The Division of Compliance and
Consumer Affairs' Risk-Scoping Process
for Fair Lending Examinations


March 26, 2002
Audit Report No. 02-009

FDIC
Federal Deposit Insurance Corporation
Office of Audits
Office of Inspector General
Washington, D.C. 20434

DATE: March 26, 2002

MEMORANDUM TO: Stephen M. Cross, Director, Division of Compliance and Consumer Affairs

FROM: Russell A. Rau [Electronically produced version; original signed by Russell A. Rau], Assistant Inspector General for Audits

SUBJECT: The Division of Compliance and Consumer Affairs' Risk-Scoping Process for Fair Lending Examinations (Audit Report No. 02-009)

The Federal Deposit Insurance Corporation’s (FDIC) Office of Inspector General (OIG) has completed an audit of the fair lending examination risk-scoping process as conducted by the Division of Compliance and Consumer Affairs (DCA). "Fair lending" is a term used to describe compliance with two federal laws prohibiting discrimination in lending: the Fair Housing Act enacted by Title VIII of the Civil Rights Act of 1968 and the Equal Credit Opportunity Act of 1974 (see Background).

The objectives of this audit were to assess: (1) the adequacy of the Federal Financial Institutions Examination Council (FFIEC) Interagency Fair Lending Examination Procedures for the FDIC's pre-examination planning for fair lending examinations of small banks, (2) the FDIC's implementation of the FFIEC interagency procedures as they relate to identifying fair lending risks during the off-site pre-examination planning phase of the fair lending reviews, and (3) the related DCA management controls. (Note: The FFIEC includes representatives of the Federal Deposit Insurance Corporation, Board of Governors of the Federal Reserve System (FRB), Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS), and National Credit Union Administration (NCUA). The FFIEC was established by the Congress to promote improved and consistent examination and supervision policies and procedures among the five financial institution regulatory agencies.) During the survey phase of this audit, you expressed concerns related to the examiners' use of the interagency procedures. Specifically, your concerns related to whether examiners are following the interagency procedures or using other procedures, and whether examiners are getting enough information to scope fair lending risk, particularly for banks not required to report Home Mortgage Disclosure Act (HMDA) data. (Note: The HMDA requires banks, savings associations, and credit unions to annually report data for home purchase loans, home improvement loans, and refinanced home loans. Institutions are exempt from this regulation if on December 31, 2000 the institution had neither a home office nor a branch office located in a metropolitan statistical area, or the institution's total assets were at or below $31 million.) Additional details on our objectives, scope, and methodology are contained in Appendix I.

RESULTS OF AUDIT

DCA examiners generally followed the FFIEC interagency procedures when risk-scoping the fair lending portion of 15 compliance examinations in our review. We did not find instances of examiners expanding the scope of their reviews unnecessarily or limiting the scope without justification. However, FFIEC interagency fair lending procedures do not provide examiners with adequate guidance for conducting reviews of small banks, non-HMDA reporting banks, or commercial loan products. In addition, our review determined that:

  • due to the lack of available monitoring and demographic data, examiners were often unable to apply risk-scoping procedures to determine the potential for discrimination for many of the prohibited bases covered by the Fair Housing Act and the Equal Credit Opportunity Act and
  • controls over the fair lending risk-scoping process were generally effective, but documentation requirements needed to be improved.

BACKGROUND

Two federal statutes specifically prohibit discrimination in lending. The first statute, the Fair Housing Act (FHA), was enacted by Title VIII of the Civil Rights Act of 1968. The FHA prohibits discrimination in various phases of housing and makes it unlawful for any lender involved in residential real estate-related transactions to discriminate against any persons in making those transactions available, or in the terms and conditions of those transactions, because of race, color, religion, national origin, sex, familial status, or handicap. The second statute, the Equal Credit Opportunity Act of 1974 (ECOA), prohibits discrimination in any aspect of a credit transaction on the basis of race, color, religion, national origin, sex, marital status, age, receipt of income from a public assistance program, and the good faith exercise of any right under the Consumer Credit Protection Act of 1968. A summary of the FHA and ECOA is provided as Appendix II of this report.

Federal banking regulators are responsible for performing examinations of insured depository institutions to assess compliance with fair lending laws. The FFIEC has issued fair lending examination procedures intended to provide consistency in the fair lending examination process among federal banking regulators through a basic, flexible framework. While each member agency has adopted the FFIEC interagency procedures effective January 1999, each agency also has the flexibility to develop supplemental examination procedures when reviewing fair lending compliance. The procedures were designed to provide guidance for a comprehensive, risk-based approach to examining banks for compliance with the nondiscriminatory requirements of the FHA and the ECOA. The procedures include instructions on how to:

  • set the scope and intensity of a fair lending examination to identify areas of risk,
  • limit the scope of review based on an institution’s compliance program,
  • conduct comparative reviews of loan files and other analyses to identify discrimination, and
  • discuss issues raised during the examination with bank management.

ADEQUACY OF FFIEC RISK-SCOPING PROCEDURES FOR CONDUCTING REVIEWS OF SMALL BANKS

The FFIEC interagency procedures do not fully address the majority of banks that are supervised by the FDIC, specifically small banks and non-HMDA reporting banks. Also, although the commercial lending portfolios in banks are increasing in some areas of the country, the procedures do not provide adequate guidance for reviews of commercial loans to small businesses. As a result, examiners do not always find the procedures useful when risk-scoping fair lending examinations.

According to DCA management, the regulators agree that additional procedures are needed. However, the regulators have very divergent opinions on fair lending examination strategy, which has made it difficult to reach consensus on the composition of those procedures.

Small and Non-HMDA Reporting Banks

We reviewed the FFIEC procedures and found that they do not provide guidance for risk-scoping small banks with low loan volumes or for banks that are not required to report HMDA data. In addition, during discussions with examiners, some expressed concern that it is difficult to determine when they have conducted enough testing to satisfy the risk-scoping requirements for small and non-HMDA reporting banks. According to DCA management, this difficulty is not confined to fair lending reviews of small and non-HMDA reporting banks, but is encountered during reviews of "low risk" banks. DCA defines "low risk" banks as those that exhibit little or no risk of discrimination because they are located in homogeneous areas (areas with low levels of minority populations), offer standard loan products, and have good loan policies and procedures. We acknowledge DCA's position on low risk banks; however, as of May 1, 2001, 85 percent of the FDIC-supervised banks are considered small banks (assets under $250 million), and approximately 66 percent of the FDIC-regulated banks (3,694 of 5,594) are not required to report HMDA data. These banks usually have low lending volumes and are located in homogeneous areas. It is for this group of banks, regardless of risk profile, that DCA does not have supplemental risk-scoping guidance.

When risk-scoping fair lending examinations, the primary sources of data related to bank loan products are the HMDA Loan Application Registers (LAR) and data downloads provided by the banks. The HMDA LARs provide selected application data about banks' residential loan applicants and the properties involved in the transactions. Examiners can use the information maintained and collected under HMDA to determine the scope of the fair lending reviews. However, when HMDA data are not available (as is often the case with those 66 percent of FDIC banks not required to report it), examiners find it difficult to identify applications with certain applicant characteristics for the purposes of sample selections and for file comparisons to determine the lending institution's fair lending practices.

The interagency procedures also provide fair lending sample-size tables that specify the minimum number of loans to review when conducting fair lending comparisons of the bank loan applications (such as side-by-side comparisons of approved and disapproved loans). In some cases, because of the size and location of the banks, examiners found it difficult to identify samples of loan products and prohibited bases to review that met the minimum sample size requirements for target and control group testing, as specified in the interagency procedures. The sample-size tables require a minimum of five application denials or approvals for each of the prohibited bases reviewed and a minimum of 20 applications for the corresponding control groups. During our review of the working papers supporting risk-scoping for 15 examinations, we found that in 5 cases examiners noted difficulties in selecting the examination sample.

DCA management informed us that the FFIEC attempted to develop supplemental procedures for low risk banks for over 1 year. The supplemental procedures were to address when examiners need to conduct comparative file reviews and the types of reviews they should conduct (such as underwriting, terms, conditions, and side-by-side comparisons). As noted previously, the current language in the FFIEC interagency fair lending procedures allows each agency the flexibility to develop supplemental procedures. Because the FDIC regulates the majority of small and non-HMDA reporting banks, the FDIC took the lead in drafting supplemental procedures and provided a draft to the FFIEC at the April 2001 Task Force meeting.

Commercial Lending

During our review, we also noted that several of the banks in our sample had significant commercial lending portfolios. The percentages of commercial lending in the loan portfolios of the sample banks ranged from a low of 0.52 percent to a high of 33 percent:

  • 8 banks were in the 0 to 10 percent range,
  • 1 bank was in the 11 percent to 20 percent range,
  • 5 banks were in the 21 percent to 30 percent range, and
  • 1 bank was in the 31 percent to 33 percent range.

Based on our review of the FFIEC interagency procedures, we found that the guidance related to risk-scoping fair lending reviews of commercial loans was limited. According to the interagency procedures, when an institution does a substantial amount of lending in the commercial lending market, most notably small business loans, the examiners should consider conducting a review similar to that performed for residential lending products. The procedures do not define what is considered to be a "substantial amount" of commercial lending. The procedures also state that for large institutions reporting small business loans for Community Reinvestment Act (CRA) purposes, the examiners should look for material discrepancies in ratios of approved-to-denied loans for applicants in areas with relatively high concentrations of minority residents compared to areas with relatively low concentrations. (Note: The Community Reinvestment Act is intended to encourage depository institutions to help meet the credit needs of the communities in which they operate, including low- and moderate-income neighborhoods, consistent with safe and sound banking operations. It was enacted by the Congress in 1977 (12 U.S.C. 2901) and is implemented by regulations 12 CFR Parts 25, 228, 345, and 563e. The regulation was revised in May 1995. The CRA requires that each insured depository institution's record in helping meet the credit needs of its entire community be evaluated periodically. That record is taken into account in considering an institution's application for deposit facilities, including mergers and acquisitions. CRA examinations are conducted by the federal agencies that are responsible for supervising depository institutions: the FRB, the FDIC, the OCC, and the OTS.)

DCA informed us that at this time, additional procedures are not being developed for fair lending reviews of commercial loans. Financial institutions do not gather demographic data on applicants for commercial loans comparable to the data gathered for mortgage loan applicants. Moreover, it has been difficult to identify samples of similar applications for commercial loans that can be used for comparison purposes, because there are so many different types of businesses and the nature of commercial loans is so varied. However, the members of the Joint Agency Task Force on Discrimination in Lending share information, ideas, and experiences regarding reviews of commercial loans. According to DCA, additional guidance on examining commercial loan products will be issued when appropriate.

In addition, DCA management informed us that examiners are provided training that would assist them in conducting reviews of the commercial lending practices of banks during fair lending examinations. In the Fair Lending Examination Procedures Workshop, examiners are provided guidance for risk-scoping commercial loans. The focus of the workshop is based on a review of CRA data, Small Business Administration loans, and sample selections. In addition, the workshop segment related to commercial loans is geared towards the review of large banks. However, as noted previously, the majority of the FDIC banks are considered small banks. For these banks, the FFIEC interagency procedures note that only limited data may be available.

According to DCA management, the Fair Lending Examination Procedures Workshop training course has been updated and revised. The first revised workshop was held on June 18, 2001. DCA has also developed an on-line Fair Lending Discussion Board that is used to address frequently asked questions and disseminate informal fair lending policy information.

Recommendations

We recommend that the Director, DCA:

  1. Issue interim guidance, pending action by the FFIEC, for risk-scoping fair lending examinations for small and non-HMDA reporting banks, to include but not limited to: minimum criteria for reviews of small banks, guidelines for reviews of banks that are not required to report HMDA data, and sampling guidelines for banks with low lending volumes.

  2. Work with the FDIC's Training and Consulting Services Branch to enhance the Fair Lending Examination Procedures Workshop to highlight procedures to follow when conducting fair lending examinations of small and non-HMDA reporting banks.

FDIC IMPLEMENTATION OF THE FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL INTERAGENCY FAIR LENDING EXAMINATION PROCEDURES

Based on discussions with examiners and on our review of the interagency procedures, the DCA Compliance Examination Manual, and risk-scoping documents and workpapers related to 15 compliance examination reports, we found that examiners generally followed the fair lending risk-scoping requirements outlined in the FFIEC procedures for:

  • requesting and analyzing loan data from banks,
  • analyzing available demographic data related to prohibited bases,
  • identifying bank policies and procedures,
  • assessing bank compliance management controls, and
  • identifying areas to be targeted during the on-site portion of the fair lending examination.

In addition, we did not find instances of examiners expanding the scope of their reviews unnecessarily or limiting the scope without justification. However, limited bank applicant monitoring data and demographic data related to prohibited bases exists for consumer, commercial, and automobile loans, because the fair lending regulations do not require that such data be collected. As a result, examiners were often unable to apply comparative file analyses for many prohibited bases and, lacking such data, did not always do so for the compliance examinations included in our audit sample.

The FFIEC Interagency Fair Lending Examination Procedures provide guidance on taking a risk-based approach to examining banks for compliance with fair lending laws. According to the interagency procedures, before evaluating the potential for discriminatory conduct, the examiner should review sufficient information about the institution and its market to understand the credit operations of the institution and the representation of prohibited bases within the markets where the institution does business. The procedures state that relevant background information should include:

  • types and terms of credit products offered;
  • volume of, or growth in, lending for each of the credit products;
  • demographics (for example, race and national origin) of the institution's credit markets; and
  • the bank's credit decision-making process.

As noted earlier in this report, when risk-scoping fair lending examinations, the primary sources of data related to bank loan products are the HMDA Loan Application Registers (LAR) and data downloads provided by the banks. The LARs must include the following items for each loan application reported:

  • a unique loan number or application number,
  • type and purpose of the loan request,
  • owner occupancy status of the property,
  • amount of the loan request,
  • type of action taken and the date,
  • reason for each denial (optional except for national banks and thrifts),
  • location of the property,
  • race or national origin of the applicant,
  • sex of the applicant or borrower,
  • income relied on when processing the loan application, and
  • type of entity purchasing a loan that the institution originated or purchased and then sells within the same calendar year.

Information maintained and collected under HMDA can be used by examiners to determine the scope of the fair lending review and to select applications for the purposes of comparison of treatment by the lending institution. However, the majority of FDIC-regulated banks are not required to report HMDA data, and the type of data contained in the HMDA LARs is not required for other loan products such as consumer, commercial, or auto loans. For banks that are not required to report HMDA data, examiners must rely on the data downloads provided by the banks, and this information is not always useful due to the variety of bank data systems. In these cases, examiners must wait for the on-site portion of the examination to obtain additional information from the banks' loan files and rely on discussions with loan officers to complete the scoping of the fair lending examination. Depending on the level of sophistication of the bank and its credit application process, examiners may not be able to obtain useful loan applicant data from the actual loan files. Although banks are required to use a standard loan application form for mortgage lending, they do not have to use standard forms for other types of credit applications.

In addition to HMDA LARs (if applicable) and the banks' data downloads, examiners used 1990 Census data as a source of demographic data. However, data needed to identify prohibited bases based on religion, familial status, handicap, or sources of income are not included in Census data. Examiners also used the FDIC Division of Insurance Regional Economic Conditions (RECON) reports. The primary purpose of RECON reports is to evaluate financial risks and other potential risks and economic information such as employment levels. In a few cases, examiners searched the Internet for additional sources of demographic data related to a bank's local city, county, and state.

Also, examiners can use the HMDA LARs and data downloads provided by the banks to identify a bank's credit products and lending volume, to some extent. However, it is difficult, if not impossible, to obtain demographic data about prohibited bases in the bank's lending area other than for race, color, sex, marital status, or age. Moreover, for banks in homogeneous areas with low minority populations, it becomes even more difficult to identify prohibited bases on which to focus during fair lending examinations.

For example, we reviewed 15 compliance examinations during our audit and found that:

  • 12 focused on the sex of an applicant,
  • 4 focused on marital status, and
  • 1 focused on race. (Note: Several examinations included in our sample addressed more than one prohibited base or more than one loan product.)

There were no examination procedures applied to the remaining 8 prohibited bases: age, color, the exercise of consumer rights, familial status, handicap, national origin, public assistance income, or religion.

As for coverage of loan products in the 15 examinations we reviewed,

  • 9 focused on mortgage loans,
  • 3 focused on consumer loans,
  • 4 focused on commercial loans, and
  • 1 focused on automobile loans.

Based on these results, absent a compelling reason to do otherwise, it appears fair lending examinations will often not be scoped in a manner that tests compliance with fair lending laws for all loan products and prohibited bases. (Note: Examiners will perform additional testing if, during the risk-scoping phase of the fair lending examination, they find that a fair lending complaint has been filed against the institution, or changes have been made in the institution's management, loan policies, or loan products.) The lack of coverage may be attributable to inadequate data available for examiners to use when applying the risk-scoping procedures.

As described in more detail in Appendix III of this report, various federal statutes establish credit application data requirements and information monitoring requirements. According to DCA management, the FDIC has the authority to dictate additional types of credit application data maintained by banks. In 1997, the FDIC promulgated a final rule that amended its Fair Housing regulation by eliminating the FDIC's separate fair housing recordkeeping requirements. The final rule reduced the burden associated with maintaining, updating, and reporting a register of home loan applications by requiring insured state nonmember banks to comply only with the Federal Reserve Board's Regulation C, which implements the Home Mortgage Disclosure Act. The final rule sought to reduce the burden on insured state nonmember banks and to more closely align the FDIC's fair housing regulation with those of other federal bank and thrift regulatory agencies. Additional details are provided in Appendix III. At this time, DCA management does not believe the potential cost of the added regulatory burden on institutions outweighs the possible increased efficiency and effectiveness of the FDIC's fair lending examinations. In addition, DCA management believes its outreach and education programs must be considered when determining the FDIC’s effectiveness in ensuring that banks comply with the fair lending laws.

Because this review was limited to the risk-scoping phase of fair lending examinations and did not consider other aspects of DCA's fair lending efforts, we were unable to draw definitive conclusions with regard to the overall effectiveness of its fair lending compliance program.

EFFECTIVENESS OF DCA INTERNAL CONTROL OVER THE FAIR LENDING RISK-SCOPING PROCESS

DCA had generally effective internal control over fair lending examination planning to ensure adequate analyses were conducted to scope the fair lending reviews; however, examiners were not always adequately documenting the results of their fair lending risk-scoping efforts. (Note: As previously stated, examiners are often faced with a scope limitation due to the lack of key bank applicant data. Our assessment of internal control is based on the assumption that risk-scoping data is available.) Although DCA internal procedures require examiners to prepare pre-examination planning (PEP) memos to document the results of examiners' risk-scoping efforts, the FFIEC procedures provide examiners the option of using checklists to document the results of the banks' compliance management programs. Consequently, the results of the fair lending risk-scoping performed by examiners were not compiled in a comprehensive manner in the examination workpapers to support the basis of the fair lending examination or for use in scoping subsequent examinations.

According to the FDIC Compliance Examination Manual, pre-examination planning is part of the examination process and will focus efforts and reduce on-site examination time. The procedures require a detailed analysis of data that is requested from the institution, available in the FDIC regional or field offices, and contained in the FDIC's databases. To document the results of compliance examination pre-examination planning and risk-scoping, examiners are required to prepare PEP memos. The PEP memo is used to address all aspects of a compliance examination and is not limited to planning for fair lending. The PEP memo should address:

  • the proposed scope of examination,
  • interim activity pertinent to the scoping strategy,
  • issues to be investigated or areas to be targeted and reasons why, and
  • areas where only limited testing is deemed necessary and the reasons why.

During our review we found that, in all cases, a pre-examination planning memorandum had been prepared by the examiners-in-charge and reviewed by the field office supervisors. However, in several cases, the PEP memos did not fully address the results of the examiners' fair lending risk-scoping efforts. Based on our reviews of 15 PEP memos, we noted that 7 of the PEP memos contained all of the required elements noted above. The remaining eight cases generally met the requirements but did not identify the fair lending risk or the areas to target.

According to the examiners we interviewed, it is not always possible to complete the pre-examination planning for fair lending before the start of the on-site examination. Due to the lack of monitoring data from the institutions available to examiners before the start of the examinations, products and prohibited bases cannot always be identified during the off-site risk-scoping phase of an examination. However, during our review of examination workpapers we noted a best practice. In six instances, the examiners documented the results of the fair lending examination risk-scoping and the results of the on-site review in a Fair Lending memo that was maintained in the workpapers. The Fair Lending memos were prepared in addition to the PEP memos. These Fair Lending memos were prepared at the close of the compliance examination and focused specifically on the fair lending aspect of the compliance examination, unlike the PEP memos that provide planning data for all aspects of the compliance examination.

In addition, the FFIEC interagency procedures suggest that examiners use a Compliance Management Review Checklist to evaluate the strengths of a bank's compliance program; however, use of the checklist is not required. FFIEC procedures state that the examiner should refer to the Compliance Management Review Checklist to evaluate the strengths of bank compliance programs in terms of their capacity to either prevent or identify and then self-correct fair lending violations. Based on this evaluation, examiners can set the scope of their transaction analysis by adjusting sample sizes to the extent warranted by the strength and thoroughness of the bank compliance programs. Use of the checklist will also help to identify any compliance program or system deficiencies that merit correction or improvement.

In all cases, examiners stated that they had conducted reviews of the bank's compliance management function either during the pre-examination phase or while on-site; however, in 12 cases, the results of the review were not compiled or documented in a comprehensive manner in the workpapers. The examiners explained that the information related to the bank's compliance management function could be found throughout the examination workpapers, and we did find evidence that the examiners used this information in scoping the fair lending examination. For the remaining three cases, examiners completed the Compliance Management Review Checklist provided in the FFIEC procedures. According to examiners, there are several reasons they do not always use the checklist:

  • some examiners use different methods to conduct and document the review,
  • other examiners do not document the reviews because of the small size of the banks or because they rely on their "prior knowledge of the bank," and
  • one examiner was not aware that the procedures contained a Compliance Management Review Checklist.

Without supporting documentation, DCA cannot ensure that examiners have performed adequate analyses and have a sound basis for the scope of fair lending reviews. In addition, requiring that examiners fully document their risk-scoping efforts and the result of their analyses in the workpapers will also provide a starting point for the next examination, because it will identify the previous target areas, weaknesses related to compliance management, and the extent of on-site testing.

Recommendation

We recommend that the Director, DCA:

  1. Direct DCA's Internal Review staff to evaluate the documentation of the risk-scoping process to determine if the level of documentation provides management reasonable assurance that examiners are adequately scoping fair lending examinations.

CORPORATION COMMENTS AND OIG EVALUATION

On January 18, 2002, the DCA Director provided a written response to the recommendations contained in the draft report. The Director concurred with recommendation 3 but did not concur with recommendations 1 and 2. However, after meeting with the DCA Director on March 14, 2002 to discuss his response, we concluded that DCA has taken action with respect to both recommendations 1 and 2. We also made several changes to the report to address the Director's concerns. The Director's response is presented in Appendix IV of this report. A summary of the Director's response to the report recommendations and our evaluation follows.

Recommendation 1: Issue interim guidance, pending action by the FFIEC, for risk-scoping fair lending examinations for small and non-HMDA reporting banks, to include but not limited to: minimum criteria for reviews of small banks, guidelines for reviews of banks that are not required to report HMDA data, and sampling guidelines for banks with low lending volumes. DCA did not concur with this recommendation. According to the Director’s written response, the issue is the lack of guidance for how to proceed when there is no reasonable focal point to select for on-site review because the banks exhibit little or no risk of discrimination. DCA management stated that important scoping considerations are applicable regardless of the size of a bank or whether it is subject to HMDA. These scoping considerations primarily focus on assessing how management runs the compliance function as it relates to policies and procedures in place and previous violations. On November 8, 2001, after an interagency effort to correct this deficiency failed to achieve consensus, DCA issued a new appendix to the Interagency Fair Lending Procedures entitled FDIC Examination Procedures for "Low-risk" Institutions.

DCA also did not concur with that portion of the recommendation that states DCA should issue supplemental sampling guidelines for banks with low lending volumes. According to DCA's response and subsequent discussions with DCA management, even if differences were identified among a small number of loans, it would be difficult to show that the difference in treatment was because of a prohibited basis, without evidence of overt discrimination, as the small number of loans would not support the discovery of similarly-situated institutions. In such situations, there would be no sound legal basis for citing a violation of the fair lending laws or regulations.

OIG Comments: In a meeting with the DCA Director and an Assistant Director on March 14, 2002, DCA provided additional information to the OIG clarifying the January 18, 2002 response. According to the Director, DCA's intention in issuing the November 8, 2001 appendix was to provide guidance for DCA examiners on how to risk-focus their review of fair lending requirements. One aspect the examiners should consider in risk-scoping the examination is the type of coverage provided by the previous examination. In addition to the comparative analysis approach mentioned in the appendix, DCA examiners may also review underwriting and pricing policies, and analyze terms and conditions for the purpose of finding overt discrimination or indications of noncompliance. The risk-focused approach may result in the examination team not conducting the same tests performed at the previous examination, but should not result in any bank receiving a low level of review on a repeated basis.

In addition to issuing the appendix, DCA is in the process of conducting workshops for its examiners that address the conduct of fair lending examinations, including various issues that arise during risk-scoping. Finally, DCA has initiated a referral and consultation program that emphasizes direct contact with the Washington office for guidance during the fair lending examination process. The DCA Director emphasized that expert judgment is critical in assessing evidence of possible discrimination and that no written policies could provide sufficient guidance. According to the Director, DCA examiners are taking advantage of this approach, and the number of discrimination cases presented to the Washington office for review has increased significantly. Furthermore, DCA has added a senior fair lending specialist who provides technical expertise to staff investigating complaints of possible discrimination.

Based on the additional information provided by DCA at the March 14, 2002 meeting, it appears that DCA has taken sufficient action to address recommendation 1. In future audit coverage, we may evaluate the impact that the additional guidance and other steps DCA described to us are having on the scope of fair lending work conducted by DCA.

Recommendation 2: Work with the FDIC's Training and Consulting Services Branch to enhance the Fair Lending Examination Procedures Workshop to highlight procedures to follow when conducting fair lending examinations of small and non-HMDA reporting banks. DCA did not concur for the same reasons cited for recommendation 1. However, as a result of concerns about the need for additional guidance and training with respect to low risk institutions, DCA presented new guidance at the December 2000 National DCA Conference and made extensive revisions to the fair lending workshop course last spring.

OIG Comments: Although DCA did not concur, the Division has already taken action with respect to the recommendation.

Recommendation 3: Direct DCA's Internal Review staff to evaluate the documentation of the risk-scoping process to determine if the level of documentation provides management reasonable assurance that examiners are adequately scoping fair lending examinations. The DCA Director agreed with this recommendation and stated that because of similar concerns, last year he asked the DCA quality assurance staff to undertake such a review, which the staff recently completed. Although the report is not yet final, the review determined that the present level of documentation of the scoping process needs to be improved. According to subsequent discussions with DCA management, new documentation requirements will be issued in May 2002.

We consider recommendations 1 and 2 resolved, dispositioned, and closed for reporting purposes. Recommendation 3 is resolved but will remain undispositioned and open for reporting purposes until we have determined that the agreed-to corrective action has been implemented and is effective.


APPENDIX I

OBJECTIVES, SCOPE, AND METHODOLOGY

The objectives of this audit were to assess: (1) the adequacy of the Federal Financial Institutions Examination Council (FFIEC) Interagency Fair Lending Examination Procedures for the FDIC's pre-examination planning for fair lending examinations of small banks, (2) the FDIC's implementation of the FFIEC interagency procedures as they relate to identifying fair lending risks during the off-site pre-examination planning phase of the fair lending reviews, and (3) the related DCA management controls. To accomplish the audit objectives, we reviewed compliance examinations conducted during the period of May 2000 through August 2000 for 15 randomly selected FDIC-supervised banks: 5 from each of the DCA Chicago, Kansas City, and New York regional offices. The banks ranged in asset size from $15.4 million to $410.7 million.

Our audit work included reviewing fair lending-related laws and regulations, the FFIEC Interagency Fair Lending Examination Procedures issued in January 1999, the DCA Compliance Examination Manual, DCA Compliance Examination Reports for the 15 banks in our sample, compliance examination workpapers, supplemental FDIC policies and procedures, and DCA training materials. Also, we interviewed Washington and regional office management and field office examination staff. To assess DCA management controls and oversight, we reviewed the FFIEC procedures and the DCA Compliance Examination Manual to identify the controls related to risk-scoping of examinations. We also reviewed the examiners' planning documents and interviewed field office examiners for each of the examinations in our sample to determine the level of compliance with the controls in place. In addition, we reviewed planning documents to ensure evidence of supervisory review by field office supervisors.

We used the DCA Management Reporting System to determine the universe of compliance examinations for the period and to select the audit sample. We obtained compliance examination ratings and dates from the Compliance Statistical System (DCA's examination tracking system). In addition, we obtained the banks' financial data from the FDIC Institution Directory. We did not test the reliability of these systems as part of this audit, but we did confirm selected information in our review of compliance examination reports and workpapers, and no discrepancies came to our attention. Fieldwork was performed from October 2000 to June 2001. The audit was conducted in accordance with generally accepted government auditing standards.


APPENDIX II

SUMMARY OF FAIR LENDING LAWS: FAIR HOUSING ACT AND EQUAL CREDIT OPPORTUNITY ACT

Fair Housing Act

The Fair Housing Act was enacted as Title VIII of the Civil Rights Act of 1968. Under the Fair Housing Act (Act) it is unlawful to discriminate in: (1) the sale or rental of housing, (2) residential real estate-related transactions, or (3) the provision of brokerage services. For the purpose of this audit, our analysis focused on sections of the Act related to residential real estate-related transactions. According to Section 805 (42 USC §3605),

It shall be unlawful for any person or other entity whose business includes engaging in residential real estate-related transactions to discriminate against any person in making available such a transaction, or in the terms or conditions of such a transaction, because of race, color, religion, sex, handicap, familial status, or national origin.

As used in this section, the term "residential real estate-related transaction" means:  

the making or purchasing of loans or providing other financial assistance for purchasing, constructing, improving, repairing, or maintaining a dwelling; or secured by residential real estate; or the selling, brokering, or appraising of residential real property.

Section 808 (42 USC §3608) of the Fair Housing Act states that the Secretary of Housing and Urban Development has the authority and responsibility for administering this Act. Specifically, Section 808(d) addresses the requirement for cooperation of the Secretary and executive departments and agencies in administration of housing and urban development programs and activities to further fair housing purposes. It states,

All executive departments and agencies shall administer their programs and activities relating to housing and urban development (including any Federal agency having regulatory or supervisory authority over financial institutions) in a manner affirmatively to further the purposes of this title and shall cooperate with the Secretary to further such purposes.

Administrative enforcement of the Act is addressed under Section 810 (42 USC §3610) which states that,

An aggrieved person may, not later than one year after an alleged discriminatory housing practice has occurred or terminated, file a complaint with the Secretary alleging such discriminatory housing practice. The Secretary, on the Secretary's own initiative, may also file such a complaint.

The enforcement responsibilities of the U.S. Attorney General are contained in Section 814 (42 USC §3614) of the Act, which states that,

Whenever the Attorney General has reasonable cause to believe that any person or group of persons is engaged in a pattern or practice of resistance to the full enjoyment of any of the rights granted by this title, or that any group of persons has been denied any of the rights granted by this title and such denial raises an issue of general public importance, the Attorney General may commence a civil action in any appropriate United States district court.

Equal Credit Opportunity Act

The Equal Credit Opportunity Act (Act) was enacted in 1974 as Title VII of the Consumer Credit Protection Act. The Congress found that there was a need to ensure that the various financial institutions and other firms engaged in the extensions of credit exercised their responsibility to make credit available with fairness, impartiality, and without discrimination. Specifically, Section 701(a) (15 USC §1691(a)) of the Act states,

It shall be unlawful for any creditor to discriminate against any applicant, with respect to any aspect of a credit transaction (1) on the basis of race, color, religion, national origin, sex or marital status, or age (provided the applicant has the capacity to contract); (2) because all or part of the applicant's income derives from any public assistance program; or (3) because the applicant has in good faith exercised any right under the Consumer Credit Protection Act.

Section 702 (15 USC §1691(a)) of the Act defines the term "applicant" as any person who applies to a creditor directly for an extension, renewal, or continuation of credit, or applies to a creditor indirectly by use of an existing credit plan for an amount exceeding a previously established credit limit. The term "credit" means the right granted by a creditor to a debtor to defer payment of debt or to incur debt and defer its payment or to purchase property or services and defer payment therefore.

The Act also requires creditors to notify applicants of action taken on their applications, to report credit history in the names of both spouses on an account, retain records of credit applications, collect information about the applicant's race and other personal characteristics in applications for certain dwelling-related loans, and provide applicants with copies of appraisal reports used in connection with credit transactions.

Compliance with the requirements imposed under this title shall be enforced under: Section 8 of the Federal Deposit Insurance Act. According to Section 704(a)(1)(C) (15 U.S.C 1691c) the Board of Directors of the Federal Deposit Insurance Corporation (FDIC) has administrative enforcement authority for state banks insured by the FDIC (other than members of the Federal Reserve System) and insured state branches of foreign banks. The agencies having responsibility for administrative enforcement, if unable to obtain compliance with the Act, are authorized to refer the matter to the Attorney General with a recommendation that an appropriate civil action be instituted. Each agency shall refer the matter to the Attorney General whenever the agency has reason to believe that 1 or more creditors has engaged in a pattern or practice of discouraging or denying applications for credit in violation of section 701(a).

Section 706 (15 USC §1691(e)) provides for civil liability and states that,

Any creditor who fails to comply with any requirement imposed under this title shall be liable to the aggrieved applicant for any actual damages sustained by such applicant acting either in an individual capacity or as a member of a class… Any creditor, other than a government or governmental subdivision or agency, who fails to comply with any requirement imposed under this title shall be liable to the aggrieved applicant for punitive damages in an amount not greater than $10,000, in addition to any actual damages.


APPENDIX III

SUMMARY OF GOVERNMENT MONITORING REQUIREMENTS RELATED TO FAIR LENDING

In order to monitor compliance with the Equal Credit Opportunity Act (ECOA), the Federal Reserve Board's Regulation B (12 CFR Part 202) requires creditors to request and maintain specific information about applicants who submit written applications for credit, primarily related to the purchasing or refinancing of a dwelling as a principal residence. Specifically, Regulation B Section 202.13(a), Information for Monitoring Purposes requires a creditor to collect information as to an applicant's race or national origin, sex, marital status, and age. Section 202.13(d), Substitute Monitoring Program, states that a monitoring program required by an agency charged with administrative enforcement of the act may be substituted for the requirements contained in the act. In addition, Section 338.7 of the FDIC Rules and Regulations (12 CFR §338.7) requires banks to retain information on the application date, name, and address of the applicant, and the location of the related property.

To implement Regulation B, the FDIC established a substitute monitoring system. As part of this system, the FDIC required certain banks that it regulates to retain information on the application date, name and address of the applicant, and location of related property in addition to the applicant's race or national origin, sex, marital status, and age (required of all banks.) The additional requirements were imposed by the FDIC on any bank with an office in a primary metropolitan statistical area or metropolitan statistical area, which had assets exceeding $10 million during the preceding year. Such banks had to retain more extensive data on the applicant (such as employment, income, number of dependents, assets and liabilities), the subject property (such as the year built, market value, census tract), and the loan request (such as purpose, amount, interest rate, closing cost, taxes and insurance, type of mortgage).

In 1997, the FDIC promulgated a final rule that amended its Fair Housing regulation. The final rule eliminated the FDIC's separate fair housing recordkeeping requirements, then located at 12 CFR Part 338 Subpart B, that served as a substitute monitoring program permitted by the Federal Reserve Board's Regulation B. Furthermore, the final rule reduced the burden associated with maintaining, updating, and reporting a register of home loan applications by requiring insured state nonmember banks to comply only with the Federal Reserve Board's Regulation C, which implements the Home Mortgage Disclosure Act (HMDA). The HMDA requires banks, savings associations, and credit unions to annually report data for home purchase loans, home improvement loans, and refinanced home loans. Institutions are exempt from this regulation for a given calendar year if as of December 31, 2000 the institution had neither a home office nor a branch office located in a metropolitan statistical area, or the institution's total assets were at or below $31 million. The final rule, which simply cross-references Federal Reserve Board Regulations B and C, sought to reduce the burden on insured state nonmember banks and to more closely align the FDIC's fair housing regulation with those of other federal bank and thrift regulatory agencies.

The action to eliminate the separate recordkeeping requirement was taken in accordance with Section 303(a) of the Riegle Community Development and Regulatory Improvement Act of 1994 (12 USC §4803(a)). That section requires the federal banks and thrift regulatory agencies to review and streamline their regulations and policies in order to improve efficiency, reduce unnecessary costs, eliminate unwarranted constraints on credit availability, and remove inconsistencies and outmoded and duplicative requirements.


APPENDIX IV

CORPORATION COMMENTS

FDIC, Federal Deposit Insurance Corporation
Federal Deposit Insurance Corporation

Washington, DC 20429
Division of Compliance and Consumer Affairs

January 18, 2002

TO: Stephen M. Beard, Deputy Assistant Inspector General

FROM: Stephen M. Cross, Director [Electronically produced version; original signed by Stephen M. Cross], Division of Compliance and Consumer Affairs

SUBJECT: Audit of DCA's Risk-Scoping Process for Fair Lending Examinations (Assignment No. 2000-811)

Thank you for the opportunity to review and comment on the draft audit report you transmitted on December 20, 2001. I want to express my appreciation to you and your staff for maintaining open communications between our organizations throughout the course of this audit. There have been numerous meetings between members of your staff and mine as the audit progressed. Opinions, views, and interpretations were freely expressed and thoroughly discussed.

It is apparent, however, that there continue to be areas of disagreement or misunderstanding between our organizations. Because it influences several recommendations, I will address the principal area of disagreement before providing our detailed responses to your recommendations. After those responses, we address several important issues raised in the draft report that did not lead specifically to one of your three recommendations.

The most fundamental area of disagreement involves the audit recommendations that focus on procedures and training for risk-scoping examinations of small banks and banks that are not required to report Home Mortgage Disclosure Act (HMDA) data. We believe the focus of our efforts, and your recommendations, should be on institutions that exhibit a low risk of discrimination – irrespective of size or whether subject to HMDA. It is our judgment that the size of a bank, or whether it is subject to the HMDA reporting requirements, has little or no bearing on the applicability of the Interagency Fair Lending Examination Procedures, or on an examiner's ability to properly conduct the risk-scoping stage of the fair lending examination. For example, important scoping considerations such as overt indications of discrimination, complaints filed against the institution, vague and subjective underwriting or pricing criteria, whether discretionary yield spread premiums are permitted, and the quality of the institution's compliance program are applicable to all institutions, regardless of size.

In addition, all institutions (regardless of size or whether subject to HMDA) are required to collect and retain government monitoring information on certain residential real estate-related transactions (See 12 CFR 202.13). While only certain institutions are required to annually report this information under HMDA, this information is available in all institutions for our examiners’ review and consideration. Further, no institution (regardless of size or whether it is subject to HMDA) is permitted to collect government monitoring information in any other type of credit transaction.

Recommendations

OIG Audit Recommendation (1)

DCA should issue interim guidance, pending action by the FFIEC, for risk-scoping fair lending examinations for small and non-HMDA reporting banks, to include but not limited to:

  • minimum criteria for reviews of small banks,
  • guidelines for reviews of banks that are not required to report HMDA data, and
  • sampling guidelines for banks with low lending volumes.

DCA Response

We do not concur with this recommendation. As we discussed above, we believe the focus on small and non-HMDA reporting banks is misplaced. However, we have acknowledged that there is a deficiency in the interagency procedures. They lack guidance on how to proceed when no reasonable focal point can be selected because the institution, regardless of its size or whether it is a HMDA reporter, exhibits little or no risk of discrimination. After an interagency effort to correct this deficiency failed to achieve consensus, on November 8, 2001, DCA issued a new appendix to the Interagency Procedures titled FDIC Examination Procedures for "Low-Risk" Institutions. Copies of the new Appendix and the global message disseminating it to DCA staff were provided to your staff.

We also do not concur with the third aspect of this recommendation – that DCA should issue supplemental sampling guidelines for banks with low lending volumes. As we discussed, the staff of the FFIEC agencies carefully considered the sampling guidelines when developing the interagency procedures. Based on field experience and an awareness of federal civil rights cases, staff knew that even if disparate treatment were identified among a small number of loans, it would be difficult to show that the difference in treatment was because of a prohibited basis, without evidence of overt discrimination. In such a situation there would be no sound legal basis for citing a violation of the fair lending laws or regulations. Therefore, the sampling guidelines are the result of a carefully considered, and we believe sound, programmatic decision to focus examiner attention on situations likely to produce reliable results.

OIG Audit Recommendation (2)

Work with the FDIC's Training and Consulting Services Branch (TCSB) to enhance the Fair Lending Examination Procedures Workshop to highlight procedures to follow when conducting fair lending examinations of small banks.

DCA Response

We do not concur with this recommendation for the reasons cited above. However, as a result of our concerns about the need for additional guidance and training with respect to low risk institutions, we presented new guidance at the December 2000 National DCA Conference, and made extensive revisions to the fair lending workshop course last spring. The modified course received exceptionally high participant evaluations each time it was presented. Because all DCA examiners have now attended the course, we do not plan to hold it again in the near future. We do intend to provide additional training on fair lending topics during our Commissioned Compliance Examiner Workshops that will begin in March. TCSB is working with us on the development of these workshops.

OIG Audit Recommendation (4) (Note: There was no Recommendation (3).)

Direct DCA's Internal Review staff to evaluate the documentation of the risk-scoping process to determine if the level of documentation provides management reasonable assurance that examiners are adequately scoping fair lending examinations.

DCA Response

We concur with this recommendation. Because of similar concerns, last year I asked the DCA quality assurance staff to undertake such a review, which they recently completed. Although the report is not yet final, the review determined that the present level of documentation of the scoping process needs to be improved. New documentation requirements will be issued by April 1, 2002.

Other Issues

Commercial Lending

The results of the audit are summarized on Page 2 of the draft report. One conclusion is that the interagency procedures do not provide examiners with adequate guidance for conducting reviews of commercial loan products. Commercial lending is discussed at length later in the report. While we agree that the procedures contain little guidance on examining commercial loan products, this is not due to an oversight. As your report acknowledges, it is difficult to construct a reliable comparative analysis in this area because of a lack of government monitoring information, and because the underwriting criteria for commercial loans typically vary with the nature of the business.

However, the members of the Joint Agency Task Force on Discrimination in Lending, which includes the federal financial regulators and the federal enforcement agencies, share information, ideas, and experiences on this topic on a continual basis. Additional guidance on examining commercial loan products will be issued when appropriate.

Government Monitoring Information

A second conclusion reported on Page 2 is that due to the lack of available monitoring and demographic data, examiners were often unable to apply risk-scoping procedures to determine the potential for discrimination under many of the prohibited bases covered by the Fair Housing Act or the Equal Credit Opportunity Act.

We are uncertain about the meaning of the reference to demographic data. We obtain demographic data from the Census Bureau, and it is available for all geographic areas of the country regardless of the size or nature of the bank that we are examining.

The reference to a lack of available monitoring information leads to a lengthy discussion about this topic in the draft report. The discussion implies that the federal government in general, or the FDIC in particular, should require lenders to collect information from credit applicants, for all credit products, about all 11 of the prohibited bases in either of the two fair lending statutes. The report also states, "At this time, DCA management does not believe the potential cost of the added regulatory burden on institutions outweighs the possible increased efficiency and effectiveness of the FDIC's fair lending examinations." We are concerned that both the discussion and the characterization of our position oversimplify a difficult and sensitive subject.

Since the passage of the first modern-era federal civil rights statutes in the 1960's, the federal government has endeavored to balance the usefulness of government monitoring information for ensuring compliance with civil rights statutes; the burden placed on entities required to collect, maintain, and in some cases report such information; and the privacy of individuals the statutes were designed to protect. Some of the factors considered in arriving at the present government monitoring information requirements and prohibitions under the fair lending statutes include:

  • In which loan products do lenders usually meet with credit applicants face-to-face?
  • What information would usually be apparent to a lender from the face-to-face meeting? and,
  • On what prohibited bases has discrimination been most likely to occur?

Lenders are required to collect and maintain information about the sex, race, national origin, marital status, and age of applicants for residential real estate-related credit transactions. Current regulations prohibit the collection of government monitoring information in the course of offering consumer, commercial and automobile loans. Sex, race, and national origin are the bases on which discrimination has historically been most likely to occur. Age is permitted to be solicited in all credit applications so the lender can determine if the applicant may enter into a legal contract, and marital status may be solicited when the applicant's creditworthiness may be affected by state marital property laws. In addition, mortgage credit transactions typically involve a face-to-face meeting between the applicant and the lender, and the applicant's sex, race, and national origin is usually apparent to the lender by virtue of the face-to-face meeting, so the lender is not gaining information that is not already known.

On the other hand, a lender is prohibited from asking about an applicant's religion in the application process for any credit product because an applicant's religion is usually not apparent to a lender even in a face-to-face meeting. Similarly, lenders are prohibited from inquiring about any prohibited basis except age (and marital status in community property states) in a credit card application because these transactions usually do not involve face-to-face meetings. Permitting a lender to make these inquiries about an applicant could create opportunities for discrimination to occur that would not otherwise exist.

Overall, your report can be read to suggest that the FDIC exercise its authority to significantly expand the types of credit application data maintained by the banks it supervises. I want to make clear the position of DCA management on this important issue. We have no doubt that monitoring information improves the effectiveness of fair lending evaluations. However, a decision to expand required data collection will require weighing that improved effectiveness (and the likelihood of detecting illegal discrimination) against the burden on financial institutions, the potential invasion of individuals' privacy, and the potential for creating opportunities for discrimination where none existed. We believe this issue should be explored publicly on a government-wide basis. We do not believe it would be prudent for the FDIC to act independently of other regulatory or enforcement agencies on this matter.

Conclusion

I want to again express my appreciation for the opportunity to review and comment on the draft report and for the professional, courteous approach of your Office to the conduct of this audit. I would be glad to discuss any aspect of this response with you.

cc: Powell
Reich
Bovenzi
Deshpande
Lee, C.K.
Burniston
Gambrell

Last Updated 04/16/2002