Jared Ihrig

9 top compliance issues

Don’t play ‘Whack-A-Mole’ with your compliance efforts.

September 14, 2018

The Bureau of Consumer Financial Protection (BCFP) has issued 141 enforcement actions from December 2014 to August 2018, says Jared Ihrig, CUNA’s chief compliance officer.

That’s why it’s crucial to stay on top of today’s top compliance issues.

Ihrig, who addressed the co-located CUNA Technology Council and CUNA Operations & Member Experience Council Conferences Thursday in San Francisco, says top compliance issues include:

Home Mortgage Disclosure Act (HMDA) violations. Watch for incorrect “action taken” codes, “preapproval” and “prequalification” reporting errors, the accuracy of HMDA data, and testing to ensure there are no unintended consequences from your HMDA compliance.

Military Lending Act (MLA) exam issues. NCUA will focus its MLA exams on the applicability of the regulation, compliance management system effectiveness, the identification of covered borrowers, the calculation of the military annual percentage rate, and mandatory loan disclosures.

Overdrafts. Review BCFP’s supervisory highlights, paying close attention to the issue of “actual” vs. “available” balances, and disclosures vs. actual practices.

Recent mortgage servicing rule revisions, including, successors in interest, periodic statements for borrowers in bankruptcy, and other items.

Current Expected Credit Loss (CECL) changes. While CECL isn’t effective until the end of 2021, credit unions need to track loan loss data now “so you have a basis to confidently state your expected losses for loans at the point of origination,” Ihrig says. “CECL could cause some CFOs some heartburn if they aren’t aware of the requirements in advance of the effective date of the standard. Allowance for loan loss accounts certainly will be impacted for many credit unions.”

Servicemembers’ Civil Relief Act (SCRA). Even though this legislation has been around for ages, violations still occur.

Americans with Disabilities Act website accessibility litigation. More than 100 lawsuits have been filed in 26 states. “Plaintiff firms continue to amend their demand letters and raise alternative standing arguments,” Ihrig says.

Plus, he adds, Web Content Accessibility Guidelines (WCAG) changed in June when WCAG 2.1 standards were introduced necessitating a fresh look at website compliance.

General Data Protection Regulation (GDPR), which became effective May 25 and has high potential penalties. NCUA is studying the issue and won’t make it a focus for exams right now, Ihrig says.

Remote deposit capture (RDC). A law firm representing USAA is distributing letters “inviting” credit unions to license patent rights to RDC technology.

The letters include no demands or threats of lawsuits. But credit unions receiving such letters should consult their vendors and counsel to fully understand their options with respect to possible indemnification and patent usage rights and responsibilities.

“Don’t ignore the letter, but work with your RDC vendors and internal/external counsel to determine how best to handle once you receive it,” Ihrig says.

He urges credit union leaders to be proactive, not reactive, when it comes to compliance.

“Don’t play ‘Whack-A-Mole’ on which issues pop up,” Ihrig says. “Contact CUNA and your league. Make us aware of your regulatory and compliance issues so we can advocate on your behalf appropriately.”

Click here for more conference coverage from CUNA News, and get live updates on Twitter via @cumagazine, @CUNA_News, @CUNACouncils, and by using the #TechCouncil and #OMECouncil hashtags. Learn more about the CUNA Councils, a member-led professional society for credit union executives, at