Vendor accountability is the latest topic du jour of the Consumer Financial Protection Bureau.
The CFPB released a bulletin on Monday saying financial institutions under bureau supervision, which includes credit unions with more than $10 billion in assets, may be held responsible for the actions of the companies with which they contract.
“Consumers are at a real disadvantage because they do not get to choose the service providers they deal with—the financial institution does,” CFPB Director Richard Cordray said in a release. “Consumers must not be hurt by unfair, deceptive, or abusive practices of service providers. Banks and nonbanks must manage these relationships carefully and can be held accountable if they break the law.”
The bulletin outlines its expectations for supervised financial institutions in managing the risks of service provider relationships, including thorough due diligence and expectations about compliance written into vendor contracts.
Entities under the CFPB’s supervision will also be expected to request and review vendor policies, procedures, internal controls and training materials to ensure employees with consumer contact or compliance responsibilities are complying with the law, as well as performing on-going monitoring of such.