An audit conducted by the Office of Inspector General for the Consumer Financial Protection Bureau found that the bureau’s Civil Penalty Fund victim identification process is generally effective and efficient, but there is room for improvement. The audit was conducted in order to assess the efficiency and effectiveness of the CFPB’s process for identifying victims eligible to receive compensation from the Consumer Financial CPF.
In the context of the audit, efficiency refers to the resources used in the victim identification process and effectiveness refers to correctly identifying eligible victims. The scope of the audit included three cases in which identified eligible victims received fund distributions as of Dec. 31, 2014.
Remedying the harm. Under the Dodd-Frank Act, the bureau can bring enforcement actions against those who violate the law. The CFPB or a court may then require a defendant who has violated the law to remedy the harm caused to consumers paying its victims for the harm it caused and, if applicable, by also paying a civil penalty. The bureau is then required to establish a CPF and to deposit civil penalties that it collects into this fund. These civil penalty funds can be used for payments to any eligible victims who do not receive full compensation for their harm from defendants who harmed them.
The victim identification process includes collecting victim-related data, sorting and validating victim-related data, and developing the final list of eligible victims. In some cases, the Office of Technology and Innovation (T&I) is involved in managing victim-related data.
Enhanced responsibilities. In examining the CPF, the OIG found that the Office of the Chief Financial Officer (OCFO) has established internal controls to facilitate the victim identification process and has implemented the procedures and guidelines set forth in the May 2013 Civil Penalty Fund Rule. While this has led to the victim identification process being generally effective and efficient, the OIG did note an opportunity to enhance the process.
The OIG discovered that the OCFO has not documented the roles and responsibilities of the T&I in the victim identification process. The process is data dependent and in some instances, requires the involvement of T&I to produce preliminary lists of eligible victims. By clearly documenting the roles and responsibilities of all parties involved in the victim identification process, said the OIG, the preliminary lists of victims can be properly maintained and all parties involved in the process can be accountable.
The OIG has therefore suggested that the Chief Financial Officer, in coordination with T&I, update the OCFO’s procedures to document the roles and responsibilities of T&I in the victim identification process. The CFO has concurred with this suggestion.
For more information about CFPB enforcement actions, subscribe to the Banking and Finance Law Daily.