Managing fair lending risk is one of the more critical and subjective areas of compliance risk management in today’s regulatory environment. Assessing risk must include both fair AND responsible lending practices, giving consideration to disparate treatment and disparate impact.
Identifying risk includes defining inherent risk, establishing standards and controls for limiting risk, and developing appropriate corrective action plans when risk levels are outside of acceptable tolerances. While there is a significant amount of fair lending information and guidance available throughout the industry, it is important to understand that there is no “one-size-fits-all” solution. Fair and responsible lending risk assessments should be developed based on business practices and should address both process and performance risk – what is intended and what actually happens.
Process reviews are qualitative in nature and are intended to “tell the fair and responsible lending story”, providing answers to questions before they are asked. This type of assessment defines how things work, addressing the “compliance culture” approach to risk management. This review documents the current fair and responsible lending risk management program in the following key areas:
Performance or quantitative risk is identified through statistical analysis of lending performance – not an evaluation of what is meant to happen, but what actually occurs. Analytics should be focused on disparities in levels of assistance, underwriting, application fall out rates, and pricing, as well as steering and redlining. Matched pair testing and comparative file reviews additionally provide the framework for identifying and evaluating areas of risk not easily identified in other analysis.
CrossCheck’s experienced compliance experts will review the existing fair and responsible lending program to determine its adequacy based on the scope, complexity, and size of the company. Reviews will incorporate the qualitative and quantitative aspects of risk management, as well as matched pair testing and comparative file reviews. CrossCheck will work with client management and compliance teams identify potential risks and recommendations.
Prior to the start of any engagement, CrossCheck consultants will submit an information request which will include policies, procedures, and data requirements. We will conduct interviews with key personnel to ensure we have sufficient information to assess the institutions fair and responsible lending risk.
Additional consulting services can be provided as needed to enhance procedures and policies, assist with remediation efforts for any specific data integrity issues identified and provide training and information about existing and changing compliance requirements, etc.