that the bank revise the
policy/procedures to reflect that electronic deposits are immediately
available.
The bank's general policy is to make funds available on the
next business day following deposit; holds are imposed on a case-by-case basis.
The bank's procedures specify how to complete a hold notice. For customer
convenience, it is recommended that the actual date the funds will be available
be reflected on the hold notice; it will be necessary to revise the bank's
procedures to reflect this change.
Review of a sample of eight recently completed hold notices
revealed that in one instance availability was not provided on the proper day
in violation of the EFAA and Regulation CC. In addition, there were five
instances in which the hold notice was not correctly completed. Specifically,
the name or address was not completed or the reason for the hold was listed
under the check description. It is recommended that staff responsible for
EFAA/Regulation CC compliance receive additional training concerning hold
notice completion. A list of the hold notices reviewed is contained in the
Exhibit section of this report.
Electronic Fund Transfers Act (EFTA)
To assess the bank's compliance with the EFTA and Regulation
E, its policy, procedures, account brochure, and periodic statements were
reviewed.
The bank's policy and procedures generally reflect
regulatory requirements and bank practices; however, it is recommended that the
policy/procedures describe who, or what area of the bank, is responsible for
resolving EFT errors and for communicating with customers concerning the error
resolution.
The bank's policy/procedures also do not discuss the types
of transfers permitted or transfer limits. It is recommended that the
policy/procedures refer to the bank's account brochures which reflect this
information.
SPECIFIC FINDINGS
Electronic Fund Transfers Act (EFTA) (continued)
The bank's account brochure states that a customer will only
be liable for the first $50 if a lost or stolen ATM card is reported to the
bank within four days. The disclosure also states that unauthorized or disputed
transfers reflected on periodic statements must be reported to the bank within
90 days; the bank's policy/procedures states that unauthorized transfers must
be reported within 60 days. The EFTA and Regulation E state that a lost or
stolen ATM card must be reported within 2 days to limit the customer's
liability to $50 and that unauthorized transfers must be reported within 60
days of the first periodic statement. It is recommended that a label reflecting
the proper time frames be developed and placed over the existing language so
that customers are provided with proper information. It is also recommended
that existing customers be provided a re-disclosure and that recently-reported
errors be researched to determine whether customers were harmed by the
incorrect disclosure.
Review of the bank's periodic statements revealed that they
contain required information. No adverse findings were noted.
Operations Laws and Regulations
Bank Secrecy Act (BSA)
The bank's policy, procedures, most recent regulatory
compliance examination, large cash transaction report, recent Currency Transaction
Reports (CTRs), exemption list, and Monetary Instruments Log were reviewed to
determine the bank's level of compliance with the BSA and implementing Treasury
Regulations.
The bank's policy was approved by the board at its February 1995
meeting and provides for proper reporting, monitoring, and training. It also
states that the bank's Compliance Officer also has the responsibility of BSA
Officer; this is not appropriate.
As stated above in the Compliance Management section, it is
recommended that the bank form a Compliance Committee that will oversee daily
operations. The BSA Officer should be a member of this committee. To ensure
adequate controls, it is recommended that Executive Vice President of
Operations, or a designee, be appointed the position of BSA Officer. The BSA
Officer will ensure prompt and accurate reporting of cash transactions and will
provide daily guidance to staff. Appointing the Executive Vice President of
Operations as BSA Officer will provide the Compliance Officer and Internal
Auditor with the independence necessary to properly review or audit the bank's
BSA compliance program. Management is reminded that implementation of the above
recommendations will necessitate revising the bank's current policy/procedures
to reflect the separation of duties.
SPECIFIC FINDINGS
Bank Secrecy Act (BSA) (continued)
Review of CTRs filed since the compliance examination
revealed that the section regarding the identity of the individual is now fully
completed. The bank has attempted to obtain the revised CTR form that became
effective October 1, 1995 but had not yet received a working copy as of the
date of the review and will continue to file the previous form until receipt of
the revised form. The IRS stated that it is permissible to use the previous
form until the end of 1995; provided, the bank has made a good faith effort to
obtain the new form.
The bank's exemption list contains the names, addresses, and
tax identification numbers of all correspondent banks. None of the bank's
customers are exempted from CTR reporting requirements. While the bank's
current automated system easily reports these transactions, the IRS has stated
that exemptions should be used so that the IRS system does not become
overloaded with unnecessary information. As recommended by the OCC examiners,
management should consider exempting some of its retail customers that
regularly deposit, withdrawal, or exchange in excess of $10,000.
Review of the monetary instruments log revealed that the
bank continues to collect information that is no longer required by Treasury
Regulations. It is; therefore, recommended that the Monetary Instruments Log
contained in the Exhibit section of this report be utilized as it complies with
current requirements.
Bank Protection Act (BPA)
To assess the bank's approach to compliance with the BPA, the board of director meeting minutes, security program, equipment testing, and training records were reviewed.
At its June 1995 meeting, the board of directors approved
the bank's security program and appointed the bank's Security Officer. The
security program describes opening and closing procedures, security devices,
and robbery procedures. The program provides for annual training for the
Security Officer and periodic staff training. There are no recommendations for
improvement.
Review of the equipment testing records revealed that
security devices are generally tested monthly and information regarding the
testing is forwarded to the Security Officer at the main office. It appears;
however, that the First County office has not forwarded such information. It is
recommended that the Security Officer ensure that all offices promptly report
equipment testing and failures to ensure continued security.
SPECIFIC FINDINGS
Bank Protection Act (BPA) (continued)
Training records indicate that, with the exception of the
Second County office, the bank's entire staff received security training in
June 1995. It is recommended that the Second County staff receive security
training prior to year end.
Right to Financial Privacy Act (RFPA)
A recent subpoena from the SEC was reviewed and management
interviewed to determine the bank's level of compliance with the RFPA. The bank
does not currently operate under a formal policy or procedures.
Review of the SEC subpoena and supporting documentation
revealed that the bank received proper authorization prior to complying with
the SEC information request. Management is reminded that under the RFPA, the
bank may recoup from the SEC its clerical, copying, and other costs associated
with the information requested.
It is recommended that the board of directors adopt a formal
policy concerning compliance with the RFPA and that management develop and
implement procedures that will provide staff guidance.
Fair Debt Collection Practices Act (FDCPA)
The bank's loan and collection policy and procedures were
reviewed to determine the bank's approach to compliance with the FDCPA.
Since the bank does not act as a "debt collector", the FDCPA does not apply. The bank has; however, adopted and implemented a "non-harassment" policy and procedures for handling bank collections. There are no recommendations for improvement.
Kirschler Peterson & Associates
Certified
Regulatory Compliance Manager
Kirschler
Peterson & Associates provides a full
range of financial institution consulting services.
Kirschler
Peterson website:
Kenneth M. DeLashmutt
"Predatory Lending Defense Specialist"
Call me most days 10 A.M. to 6 P.M. EST
Phone: 401-349-4717 EST
email: educationcenter2000@cox.net