Banks Responsible for Third-Party Relationships

The Consumer Financial Protection Bureau (CFPB) issued Bulletin 2012-03 that requires financial institutions to oversee their third-party relationships in a manner that ensures compliance with Federal consumer law. Depending on the circumstances, financial institutions may be legally responsible for their third party’s actions. The CFPB Supervision and Examination Manual provides detailed instructions on how the inherent risks associated with bank or non-bank products should be assessed. The CFPB expects financial institutions to:

  • Conduct thorough third party due diligence
  • Request and review third party policies, procedures, internal risk controls and training materials
  • Include compliance expectations in the third-party contract
  • Take prompt action to address risks identified through the monitoring process


Compliance Made Easy

Hiperos 3PM CFPB Compliance helps financial institutions simplify and streamline CFPB compliance by automating the identification, investigation, reporting and monitoring of third parties posing CFPB compliance risks. Learn more