If you are asking if the regulators have a general ranking of risk by regulation, e.g., Reg Z is more important than Reg. DD, we don't do that, at least not globally.
In a specific institution, however, we will eventually arrive at such a conclusion by looking at several factors. This is hard to quantify, but the factors may be categorized as either internal, public (or external) and regulatory. The factors include:
o Volume of transactions pertinent to any specific regulation;
o Complexity of transactions (e.g., ARMs with PMI & introductory teaser rates pose more risk of noncompliance than some other loans);
o Reliability/effeciveness of the bank's compliance audits;
o The bank's history of compliance, including the ability to assimilate new regulations;
o Changes that have occurred since the last exam in personnel, policies, procedures, hardware, software, and delivery channels;
o Consumer complaint information
After considering all that, it becomes apparent to us which areas we need to focus on. AR.