Does anyone have a list of possible penalties by regulation handy that they can share? I am completing a risk assessment and our internal audit is suggesting that a more thorough breakdown be added. If you could it would be greatly appreciated. Thanks in advance.

It is a difficult task, For example, you can have a number of different violations under Regulation Z and they all could have separate penalties. Then you have the civil liability potential and the potential for penalties from your regulators.

The overriding hammer on each and every regulatory issue are the FIRREA penalties available to the regulators. I am not sure why you really need to go further than that in any risk assessment. Sounds like a lot of busy work to me.

For our size I agree, however it was an open item before I took over the roll so I am just trying to give them all they want in one shot. Looking for more a generalized list. Such as Reg B- CMP, Civil Liability. Reg E same plus criminal liability. Thank you.

FDIC CMPS

https://www.govinfo.gov/content/pkg/FR-2020-01-14/pdf/2020-00217.pdf

The rest you will have research each regulation. I am not aware of a list.

Thanks again. That may be very useful.

I tried to compile such a "list of horribles" about 30 years ago and finally gave up--for the reasons Randy cites. Instead of quantifying risk in terms of dollar penalties, I divided the world of legal/regulatory risks into two major categories: those with unacceptable risks, and everything else. Unacceptable risks included non-compliance that laws/regs with criminal penalties. (I didn't want to go to jail and assumed all my fellow employees felt the same way.) Also included were laws/regs with penalties that could threaten the free exercise of our charter. Also on my "unacceptable" list were violations of laws that would undermine public trust and respect for our company (discrimination, money laundering, kickbacks, and other subjects you NEVER want to to see in the news.) Finally, my unacceptable risks included ANY violation of ANY law/reg that our regulators could cite as a repeat offense. Repeat violations damage your credibility and competence in the eyes of your most vigilant and best-armed critic.

Thanks. That is following my train of thought kind of. Reputation risk, , Criminal liability , Civil liability and CMP/restitution. Thanks again. .