September 9, 2020 | Posted by Kimberly Boatwright, CRCM, CAMS
Clock Image
7 Minute Read

Risk management is all about identifying, measuring, monitoring, and controlling risk, and Fair Lending risk is no exception.

When assessing Fair Lending risk, it’s not just what your financial institution is doing. It’s also what it’s not doing.

Read on for eight red flags that may indicate potential Fair Lending risk.

1. Discretion or exceptions in the underwriting or pricing process.

Many FIs pride themselves on their ability to work with consumers and be flexible with unusual circumstances. But that flexibility also needs to be fair. How do lenders decide who gets what interest rate or terms? Are lending criteria vague or subjective? For example, what does “good character” really mean? Does every loan officer in the bank define it the same way? Is there guidance on making exceptions (including credit-score overrides)?

If your FI isn’t documenting how these documenting how these decisions are made and reviewing them to make sure similarly situated borrowers are treated the same, it's a huge challenge to your risk practices - one that is very hard to mitigate if not handled appropriately.

2. Not enforcing clear, objective and consistent standards for referring applicants to specific product lines.

Steering is the practice of deliberately guiding applicants toward or away from certain loan products or lending channels on a prohibited basis.

According to the FDIC, steering risk may exist if there is a lack of clear, objective, and consistently implemented standards for:

  • Referring applicants to subsidiaries, affiliates, or lending channels within the bank;
  • Classifying applicants as “prime” or “sub-prime” borrowers; or
  • Deciding what kinds of alternative loan products should be offered or recommended to applicants based on their status.

3. Overlooked findings.

Every FI comes away from an exam or audit with at least a finding or two. Findings show where improvement is needed, but they aren’t necessarily indictments of how the FI operates. They highlight weaknesses or challenges — and how the FI manages them indicates how responsive the FI is to improving its risk management program.

The problem comes when an FI is made aware of a problem and then does nothing to correct it.

Ask yourself: If the board were to ask you for an update on Fair Lending findings, how long would it take you to gather the information you need? Do you know all your recent findings, who is responsible for remediating them, what steps have been taken, and whether or not remediation is complete? If the idea of tackling this task gives you a stress headache, that’s a sign you’ve got a problem that goes beyond findings management. There’s a good chance you’ve got unresolved findings lurking, increasing your Fair Lending Risk.

4. No complaints.

If you think your lending program must be compliant because your FI hasn’t received any complaints, think again.

Every FI has complaints. Whether it’s a mistake or an ornery consumer, complaints are part of doing business. They are also an opportunity and a valuable risk indicator, pointing out potential challenges that need to be addressed.

If your FI isn't receiving complaints, then your team is not listening.  Either you do not have the best policies and procedures, staff training, or complaint monitoring in place. You need to be able to identify, log, and remediate complaints.

The CFPB complaint database has seen complaints quadruple in the last four years. A majority of the most common consumer complaints involve lending, mortgages (20 percent), credit card (6 percent), student loans (4 percent), and consumer loans (2 percent).

A strong complaint management program can help you identify and remediate these risks.

5. Incentivizing noncompliant behavior.

Do your financial incentives align with the behaviors you want your employees to portray? Do employees benefit from making decisions that could ultimately expose the FI to Fair Lending risk? Make sure your compensation and HR policies are designed to promote compliant behavior.

6. Weak compliance management.

A Fair Lending compliance management program should have:

  • Board and management oversight
  • A Fair Lending risk assessment every 12-18 months
  • Documented Fair Lending policies and procedures (and any exceptions)
  • Training
  • Independent review
  • Self-testing
  • Analysis and reporting (including data that explains gross disparities)
  • Complaint management
  • Third-party vendor management

If your FI’s compliance management system (CMS) isn’t equipped to manage these elements of Fair Lending compliance, you could be exposing your FI to undue Fair Lending risk.

7. Not analyzing your loan data for Fair Lending compliance.

It is impossible to know where to focus your compliance efforts when you haven’t conducted a review to learn where your risks may lie. Do you analyze your data for Fair Lending compliance? This should include HMDA and non-HMDA data. 

Regularly review data to determine whether elevated Fair Lending risk is present (e.g., disparities between prohibited basis groups and control groups). When disparities exist, ensure explanations for the risk are clearly documented and appropriately analyzed (e.g., comparative file reviews).

8. Inaccurate data.

If your data isn’t accurate, your Fair Lending analysis won’t be accurate either. That could mean Fair Lending risk could be telling a story about you, that you are not prepared to discuss.

Don’t get caught off guard when it comes to Fair Lending risk. Make sure you're keeping an eye out for these red flags and are taking proactive steps to manage risk.


For more risk management insights, download our webinar Reliable Risk Assessments: How to Maximize the Benefits of Your Risk Assessment.

Kimberly Boatwright, CRCM, CAMS

Kimberly Boatwright, CRCM, CAMS