UDAAP Discussion Thread

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
  • #2409

    I’m going to get into the “heavy lifting” of UDAAP tomorrow – I’ve been finishing a project this week. With that said, I thought I’d go ahead and at least try to get a thread started.

    I’m not certain what Jack had in mind for this thread, but I think the most important thing on my to-do list will be reviewing disclosures – though I’m trying to get a feel for who I’ll get to review the disclosures. My general thought is that less experienced employees may be good “volunteers” for this job as they won’t have the experience to “know what it meant”.

    I shall return.


    I have reviewed the material from last Friday’s meeting on UDAAP. I thought the policy was fine as printed and just plugged internal bank names where needed to meet the responsibilities. It is ready to be approved at our board meeting next month. I have printed off the procedures and checklists for each section and given a copy to our President, Operations Oficer and Internal Auditor to review and we are going to discuss next week. I liked the format and the checklists pretty well as printed but will have more feedback after our meeting.

    Glenn Vick
    Auburn Banking Company


    First, just want to say that these materials are great! I finally had the opportunity to review today and feel that this will help me get UDAAP policies and procedures implemented at my bank without having to jump off the roof!

    Just wanted to provide a few questions or comments that I had as I progressed through the material:
    1. Is there a need to put a UDAAP section in other policies that reference the fact that UDAAP policies and procedures exist, once these are implemented? The act of getting a policy approved in our bank takes quite a few steps and we are beginning a new year of taking policies to board so would like to know if this is something we should build into other policies as a reference.

    2. Just as a comment, anytime we have a large change with policies/procedures in our bank, we have begun to setup an “Alliance” for whatever the subject matter is. This allows us to draw people in from other areas of the bank so that those areas affected are aware and take part in the change. I am leaning toward a UDAAP Alliance for this to be able to review all existing products/services! In other words, compliance is everyone’s responsibility, don’t do it alone! 🙂

    3. Does anyone currently have a complaint/resolution policy/procedure that they don’t mind sharing? We have minimal procedures but I would like to have something more substantial in order to provide some consistency across all banking centers and management and would like to have this as part of this UDAAP project.

    4. In the procedures, do you see the “Control” function as a Compliance function in your bank?

    Thanks in advance for help and feedback!

    Kelly Owsley


    We reviewed the policy and procedures and found the materials great. We did find a couple of ‘grammar’ type corrections needed. We like the format of the Risk Assessment and plan to implement for all policies. Currently, we attach a memo stating the reason why have the policy and any changes/revisions since last approval; however, we like this format and the inclusion of the Risk Assessment.

    On page 3 under Control, first sentence. The first sentence has two ‘a’s’. Believe it should be ‘an’. Also, the word ‘sue’ should be ‘due’. [Insert appropriate party] reviews, on an [insert frequency] basis, a sample of new open-end loans to determine the percentage of the total amount of fees due at account opening, fees due …..

    Page 3, under Control, last sentence. Place a comma after 25%.

    Page 3, under Audit, second bullet. Remove one of the ‘periods’.

    Policy: A period is needed at the end of the first paragraph.



    I was wondering if a “YES” answer in the Product/Service Readiness Checklist in all situations indicates higher risk. It seems in some of the questions (ex: Are transactons simple and easy to explain? Can easily be understood by customer?) a “YES” would indicate less risk.


    Thanks to one and all for the input. I have some work to do on this material before our next meeting. Before I chime in on Kelly’s questions I would like to see some input from you all. Let her know how you handle some of these issues in your bank.

    I hope all of you are subscribers to my blog; it’s free. I posted an article today that we will discuss on Friday. It appears that the big stuff is about to start flowing out of the CFPB. Check out the article at:


    After reviewing the materials, I find this is going to be a daunting task for us. The materials are great! I really like Kelly’s “Alliance” in making everyone responsible for compliance. It is going to take all employees working together to conquer UDAAP.

    For Control in the procedures, I feel it will more than likely fall under compliance especially in a small community bank.



    I have my first UDAAP Alliance meeting on the calendar to occur next Thursday, the 23rd. My Alliance group is made up of the marketing department (3 members), a customer service representative, a loan officer, a collection supervisor, two audit assistants, and an HR representative. The goal is to allow each of those individuals/depts. review the checklists that Jack provided to us and tweek them to fit the needs of our bank. Once the worksheets are reviewed, we will then use those to review our existing products and services. In addition the worksheets will become part of our procedures to ensure new products/services are reviewed as well. The policy and procedures will be reviewed and tweeked as part of the Alliance and taken to Board for approval by end of March. My goal is to have everything in place and complete by end of April! Just wanted to provide some feedback on how my Alliance group is working and who is a part of it. Thanks!


    Question regarding the UDAAP Procedures: Is it reasonable to think that the Operating function and the Control function can be handled by the same group, i.e. Compliance department. For example, the Repricing and Changes in Terms Checklist appears to be a function that would best fit the Compliance dept. in our bank. Would we be criticized by examiners if the compliance dept. handled both Operating and Control functions and then our internal audit department handled the audit function?


    You don’t want to have the same person performing a task and reviewing the task. Both the operating and controls functions can occur within the same department, but with different employees performing the tasks.

Viewing 10 posts - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.