Skip to main content

Looking for Valuant? You are in the right place!

Valuant is now Abrigo, giving you a single source to Manage Risk and Drive Growth

Make yourself at home – we hope you enjoy your new web experience.

Looking for DiCOM? You are in the right place!

DiCOM Software is now part of Abrigo, giving you a single source to Manage Risk and Drive Growth. Make yourself at home – we hope you enjoy your new web experience.

Consumer lending compliance: Hot-button issues to monitor

Mary Ellen Biery
November 22, 2021
Read Time: 0 min

Consumer lending laws & compliance 

Financial institutions offering consumer loans need to know about these major consumer lending laws and recent compliance issues.

You might also like this webinar,

"Consumer Lending 101."


Pandemic issues

Consumer lending compliance spotlight

Consumer lending compliance — like other aspects of enterprise risk management at financial institutions — saw a huge impact from the COVID-19 pandemic.

Banks and credit unions extending payments on vehicle loans, personal loans, or other consumer loans had to ensure they provided accurate disclosures in compliance with federal and state consumer protection laws. They also had to ensure adequate documentation of borrowers’ payments under any loan modifications or accommodations, as well as any changes to collateral values or advances on new or existing loans.

The Consumer Financial Protection Bureau (CFPB), which enforces federal consumer financial laws, noted recently financial institutions faced tremendous challenges offering accommodations to pandemic-impacted consumers. In some cases, those operational challenges posed elevated risk to consumers, the CFPB said. These risks included:

  • Inaccurate or incomplete information about accommodations and/or the impact of them on credit obligations
  • Inaccurate or incomplete information about preauthorized fund transfers
  • Inaccurate or incomplete information about required payments
  • Difficulty meeting timely disclosure requirements.

Compliance issues can seem overwhelming to consumer lenders, especially when dealing with a public crisis like the pandemic on top of day-to-day duties. Understanding consumer financial laws and what’s required is an essential step to consumer lending compliance. In addition, having consumer loan origination software that provides a workflow designed to aid compliance will save valuable staff time and provide peace of mind.

Top laws

Major consumer loan compliance regulations

Major consumer loan compliance regulations cover everything from taking applications and approving or rejecting the credit to collecting payments and reporting to the government on various aspects of the loans. Some of the significant regulations and related laws that financial institutions must follow when they are engaged in consumer lending include: :

1. Regulation B, implementing the Equal Credit Opportunity Act (ECOA) for fair lending

2. Regulation Z, which implements the Truth in Lending Act (TILA)

3. Regulation E, implementing the Electronic Funds Transfer Act (EFTA)

4. Regulation V, implementing the Fair Credit Reporting Act (FCRA) related to consumer reporting

5. Regulation F, which implements the Fair Debt Collection Practices Act (FDCPA)

6. The Bank Secrecy Act (BSA) and related regulations for reporting suspicious activities.

Many states also have compliance requirements and regulations, including usury laws. The Conference of State Bank Supervisors recently released an interactive tool to help lenders compare state consumer lending requirements.

Reg B compliance for consumer lenders

David L. Osborne, Founder of financial institution training firm Osborne & Associates, LLC, said the Equal Credit Opportunity Act should be familiar to all lenders. “This applies not only to consumer loans but to mortgages — residential and commercial—every form of credit in America,” he said during a recent Abrigo webinar, “Consumer Lending 101.”

Reg B, which implements one of two federal fair lending laws (the other is the Fair Housing Act), describes requirements for accepting credit applications. The ECOA and Reg B also prohibit discrimination in any aspect of a credit transaction, including an application for new or extended credit or the revocation, alteration, or collection of credit based on any of the following:

  • Race, color, religion, national origin, sex or marital status, or age (assuming capacity to contract)
  • Because part or all of the applicant’s income is derived from public assistance
  • Because the applicant exercised any right under the Consumer Credit Protection Act in good faith.

In addition, Reg B bars creditors from making statements that would discourage credit applicants on any of the bases listed above. Such statements could be oral, written, via advertising, during prescreening, or other ways. Examiners, therefore, will routinely consider whether consumer lending underwriting and pricing guidelines, policies, and procedures comply with these requirements.

Numerous regulatory resources go into detail, including fair lending videos from the FDIC and examination procedures published on the Consumer Financial Protection Bureau’s website.

Incorporating Reg B requirements into a consumer lending solution means the online loan application will be compliant. In addition, the credit spreading, risk rating, pricing, and servicing will provide consistent application of your policies on a scalable, life-of-loan platform. This helps financial institutions make defensible decisions with speed.


Consumer lending compliance under Reg Z

Violations of TILA/Reg Z were among the most frequently cited violations in 2020, according to the FDIC’s March 2021 Consumer Compliance Supervisory Highlights. And given the heightened risk for potential consumer harm by violations of Reg Z, it is an area that generally represents a center of focus for consumer compliance examiners.
TILA and Reg Z provide a uniform system of disclosures for advertisements and the application process related to the cost of many types of consumer credit. These affect the type and timing of disclosures, and they can vary based on whether the credit is open-end or closed-end. The types of loans excluded from TILA and Reg Z include credit extended primarily for a business or for agricultural purposes and certain student loan programs.
Along with requirements to disclose the interest rate as an annual percentage rate (APR), TILA and Reg Z also regulate, according to the National Credit Union Association (NCUA):

  • Credit billing and credit payment processing practices
  • Credit card practices as well as certain mortgage lending practices
  • Standards for most loans secured by dwellings.

TILA and Reg Z also provide consumers securing specific types of credit like a home equity line of credit the right to rescind the transaction within three business days (every calendar day except Sunday and the legal public holidays) after becoming obligated to the debt. If a transaction is rescindable, creditors must provide consumers with a notice explaining that:

  1. The creditor has a security interest in the consumer’s home
  2. The consumer may rescind
  3. How the consumer may rescind
  4. The effects of rescission
  5. The date the rescission period expires.

Consumer notifications and disclosures can be difficult to track and prevent from slowing down the closing without a good process. Having a loan process management method that matches credit policy that complies with Reg Z and documents each step of the process allows improved auditability. Consumer lending software can systematize the financial institution’s procedures, disclosures, and notifications.


Reg E consumer lending compliance

The EFTA gives borrowers rights regarding disclosures, automated bill payments, and remittances when they take out auto loans, unsecured loans, recreational vehicle loans, and other types of consumer loans. Specifically, lenders must be aware of obligations tied to posting electronic and internet payments, procedures for canceling and refunding remitted transfers, and estimates tied to prepayments. Other requirements for consumer lenders under the EFTA are similar to other areas of financial services, such as those related to correcting errors.


Consumer lending compliance under Reg V

Generally, regulators don't view financial institutions as consumer reporting agencies under the FCRA and Reg V. However, according to the FDIC, they can be deemed as such based on their information sharing practices. For example, lenders have specific requirements for notifying borrowers about risk-based pricing practices when they use consumer credit reports to decide terms for:

  • Student loans
  • Unsecured credit cards
  • Secured credit cards
  • New automobile loans
  • Used automobile loans
  • Fixed-rate mortgage loans
  • Variable-rate mortgage loans.

They also have “know your customer”-related obligations for ensuring appropriate proof of identity to match consumers with their credit files.

Finally, the Consumer Financial Protection Bureau reminded lenders recently that when companies furnishing information to consumer reporting companies (CRCs) receive disputes on information that has been reported about consumers, they must investigate those disputes and verify the accuracy of the furnished information.

Stay up to date with consumer lending issues.

 The CFPB cited concerns that during the pandemic, staffing and other issues resulted in elevated risk to consumers that inaccurate information was reported to CRCs and wasn't corrected quickly.

More consumer compliance laws

Debt collections & anti-money laundering

Reg F

The FDCPA, implemented via Reg F, affects consumer lenders during payment collections because it describes consumer protections and lender processes when debt is incurred primarily for personal, family, or household purposes. It does not apply to collecting corporate debt or debt for business or agricultural purposes.

The law and Reg F prohibit lenders/debt collectors from several practices considered harassing, oppressive, or abusive, including:

  • Making repeated telephone calls (e.g., more than seven times within seven consecutive days)
  • Contacting the consumer at their place of business without their permission
  • Communicating with anyone other that the consumer and certain other parties
  • Using false, deceptive, or misrepresentative means to collect the debt, such as threatening action that cannot be taken or isn’t intended to be taken
  • Calling or sending a text message to consumers outside of the hours of 11 a.m. ET and 9 p.m. ET.
  • Communicating with a consumer regarding a debt by postcard or using language or symbols on the envelope that indicate the mail is coming from a debt collection business

“It’s a form of intimidation, calling them at two o’clock in the morning,” Osborne said during the webinar. “And it’s subject to their time zone, by the way.”



When either the source of funds or their use is not transparent, the risk of money laundering or terrorist financing may increase. “This lack of transparency can create opportunities in any of the three stages of money laundering or terrorist financing schemes” – placement, layering, or integration, according to the Federal Financial Institutions Examination Council (FFIEC). Examples of schemes include:

  • Loans made for, or paid by, a third party
  • The financial institution or the customer trying to sever the paper trail between a borrower and illicit funds
  • Loans are extended to a party or involve collateral located outside the U.S., including higher-risk jurisdictions.

As a result, consumer lenders must comply with the BSA and related regulations for reporting suspicious activities.

According to the FFIEC, all loans are accounts for customer identification program (CIP) purposes. The BSA requires financial institutions to have policies, procedures, and processes to monitor, identify, and report unusual and suspicious activities in consumer lending accounts. Examples of types of monitoring include loan reports such as early payoffs, cash-secured loans, fraud, and past-due loans, but institutions’ monitoring systems should be based on the size and complexity of the lending business.

And of course, lenders must follow Currency Transaction Reporting (CTR) requirements related to any loan payments or transfers related to loans.

Using AML screening software that allows customized fraud scenarios to match the bank or credit union's risk tolerance and minimize false positives enables the financial institution to better identify, detect, and stop money laundering and consumer lending fraud.

Get the latest best practices for Consumer Lending
Watch "Consumer Lending 101"

keep me informed Watch Webinar
About the Author

Mary Ellen Biery

Senior Strategist & Content Manager
Mary Ellen Biery is Senior Strategist & Content Manager at Abrigo, where she works with advisors and other experts to develop whitepapers, original research, and other resources that help financial institutions drive growth and manage risk. A former equities reporter for Dow Jones Newswires whose work has been published in

Full Bio

About Abrigo

Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.

Make Big Things Happen.