Compliance Management System (CMS) for Mitigating Incentive-Driven Risk Exposures
CMS Component CMS Objective Example Measures
Board of Directors
Foster a culture of
service related to
In product sales, ensure that consumers are only offered products likely to benefit their interests:
• Board members and senior management should consider not only the outcomes these
programs seek to achieve, but also how they may incidentally incentivize outcomes that
harm consumers. They should authorize compliance personnel to design and implement
CMS elements that address both intended and unintended outcomes, and provide adequate
resources to do so.
• The “tone from the top” should empower all employees to report suspected incidents of
improper behavior without fear of retaliation, providing easily accessible means to do so.
Ensure that the policies
and procedures for
• Employee sales/collections quotas that, if a part of an entity’s incentive program, are transparent
to employees and reasonably attainable;
• Clear controls for managing the risk inherent in each stage of the product life cycle (as
applicable): marketing, sales (including account opening), servicing, and collections;
• Mechanisms to identify potential conflicts of interest posed for supervisory personnel who are
covered by incentives but also are responsible for monitoring the quality of customer treatment
and customer satisfaction; and
• Fair and independent processes for investigating reported issues of suspected improper
Training Implement comprehensive training.
Scope of training addresses:
• Expectations for incentives, including standards of ethical behavior;
• Common risky behaviors for employees and service providers to foster greater awareness of
primary risk areas;
• Terms and conditions of the institution’s products and services so that they can be effectively
described to consumers; and
• Regulatory and business requirements for obtaining and maintaining evidence of consumer
programs that track key
that may indicate
incentives are leading
to improper behavior by
employees or service
Examples of possible monitoring metrics include, but are not limited to:
• Overall product penetration rates by consumer and household;
• Specific penetration rates for products and services (such as overdraft, add-on products, and
online banking), as well as penetration rates by consumer segment;
• Employee turnover and employee satisfaction or complaint rates;
• Spikes and trends in sales (both completed and failed sales) by specific individuals and by units;
• Financial incentive payouts; and
• Account opening/product enrollment and account closure/product cancellation statistics,
including by specific individuals and by units, considering the terms of the incentive programs
(i.e., requirements that accounts be open for a period or funded for employees to obtain credit
under the program).
corrective actions to
address any incentive
issues identified by
monitoring reviews as
areas of weakness.
Corrective actions should:
• Include the termination of employees, service providers, and managers, as necessary, and these
termination statistics should be analyzed for trends and root cause(s);
• Include changes to the structure of incentives, training on these programs, and return of funds to
all affected consumers as appropriate considering failed sales or heightened levels of customer
• Ensure that the root causes of deficiencies are identified and resolved; and
• Findings should be escalated to management and the board, particularly where they appear to
pose significant risks to consumers.
Collect and analyze
for indications that
incentives are leading
to violations of law or
harm to consumers.
Assessment should identify and resolve the root causes of any issues.
Schedule audits to ad-
dress incentives and con-
sumer outcomes across
all products or services to
which they apply.
Audits are conducted independently of both the compliance program and the business functions,
and all necessary corrective actions are promptly implemented.