Categories
Everything Compliance - Shout Outs and Rants

Everything Compliance: Episode 135 – Shout Outs and Rants

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows.

In this episode, we have the septet of shout-outs and rantors; Jonathan Marks, Matt Kelly, special guests Karen Moore and Mike DeBernardis, all hosted by Tom Fox.

1. Matt Kelly praises the Supreme Court for upholding the constitutionality of the CFPB’s rants about right-wing radicals trying to destroy democratic institutions through the courts.

2. Guest Panelist Karen Moore sends sympathies to all those who have experienced flooding and shouts out to two Brazilian rowers, Evaldo Mathias Becker and Piedro Tuchtenhagen, who gave up on their Olympic dreams to stay in their home state of Rio Grande do Sul after heavy rains devastated the state.

3. Jonathan Marks shouts out to Dylan Beard, a Walmart deli worker who qualified for spot at the U.S. Olympic track and field trials in June in the hurdles. As an unsponsored athlete, his employer, Walmart, presented him with a check for $20,000 so his friends and family could support him as he made his way to the Olympic trials.

4. Special Guest Panelist Mike DeBernardis shouts out to the Washington Commanders for some long-awaited sanity with the club’s new owners.

5. Host Tom Fox shouts out to the City of Louisville for the bookend of Sydney Thomas saving lives and arresting the World’s Number 1 golfer, Scottie Scheffler, while driving on his way to the PGA Golf Tournament at Valhalla Country Club.

The members of the Everything Compliance are:

• Jay Rosen – Jay can be reached at Jay.r.rosen@gmail.com

• Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com

• Jonathan Armstrong – is our UK colleague and an experienced data privacy/data protection lawyer in London. He can be reached at windyridgehouse@gmail.com.

• Jonathan Marks can be reached at jtmarks@gmail.com.

Special Guest Karen Moore can be reached at Kmoore51@fordham.edu

Special Guest Mike DeBernaris can be reached at the law firm’s website, www.hugheshubbard.com/.

The host, producer, and ranter (and sometimes panelist) of Everything Compliance is Tom Fox, the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
Daily Compliance News

Daily Compliance News: May 20, 2024 – The CFPB is Constitutional Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • The Supreme Court finds the CFPB constitutional.  (NYT)
  • Binance gets 2 monitors. (WSJ)
  • Newsom accuses Trump of an extortion attempt on energy execs.  (NYT)
  • AGC crusader picked as Vietnam’s next president. (Bloomberg)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

Bank of America Enforcement Action and Using Data Analytics

Data analytics has become an essential tool in the field of compliance and risk management. It allows compliance officers to assess the effectiveness of their programs and identify potential risks before they escalate into major issues. In a recent episode of the podcast “Compliance into the Weeds,” Tom Fox and Matt Kelly, discussed not only the importance of having data analytics in a compliance program but actually using the data in a risk management strategy.

The Consumer Financial Protection Bureau (CFPB) recently fined Bank of America $12 million for mishandling data analytics, specifically around accurate data about home mortgage applications. The bank had all the necessary data to assess its compliance risks, but it failed to maintain continuous monitoring, leading to compliance issues. This case serves as a reminder of the need for ongoing data analysis for proactive risk management.

The CFPB found that Bank of America violated the Home Mortgage Disclosure Act, a law on the around since the time I graduated from High School, that being 1975. The law itself requires mortgage lenders to collect demographic data about home loan applicants and report that data to various federal agencies. Bank of America settled the matter without admitting nor denying the allegation and agreed to the aforementioned $12 million fine.

As Matt noted in his Radical Compliance blog post, “Dig into the details of the settlement order, and you can see how data analytics, auditing, and monitoring all play a crucial role in assuring compliance with a regulation like this. Given that so many other business sectors have similar obligations to collect and report lots of data to regulators, maybe this case isn’t so obscure after all.”

The enforcement action drives home the clear lesson that data analytics is not a one-time tool to determine violations or identify risks. It should be used as a monitoring device that runs continuously to provide early warnings when risks enter the red zone. Bank of America’s mistake was treating data analytics as a one-time solution to a problem, rather than a long-term monitoring tool. They implemented analytics in 2013, found the error, introduced a control to correct it, and then switched it off when the problem seemed to be solved. However, the problem recurred, leading to the CFPB penalty.

As noted, is the high level of importance around surveillance and monitoring in the banking and financial services industry. These sectors have extensive monitoring and surveillance practices, recording every email and phone call to prevent improper messaging and manage risk. While this level of monitoring may seem draconian to other industries, it has proven effective in ensuring compliance and preventing fraud in those arenas.

The Bank of America case demonstrates that compliance officers often already have the necessary data for analysis; they just need to identify which information to study. In this case, the bank had all the data it needed to assess the compliance risk of information not provided in home loan applications. They implemented a monthly report to crack down on the abuse, resulting in a significant drop in the information not provided group. However, when they ceased the report in 2016, the rate started to increase again, ultimately leading to the violation and penalty.

The use of data analytics to monitor the effectiveness of controls was also a key lesson from the enforcement action. When Bank of America instituted monitoring to determine who was filling out the reports, they obtained significant information and saw a drop in the information not provided group. This strategy raises the stakes around the question of whether being watched or monitored can influence individuals to follow controls and do the right thing.

Data analytics should not only be used to analyze the effectiveness of compliance programs but also to analyze overall activity within an organization to identify compliance risks. Compliance officers should strive for analytics that run continuously, providing insights into the state of affairs over the long term. This approach allows for early detection of risks and enables business units to manage their own risks effectively.

The Bank of America case serves as a valuable lesson for compliance officers in any industry. It highlights the importance of ongoing data analysis, continuous monitoring, and the need to consider data analytics as a long-term risk management tool. By leveraging data analytics effectively, organizations can proactively identify and mitigate compliance risks, ultimately avoiding costly penalties and reputational damage.

Data analytics plays a crucial role in compliance and risk management. It enables compliance officers to assess program effectiveness, identify potential risks, and monitor activities for early warnings. The Bank of America case underscores the importance of continuous data analysis and monitoring in proactive risk management. By embracing data analytics as a long-term risk management tool, organizations can enhance their compliance efforts and safeguard against potential violations.

Categories
Daily Compliance News

Daily Compliance News: November 16, 2023 – The Legal Baggage Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. all from the Compliance Podcast Network. Each day we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • Corruption in lithium mining in Africa. (Inside Climate News)
  • The State of Texas moves to anti-business. (Bloomberg)
  • The legal baggage at Fox News is awaiting Lachlan.  (FT)
  • Potential CFPB arbitration ban. (Reuters)

 

Categories
Daily Compliance News

Daily Compliance News: October 5, 2023 – The Space Junk Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • Matt Levine on what Michael Lewis said about SBF. (BBC)
  • New compliance risk—space junk. (NYT)
  • Is the NBA too cozy with China? (WSJ)
  • Will the CFPB survive the Supreme Court? (Reuters)
Categories
Compliance Into the Weeds

CFPB on Data Protection Minimums

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we explore the recent CFPB circular which noted a company’s failure to implement adequate data protection measures can qualify as an unfair practice prohibited under the Consumer Financial Protection Act.  Highlights include:

·      The CFPB is going to start bringing charges against more companies for sloppy data protection programs.

·      Three Key data protection security controls.

·      Why CISOs and IT needs to talk to compliance.

·      The role of auditing and monitoring.

·      How and where to get started.

Resources

Matt in Radical Compliance

Categories
Daily Compliance News

August 11, 2022 the Trump Takes the 5th edition

In today’s edition of Daily Compliance News:

  • Trump takes the 5th in civil investigation. (NYT)
  • Basel Institute’s Green Corruption Program. (Relief Web)
  • Waters wants CFPB to investigate Equifax. (WSJ)
  • 9th Circuit reinstitutes whistleblower case. (Reuters)
Categories
Daily Compliance News

March 30, 2022 the CFPB Roars Edition


In today’s edition of Daily Compliance News:

  • CFPB want recidivist banks stripped of licenses. (NYT)
  • Coca-Cola scraps mandated diversity policy for outside law firms. (Bloomberg)
  • US sanctions regulators seek more funding. (WSJ)
  • Hybrid work model requires new thinking. (WaPo)
Categories
FCPA Compliance Report

Quyen Truong on the Direction of the CFPB under the Biden Administration


In this Episode of the FCPA Compliance Report, I am joined by Quyen Truong, partner at Stroock & Stroock & Lavan. During her career in government, she worked at the Consumer Financial Protection Bureau. She joins me to talk about the CFPB under the Biden Administration.  Highlights of this podcast include:

  1. What is the CFPB? What does it regulate?
  2. What is the likely impact of Rohit Chopra to head the CFPB?
  3. What will he need to do to rebuild the morale of the CFPB?
  4.  What do you see as the direction by the CFPB in regulation and enforcement?
  5. Any new policy initiatives or directives?
  6. What is the interaction between the CFPB and the states? How might that change under the Biden Administration?
Categories
Daily Compliance News

March 5, 2020-the Kid Gloves Treatment edition


In today’s edition of Daily Compliance News:

  • Trump Administration promised Wells Fargo kid gloves treatment. (NYT)
  • SEC seeks to ease more fund raising rules for start-ups. (WSJ)
  • Is being a frequent flyer bad environmentally? (New York Times)
  • Former Uber exec order to pay Google $179MM, files for bankruptcy. (Washington Post)