82 FR 5541 - Compliance Bulletin 2016-03: Detecting and Preventing Consumer Harm From Production Incentives

BUREAU OF CONSUMER FINANCIAL PROTECTION

Federal Register Volume 82, Issue 11 (January 18, 2017)

The Bureau recognizes that many supervised entities may choose to implement incentive programs to achieve business objectives. When properly implemented and monitored, reasonable incentives can benefit consumers and the financial marketplace as a whole. This bulletin compiles guidance that has previously been given by the CFPB in other contexts and highlights examples from the CFPB's supervisory and enforcement experience in which incentives contributed to substantial consumer harm. It also describes compliance management steps supervised entities should take to mitigate risks posed by incentives.

[Federal Register Volume 82, Number 11 (Wednesday, January 18, 2017)]
[Notices]
[Pages 5541-5543]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2017-01021]


=======================================================================
-----------------------------------------------------------------------

BUREAU OF CONSUMER FINANCIAL PROTECTION


Compliance Bulletin 2016-03: Detecting and Preventing Consumer 
Harm From Production Incentives

AGENCY: Bureau of Consumer Financial Protection.

ACTION: Compliance Bulletin.

-----------------------------------------------------------------------

SUMMARY: The Bureau recognizes that many supervised entities may choose 
to implement incentive programs to achieve business objectives. When 
properly implemented and monitored, reasonable incentives can benefit 
consumers and the financial marketplace as a whole.
    This bulletin compiles guidance that has previously been given by 
the CFPB in other contexts and highlights examples from the CFPB's 
supervisory and enforcement experience in which incentives contributed 
to substantial consumer harm. It also describes compliance management 
steps supervised entities should take to mitigate risks posed by 
incentives.

DATES: The Bureau released this Compliance Bulletin on its Web site on 
November 28, 2016

FOR FURTHER INFORMATION CONTACT: Vanessa Careiro, Attorney-Advisor, 
Office of Supervision Policy, 1700 G Street NW., 20552, (202) 435-9394.

SUPPLEMENTARY INFORMATION: 

1. Compliance Bulletin

    Financial services companies, including entities supervised by the 
Consumer Financial Protection Bureau (CFPB or Bureau), may accomplish 
business objectives through programs that tie outcomes to certain 
benchmarks, both required and optional. Companies may apply these 
production incentives, including sales and other incentives, 
(``incentives'') to employees or service providers or both. The risks 
these incentives may pose to consumers are significant and both the 
intended and unintended effects of incentives can be complex, which 
makes this subject worthy of more careful attention by institutional 
leadership, compliance officers, and regulators alike. We thus will 
continue to invite further dialogue and discussion around the issues 
addressed in this Bulletin.
    The Bureau acknowledges that incentives have been common across 
many economic sectors, including the market for consumer financial 
products and services. When properly implemented and monitored, 
reasonable incentives can benefit all stakeholders and the financial 
marketplace as a whole. For instance, companies may be able to attract 
and retain high-performing employees to enhance their overall 
competitive performance. Consumers may also benefit if these programs 
lead to improved customer service or introduce them to products or 
services that are beneficial to their financial interests.
    Such incentives can affect a wide range of outcomes for employees 
or service providers, from their compensation levels to whether they 
will continue to be employed or retained at all. Incentives are found 
in many markets for consumer financial products and services, and span 
the life cycle from marketing to sales, servicing, and collection. 
Common examples include sales or referrals of new products or services 
to existing consumers (``cross-selling''), sales of products or 
services to new customers, sales at higher prices where pricing 
discretion exists, quotas for customer calls completed, and collections 
benchmarks.
    This Bulletin compiles guidance the CFPB has already given in other 
contexts and highlights examples from the CFPB's supervisory and 
enforcement experience in which incentives contributed to substantial 
consumer harm. It also describes compliance management steps that 
supervised entities should take to mitigate risks posed by incentives.

A. Risks to Consumers From Incentives

    Despite their potential benefits, incentive programs can pose risks 
to consumers, especially when they create an unrealistic culture of 
high-pressure targets. When such programs are not carefully and 
properly implemented and monitored, they may create incentives for 
employees or service providers to pursue overly aggressive marketing, 
sales, servicing, or collections tactics. Through its supervisory and 
enforcement programs, the CFPB has taken action where employees have 
opened accounts or enrolled consumers in services without consent or 
where employees or service providers have misled consumers into 
purchasing products the consumers did not want, were unaware would harm 
them financially, or came with an unexpected ongoing periodic fee.
    Depending on the facts and circumstances, such incentives may lead 
to outright violations of Federal consumer financial law \1\ and other 
risks to the institution, such as public enforcement, supervisory 
actions, private litigation, reputational harm,

[[Page 5542]]

and potential alienation of existing and future customers. Specific 
examples of problems include:
---------------------------------------------------------------------------

    \1\ Selected examples of these violations previously identified 
by the Bureau include the Dodd-Frank Act's prohibition of unfair, 
deceptive, and/or abusive acts or practices (UDAAPs) (Dodd-Frank 
Act, Sec. Sec.  1031 & 1036(a), codified at 12 U.S.C. 5531 & 
5536(a); the Electronic Fund Transfer Act (EFTA), as implemented by 
Regulation E (15 U.S.C. 1693 et seq.; 12 CFR part 1005); the Fair 
Credit Reporting Act, as implemented by Regulation V (15 U.S.C. 
1681-1681x; 12 CFR part 1022); the Truth in Lending Act (TILA), as 
implemented by Regulation Z (15 U.S.C. 1601 et seq.; 12 CFR part 
1026); and the Fair Debt Collection Practices Act (15 U.S.C 1692-
1692p).
---------------------------------------------------------------------------

     Sales goals may encourage employees, either directly or 
indirectly, to open accounts or enroll consumers in services without 
their knowledge or consent. Depending on the type of account, this may 
further result in, for example:
    [cir] Improperly incurred fees;
    [cir] Improper collections activities; and/or
    [cir] Negative effects on consumer credit scores.
     Sales benchmarks may encourage employees or service 
providers to market a product deceptively to consumers who may not 
benefit from or even qualify for it;
     Paying compensation based on the terms or conditions of 
transactions (such as interest rate) may encourage employees or service 
providers to overcharge consumers, to place them in less favorable 
products than they qualify for, or to sell them more credit or services 
than they had requested or needed;
     Paying more compensation for some types of transactions 
than for others that were or could have been offered to meet consumer 
needs, which could lead employees or service providers to steer 
consumers to transactions not in their interests; and
     Unrealistic quotas to sign consumers up for financial 
services may incentivize employees to achieve this result without 
actual consent or by means of deception.
    Whether conduct like that described in this Bulletin violates 
Federal consumer financial law will depend on all relevant facts 
related to the practices encouraged by the incentives. Further detail 
on some of the Bureau's work and findings in these areas is recapped 
below:
Credit Card Add-On Matters
    To date, the CFPB has resolved 12 different cases involving 
improper practices to market credit card add-on products or to retain 
consumers once enrolled in these products.\2\ The Bureau notes that 
incentives frequently enhanced the risk that banks would engage in such 
improper practices. In some cases, employees or service providers 
received incentives, and a lack of proper controls allowed deceptive 
marketing practices to continue unchecked for many years. Tapes of 
sales calls showed that employees and service providers deviated from 
the prepared call scripts in order to market the add-on products more 
aggressively, and often deceptively, to sign up more consumers. In all 
these matters, the companies' compliance monitoring, vendor management, 
and quality assurance programs failed to prevent, identify, or correct 
these practices in a timely manner.
---------------------------------------------------------------------------

    \2\ For more information on all of the matters noted in this 
Bulletin, please refer to the Bureau's Web site at http://www.consumerfinance.gov/policy-compliance/enforcement/actions/.
---------------------------------------------------------------------------

Overdraft Opt-In Matters
    Incentives played a role in at least one matter where consumers 
were deceived into opting in to overdraft services. The Bureau found 
that, as a result of incentives for hitting specific targets, a bank's 
telemarketing service provider had deceptively marketed overdraft 
services and enrolled certain bank consumers in those services without 
their consent.
Unfair and Abusive Sales Practices
    In another public enforcement action, a Bureau investigation 
revealed that thousands of bank employees had opened unauthorized 
deposit and credit card accounts to satisfy sales goals and earn 
financial rewards under the bank's incentives. Specifically, the Bureau 
found that employees engaged in ``simulated funding'' by opening 
hundreds of thousands of deposit accounts without consumers' knowledge 
or consent, which caused consumers to incur improper fees. The Bureau 
also found that employees issued tens of thousands of unauthorized 
credit cards that incurred improper fees, opened debit cards and 
created PINs to activate them without consumers' knowledge or consent, 
and enrolled consumers in online banking services using false email 
addresses.

B. The CFPB's Expectations

    The CFPB expects supervised entities that choose to utilize 
incentives to institute effective controls for the risks these programs 
may pose to consumers, including oversight of both employees and 
service providers involved in these programs. As the CFPB has 
emphasized repeatedly, a robust compliance management system (CMS) is 
necessary to detect and prevent violations of Federal consumer 
financial law.\3\ An entity's CMS should reflect the risk, nature, and 
significance of the incentive programs to which they apply. 
Accordingly, the strictest controls will be necessary where incentives 
concern products or services less likely to benefit consumers or that 
have a higher potential to lead to consumer harm, reward outcomes that 
do not necessarily align with consumer interests, or implicate a 
significant proportion of employee compensation. While the CFPB does 
not mandate any particular CMS structure and recognizes that CMS 
structures may appropriately vary based on the size and complexity of 
an organization, the Bureau's supervisory experience has found that an 
effective CMS commonly has the following components:
---------------------------------------------------------------------------

    \3\ Supervision and Examination Manual: Compliance Management 
Review, available at http://www.consumerfinance.gov/policy-compliance/guidance/supervision-examinations/; Supervisory 
Highlights, multiple editions, available at http://www.consumerfinance.gov/policy-compliance/guidance/supervisory-highlights/.
---------------------------------------------------------------------------

     Board of directors and management oversight;
     Compliance program, which includes:
    [cir] Policies and procedures;
    [cir] Training; and
    [cir] Monitoring and corrective action;
     Consumer complaint management program; and
     Independent compliance audit.
    To limit incentives from leading to violations of law, supervised 
entities should take steps to ensure their CMS is effective. These 
steps may include, but are not limited to:
     Board of directors and management oversight: Fostering a 
culture of strong customer service related to incentives. In product 
sales, for example, ensuring that consumers are only offered products 
likely to benefit their interests;
    [cir] Board members and senior management should consider not only 
the outcomes these programs seek to achieve, but also how they may 
incidentally incentivize outcomes that harm consumers. They should 
authorize compliance personnel to design and implement CMS elements 
that address both intended and unintended outcomes, and provide 
adequate resources to do so.
    [cir] The ``tone from the top'' should empower all employees to 
report suspected incidents of improper behavior without fear of 
retaliation, providing easily accessible means to do so.
     Policies and procedures: Ensuring that the policies and 
procedures for incentives contain:
    [cir] Employee sales/collections quotas that, if a part of an 
entity's incentive program, are transparent to employees and reasonably 
attainable;
    [cir] Clear controls for managing the risk inherent in each stage 
of the product life cycle (as applicable): marketing, sales (including 
account opening), servicing, and collections;

[[Page 5543]]

    [cir] Mechanisms to identify potential conflicts of interest posed 
for supervisory personnel who are covered by incentives but also are 
responsible for monitoring the quality of customer treatment and 
customer satisfaction; and
    [cir] Fair and independent processes for investigating reported 
issues of suspected improper behavior.
     Training: Implementing comprehensive training that 
addresses:
    [cir] Expectations for incentives, including standards of ethical 
behavior;
    [cir] Common risky behaviors for employees and service providers to 
foster greater awareness of primary risk areas;
    [cir] Terms and conditions of the institution's products and 
services so that they can be effectively described to consumers; and
    [cir] Regulatory and business requirements for obtaining and 
maintaining evidence of consumer consent.
     Monitoring: Designing overall compliance monitoring 
programs that track key metrics--and outliers--that may indicate 
incentives are leading to improper behavior by employees or service 
providers. Examples of possible monitoring metrics include, but are not 
limited to:
    [cir] Overall product penetration rates by consumer and household;
    [cir] Specific penetration rates for products and services (such as 
overdraft, add-on products, and online banking), as well as penetration 
rates by consumer segment;
    [cir] Employee turnover and employee satisfaction or complaint 
rates;
    [cir] Spikes and trends in sales (both completed and failed sales) 
by specific individuals and by units;
    [cir] Financial incentive payouts; and
    [cir] Account opening/product enrollment and account closure/
product cancellation statistics, including by specific individuals and 
by units, taking into account the terms of the incentive programs 
(i.e., requirements that accounts be open for a period of time or 
funded in order for employees to obtain credit under the program).
     Corrective Action: Promptly implementing corrective 
actions to address any incentive issues identified by monitoring 
reviews as areas of weakness:
    [cir] Corrective actions should include the termination of 
employees, service providers, and managers, as necessary, and these 
termination statistics should be analyzed for trends and root cause(s);
    [cir] Corrective actions should include changes to the structure of 
incentives, training on these programs, and return of funds to all 
affected consumers as appropriate in light of failed sales or 
heightened levels of customer dissatisfaction;
    [cir] All corrective actions should ensure that the root causes of 
deficiencies are identified and resolved; and
    [cir] Findings should be escalated to management and the board, 
particularly where they appear to pose significant risks to consumers.
     Consumer complaint management program: Collecting and 
analyzing consumer complaints for indications that incentives are 
leading to violations of law or harm to consumers in order to identify 
and resolve the root causes of any such issues; and
     Independent compliance audit: Scheduling audits to address 
incentives and consumer outcomes across all products or services to 
which they apply, ensuring audits are conducted independently of both 
the compliance program and the business functions, and ensuring that 
all necessary corrective actions are promptly implemented.
    For more information pertaining to the oversight of incentive 
programs, please review the CFPB's Supervision and Examination 
Manual.\4\ Specific modules referencing these programs include: 
Compliance Management Review, Unfair, Deceptive, and Abusive Acts or 
Practices, Debt Collection, Credit Card Account Management, Consumer 
Reporting, Mortgage Origination, Short-Term Small Dollar Lending, and 
the Equal Credit Opportunity Act. Other relevant Bureau guidance 
includes: CFPB Bulletin 2012-06 (Marketing of Credit Card Add-on 
Products),\5\ and CFPB Bulletin 2016-02 (Service Providers, amending 
and reissuing CFPB Bulletin 2012-03).\6\
---------------------------------------------------------------------------

    \4\ CFPB Supervision and Examination Manual, available at http://files.consumerfinance.gov/f/201210_cfpb_supervision-and-examination-manual-v2.pdf.
    \5\ CFPB Bulletin 2012-06, available at http://files.consumerfinance.gov/f/201207_cfpb_marketing_of_credit_card_addon_products.pdf.
    \6\ CFPB Bulletin 2016-02, available at http://www.consumerfinance.gov/documents/1385/102016_cfpb_OfficialGuidanceServiceProviderBulletin.pdf.
---------------------------------------------------------------------------

2. Regulatory Requirements

    This Compliance Bulletin is a non-binding general statement of 
policy articulating considerations relevant to the Bureau's exercise of 
its supervisory and enforcement authority. It is therefore exempt from 
notice and comment rulemaking requirements under the Administrative 
Procedure Act pursuant to 5 U.S.C. 553(b). Because no notice of 
proposed rulemaking is required, the Regulatory Flexibility Act does 
not require an initial or final regulatory flexibility analysis. 5 
U.S.C. 603(a), 604(a). The Bureau has determined that this Compliance 
Bulletin does not impose any new or revise any existing recordkeeping, 
reporting, or disclosure requirements on covered entities or members of 
the public that would be collections of information requiring OMB 
approval under the Paperwork Reduction Act, 44 U.S.C. 3501, et seq.

    Dated: January 5, 2017.
Richard Cordray,
Director, Bureau of Consumer Financial Protection.
[FR Doc. 2017-01021 Filed 1-17-17; 8:45 am]
BILLING CODE 4810-AM-P