With the arrival of a new administration, the Consumer Financial Protection Bureau (CFPB) shut down, and a regulatory freeze halting the creation of new rules and delaying others, navigating lending compliance in 2025 is off to a complicated start. Amid so much change, financial institutions (FIs) must ensure their lending compliance management programs are primed and ready to navigate internal challenges, evolving regulations, and external events.
How can FIs improve their lending compliance management processes in a complex regulatory environment? Here are some best practices and tips for navigating the major areas in 2025 and beyond.
Related: 1071 is in regulatory limbo, leaving compliance officers wondering how to deal with the confusion. Stay current on the latest Section 1071 updates.
1. Study the data
As a lender, you gather a lot of data. Poor collection and analysis can lead to issues for your FI in the future, as penalties can stem from violations stretching back several years.
When evaluating a data point, view it with a fair lending lens. Consider its purpose and how it relates to other data. Some questions to consider: What does this data reveal about our lending practices? What discretionary decisions can our lending team make that will be reflected in these data points? Does our pricing or fee policy allow for exceptions or discretions?
Related: The Difference Between Data Privacy and Security
2. Revisit risk assessments
In a rapidly changing environment, dynamic risk management isn’t just best practice; it’s a must — especially for your institution’s fair lending risk assessment.
A fair lending risk assessment identifies inherent risk, evaluates existing controls, and determines residual risk. Review your assessment areas using look-back periods for areas such as the Community Reinvestment Act (CRA). For retail lending assessment areas, focus on data from 2024 and 2025 to prepare for changes in 2026.
As your FI gains more insights on specific regulations (i.e., 1071, HMDA compliance, etc.), revisit your risk assessments as needed to reflect needed changes, such as newly identified gaps in controls and higher-risk areas. Remember: fair lending is centered on discrimination. Ultimately, your risk assessment should answer, “What is the risk that our institution is discriminating in a particular area or against a particular group?”
Related: Fair Lending Risk Assessments: Absolutely Everything You Need to Know
3. Upgrade your staff training
Regardless of their role, your FI’s employees—including loan officers, underwriters, appraisers, and marketing specialists—must be trained and able to adhere to the latest fair lending best practices.
Recent research reveals a high rate of gaps in submitted demographic information by loan officers, underscoring the importance of providing clear, easy-to-understand training material for loan officers to ensure they are comfortable and knowledgeable about data collection practices.
Provide tailored training for your team members on fair lending laws, data collection requirements, and bias prevention. Real-world examples and case studies are ideal for emphasizing practical compliance applications.
Related: 8 Red Flags Indicating Potential Fair Lending Risk
4. Consider controls
Establishing the right controls is crucial to ensuring the accuracy of your data collection and risk assessment processes.
A control is a measure, process, or mechanism that mitigates risk. In a fair lending scenario, controls are designed to reduce the likelihood of fair lending-related risk.
Reevaluate your existing controls to ensure effectiveness and add new controls to enhance data accuracy. For example, preventative controls include your fair lending risk assessment, vendor oversight, loan underwriting guidelines, and data collection and analysis.
Related: Risk Management Controls in Banking
5. Ensure cross-department collaboration
A strong lending compliance management program isn’t just the job of your compliance team; it involves multiple team members across departments working together.
Ensure your board members and senior leadership team are educated on relevant regulatory priorities and their role in fostering a compliance culture. While specific regulations may be stalled, their support will be crucial later during implementation or for change management processes.
Related: What are the Three Lines of Defense in a Compliance Management System?
6. Strengthen community engagement
During the Interagency Fair Lending webinar, the Federal Reserve stressed the importance of intentionality in lenders’ marketing and outreach efforts. While often overlooked, effective engagement with the community is vital for meeting CRA objectives and other fair lending obligations.
Some common oversight examples include a lack of targeted mortgage marketing in Assessment Areas (AAs) or credit market areas and non-diverse advertising models.
As you focus on fair lending and CRA, use your analysis and review processes to enhance community outreach and marketing strategies and ensure they reach the right audiences.
7. Study your peers
Regulators will analyze your institution's performance, protocols, and processes against those of your peers, so it's crucial to stay updated on what similarly regulated financial institutions are doing right and wrong.
For example, suppose a peer institution receives a consent order for redlining risk. In that case, your FI can use that resource to gain insights into compliance expectations and address similar challenges your organization may face. You can also use your peers' challenges to create a proactive strategy to address worst-case compliance scenarios.
Related: Risk Management: How Do You Measure Up?
8. Don’t forget about AI risk
Artificial intelligence (AI) has been a hot topic under the new administration, but as any emerging technology grows, it presents new risks.
The new year is an ideal time to revisit your internal systems utilizing AI to ensure transparency, accountability, and considerations of bias and fairness. Also, evaluate your vendors’ systems for common third-party AI-related risks, such as data and black box-related risks.
Related: Sign up for regulatory updates to stay on top of the latest AI regulatory changes, news, and enforcement actions.
9. Track the metrics
The saying goes, “You can’t manage what you can’t measure.” When it comes to fair lending and compliance, some common key risk indicators (KRIs) to look for include the rate of compliance training completion, consumer complaints, and the number of policy exceptions.
Key performance indicators (KPIs) also signal whether an institution is meeting its risk management goals. Link team and individual goals to compliance-related outcomes, such as loan distribution in underserved areas or improved data collection accuracy. Clear KPIs tied to compliance objectives ensure accountability at all levels.
Related: Key Compliance Indicators for Financial Institutions
10. Take advantage of lending compliance software
Staying on top of the latest compliance updates in a fast-evolving regulatory landscape is challenging for teams of all sizes and resources. The right compliance management services can empower your compliance team and broader organization by consolidating the most important tasks, from increasing your team’s visibility to changing fair lending regulations to data reporting and contract management.
Keeping your lending compliance management program updated
Fair lending will continue to be a priority for regulators regardless of the current climate. That’s why FIs must ensure compliance and actively identify, monitor, and assess fair lending risks.
The actions your financial institution takes — or fails to take — to improve your lending compliance now may be evaluated in three to five years. Are you prepared?
Get the latest on regulatory expectations and enforcement during our February webinar.
Subscribe to the Nsight Blog
Share this
What Is Compliance Risk?
Lending Compliance: Building Up the Three Lines of Defense
