a fair lending or UDAAP component may expand as the
expansive HMDA data fields are implemented. For example,
customer complaints relating to denials, under writing or pricing of a loan might take on an even greater significance in
fair lending analysis, given the rich analytics available. It is
critical to return to your Complaint Management System
to ensure it is updated to label, quantify, track and respond
to consumer complaints, especially with a fair lending or
■ ■ ■ Vendor Management System—Vendors who in any way impact the collection of data needed for HMDA fields need to be
monitored and assessed to ensure that validating the quality of
data and routing of complaints remains vigilant.
■ ■ ■ Controls and Risks—As the collection of data becomes more
complex, organized and risk-focused controls may need to be
created or enhanced. Risk assessments should be updated to
adequately assess risks and the adequacy of mitigation through
■ ■ ■ Policies, Procedures and Training—It is likely obvious by this
time that the new HMDA field changes may result in updates
in policies, procedures and training that extend beyond just
the HMDA/Regulation C documentation. This data is interrelated with the Fair Lending Program, UDAAP program, as
well as Complaint and Vendor Management programs. There
may be additional field guides that need to be updated at the
business level and across business operations.
■ ■ ■ Compliance Monitoring and Audit—Monitoring and audit
schedules may need to be enhanced to promptly evaluate the
quality of data flowing into the new HMDA fields, especially
as the source of this data expands into various areas within the
institution. Additionally, this work by the second and third lines
of defense needs to be performed in a timely fashion so that
any fields of data with high error rates are promptly identified
and corrected. Finally, the Board of Directors needs to receive
timely and comprehensive reports.
Key questions to consider:
• Are you using consumer complaints to identify emerging
areas of concern?
• How are you keeping your Board informed of trends and
•Are you taking a holistic, enterprise view of risks from
regulatory areas that are now converging and potentially
Quite a whirlwind of time travel? Hopefully, with this travel guide
in your back pocket, you can climb out of the DeLorean and
return to your desk, knowing you prepared as well as you could,
for the future, and beyond. Safe travels! ■
ABOUT THE AUTHOR:
BARBARA BOCCIA, CRCM, MBA, JD, is a senior director and
manages the Advisory Services and Regulatory Relations
team at Wolters Kluwer across a wide range of consulting
engagements, including fair lending, CRA, HMDA and UDAAP. She
brings more than 30 years of professional experience to strategic
and technical regulatory compliance engagements relating to
consumer protection regulations, including reviews of Compliance
Management Systems (CMS), Compliance Risk Assessments
(including fair lending, UDAAP), Complaint Management Programs,
and Third Party Vendor Management Programs. Her work includes
helping clients with regulatory change management, preparing for
exams, resolving regulatory enforcement actions, assisting with
remediation efforts and Board training. Barbara is also a frequent
speaker at industry events.
Barbara earned her J.D. degree at University of the Pacific,
McGeorge School of Law, in Sacramento, Calif. and her M.B.A.
degree in business administration and management from San
Francisco State University. She can be reached at barbara.boccia@
What story does your data tell?
You want to start this analysis
as soon as you can to understand
your data. Then, compare your data
to your peers’ aggregate data when it
comes out in the fall of 2019.