Skip to content
GeoDataVision
Thread Options
#788123 - 08/02/07 06:12 PM Consumer Credit Report--Audit??
In Need of Help 101 Offline
Platinum Poster
Joined: Jan 2006
Posts: 574
Would anyone be willing to share if your bank audits the credit reports that are pulled by various employees?

If so, what method you do you use for auditing this task?

If not, do you feel the risk is not worth the time spent in auditing?

Return to Top
Lending Compliance
#788139 - 08/02/07 06:24 PM Re: Consumer Credit Report--Audit?? In Need of Help 101
Dan Persfull Online
10K Club
Dan Persfull
Joined: Aug 2002
Posts: 46,839
Bloomington, IN
I audit it semi-annually. I get a copy of our billing statements, which is itemized by name, and I pull a sampling of those files to insure we did have a legitimate purpose to pull the report.
_________________________
The opinions expressed are mine and they are not to be taken as legal advice.

Return to Top
#788194 - 08/02/07 06:48 PM Re: Consumer Credit Report--Audit?? Dan Persfull
In Need of Help 101 Offline
Platinum Poster
Joined: Jan 2006
Posts: 574
Do examiners ask if we audit this process?

If our bank pulls approximately 100 reports per billing cycle, what percentage would you recommend verifying?

Return to Top
#788211 - 08/02/07 06:55 PM Re: Consumer Credit Report--Audit?? In Need of Help 101
Dan Persfull Online
10K Club
Dan Persfull
Joined: Aug 2002
Posts: 46,839
Bloomington, IN
In our last audit, FDIC, they did. However in the previous audit they did not.

As for the percentage that it is a risk factor for you to determine. If this is your first audit I might suggest 25 to 30%. And if the audit is satisfactory scale it back in the next audit to 15 or 20% and if the results are still satisfactory do 10% from that point on, with the understanding that if you discover inequities in any of the audits that you would increase your sampling.
_________________________
The opinions expressed are mine and they are not to be taken as legal advice.

Return to Top
#788422 - 08/02/07 08:45 PM Re: Consumer Credit Report--Audit?? In Need of Help 101
Kari Offline
100 Club
Kari
Joined: Sep 2002
Posts: 131
PA
I audit annually. However our loan officers each go through the credit report billing at month end and compare it to our new loans, rewrites, delinquencies, etc. to see that all reports pulled are valid. I usually go through most of the reports...the last couple I did all. Although we only have 4 branches and only certain employees can pull credit reports. Our OCC examiners seemed okay with that method. Anyway you look at it, any audit is time consuming.

Return to Top
#788464 - 08/02/07 09:18 PM Re: Consumer Credit Report--Audit?? Kari
deh Offline
Platinum Poster
Joined: Mar 2006
Posts: 866
Okay I have a question since we are talking about auditing these. My job has almost become impossible because I have to go through 13 pages of credit report billing every 2-weeks with no way to track who pulled the report, if I can't find the customer on the system or as a denied file.

Does each of your User's who pull the credit reports have their own sign on so that you can identify who pulled the credit report?

Return to Top
#788575 - 08/02/07 11:52 PM Re: Consumer Credit Report--Audit?? deh
Dan Persfull Online
10K Club
Dan Persfull
Joined: Aug 2002
Posts: 46,839
Bloomington, IN
Ours do.
_________________________
The opinions expressed are mine and they are not to be taken as legal advice.

Return to Top
#788579 - 08/03/07 12:43 AM Re: Consumer Credit Report--Audit?? Dan Persfull
rlcarey Offline
10K Club
rlcarey
Joined: Jul 2001
Posts: 79,633
Galveston, TX
For those of you wondering if you should be looking at this internally, I would suggest you review the Interagency FCRA Examination procedures. The regulatory examiners will be looking, that is for sure:

Preamble

Institution Procedures. Given the preponderance of electronically available information and the growth of identity theft, financial institutions should manage the risks associated with obtaining and using consumer reports. Financial institutions should employ procedures, controls, or other safeguards to ensure that consumer reports are obtained and used only in situations for which there are permissible purposes. Access to, and storage and destruction of this information is dealt with under an institution’s Information Security Program; however, obtaining consumer reports initially must be done in compliance with the FCRA.

Exam Procedures
Section 604 Permissible Purposes of Consumer Reports and

4. Evaluate the institution’s procedures to ensure that consumer reports are obtained only for permissible purposes. Confirm that the institution certifies to the consumer reporting agency the purposes for which it will obtain reports. (The certification is usually contained in a financial institution’s contract with the consumer reporting agency.)

5. If procedural weaknesses are noted or other risks requiring further investigation are noted, such as the receipt of several consumer complaints were received, review a sample of consumer reports obtained from a consumer reporting agency and determine whether the financial institution had permissible purposes to obtain the reports.

• For example, obtain a copy of a billing statement or other list of consumer reports obtained by the financial institution from the consumer reporting agency for a period of time.
• Compare this list, or a sample from this list to the institution’s records to ensure that there is a permissible purpose for the report(s) obtained. This could include any permissible purpose, such as the consumer applied for credit, insurance, or employment, etc. The financial institution may also obtain a report in connection with the review of an existing account.
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top

Moderator:  Andy_Z