mulletSome hairstyles are timeless; others come and go faster than half-price electronics on black Friday. Every decade has had its hairstyle highs and lows. When it comes to the 80s, there were some truly awesome hairdos that, thankfully, stayed in the 80s. The mullet, for example. However, despite being 2016, there are (unfortunately) a few devoted mullet-wearers still at large. The point is, some things just need periodic updates.
Perhaps that’s why, back in April of this year, the Federal Financial Institutions Examinations Council agencies proposed revisions to the Uniform Interagency Consumer Compliance Rating System. Like the mullet, the Consumer Compliance rating system was implemented back in ’80s. We’re talking before Dodd-Frank, before widespread use of the Internet, and before interstate banking entered the scene. We might say an update is long overdue.

New Rating System

The FFIEC designed the new system to focus more of its efforts on risk-based evaluations, and reflect the consumer compliance supervisory approaches that are currently in place. While drafting the proposal, the FFIEC wanted to create a one-size-fits-all system that could be adapted to any financial institution when evaluating its compliance management system (CMS). In the definitions section of the new system, the agencies instruct examiners to consider an institution’s CMS through the lens of the institution’s size, complexity, and risk profile.
Furthermore, the agencies proposed these changes to the rating system in order to “encourage coordination, communication, and consistency” between agencies, and to support a transparent and actionable rating system that rewards compliance.
All of that sounds great, but how effectively would the changes accomplish the FFIEC’s objectives? Let’s take a closer look.

3 Categories

The system has three main categories: “Board and Management Oversight,” “Compliance Program,” and “Violations of Law and Consumer Harm.” Each category splits into four smaller sections, and each section receives a rating on a scale from one to five. As has been the case, “one” represents the lowest level of supervisory concern, while “five” represents the highest. A rating of “one” or “two” is considered satisfactory, while ratings of “three,” “four,” or “five,” are less than satisfactory.

Board and Management Oversight

The Board and Management Oversight category requires examiners to look closely at:

  • Board and management oversight and commitment to compliance
  • How well the institutions manage changes in the legal and regulatory environment
  • Whether or not institutions can effectively comprehend, identify, and manage risk within their institution
  • How proactive institutions’ corrective action and self-identification procedures are.

Compliance Program

The Compliance Program category evaluates how well a financial institution has organized its:

  • policies, procedures, and third-party relationships
  • compliance training
  • monitoring and/or auditing processes
  • process for responding to consumer complaints.

Violations of Law and Consumer Harm

The last category, Violations of Law and Consumer Harm, examines the root cause, severity, duration, and pervasiveness of any regulation violations the regulator may find within the financial institution.


Remember, the FFIEC highlighted its goal of creating a system with more actionable ratings. Yet a numerical value surely doesn’t give an institution a lot to go off of in terms of what, specifically, it needs to improve. It is hoped the examiners include an explanation along with that numerical value, so that the ratings truly do give financial institutions a starting place for improving their Compliance Management Systems.
On the plus side (theoretically, anyway), the FFIEC explicitly states that the proposed changes will not add any additional regulatory burden. Whether or not that will remain the case as the changes start to take effect is yet to be determined.
The thing about hairstyles is that something that looks good on one person will look terrible on another. Even though the FFIEC is hoping that the new system will be able to be adapted to any financial system, it’s a good idea to at least be aware of what modifications are being considered to make sure that they will fit your institution well and that you’re not caught off guard if senior management or the board ask you about what changes may be heading our way.