The Federal Reserve Board’s Office of the Inspector General (OIG) has issued an evaluation of the CFPB’s Consumer Response unit, which is responsible for managing the CFPB’s consumer complaint system.  First launched in July 2011 for credit card complaints, the system was expanded in November 2011 to take mortgage complaints and, earlier this year, the system was further expanded to take complaints about deposit accounts, student loans, auto loans and other consumer loans.  The CFPB has said it plans to take complaints about all consumer financial products and services by the end of 2012. 

The OIG’s evaluation finds that “overall, the CFPB has a reasonable process to receive, respond to, and track consumer complaints.”  While it found the system to be generally compliant with Dodd-Frank, the Privacy Act and industry best practices, the OIG’s evaluation includes five recommendations for improving the system.  The OIG wants the CFPB to (1) implement more robust controls for manual entry of complaint data to reduce the risk of capturing inaccurate information, (2) identify and remediate the cause of data discrepancies throughout the system and conduct periodic reviews, (3) finalize and disseminate an agency-wide privacy policy, (4) finalize and timely implement a comprehensive quality assurance program, and (5) develop a process to consolidate all quality assurance reviews, identify the specific complaints reviewed and track the reviews. 

With regard to the OIG’s privacy recommendation, the OIG found that, even though the CFPB has been collecting consumer complaint information since July 2011, it did not have an agency-wide privacy policy (which has been in draft form since at least February 2012.)  In June 2012, we wrote about a letter sent to CFPB Director Cordray by five U.S. Senators asking how the CFPB planned to address various problems identified in the Government Accountability Office’s report issued in May 2012, including the absence of an agency-wide information security program for the information and information systems that support the CFPB’s financial reporting, operations, and assets.  In that letter, the Senators raised the concern that similar deficiencies could threaten the security of data that relates to its supervisory activities, such as consumer complaint data.    

One of the OIG’s tasks was to assess the CFPB’s coordination with federal and state agencies regarding the processing and referral of complaints. The OIG noted that the CFPB anticipates an increase in referrals from state agencies as the CFPB begins accepting complaints about nonbank products.  According to the OIG, although the CFPB has been receiving referrals from state agencies by regular mail, the CFPB has met with state regulators to discuss the creation of secure website through which state regulators can access the complaint system and to develop other methods state agencies can use to send complaints to the CFPB.  The OIG was told by the CFPB that the first version of the secure website for state agency referrals was tentatively scheduled to begin operating in the fourth quarter of 2012.