Internal Control Deficiencies

In September 2016, Consumer Financial Protection Bureau (CFPB) fined Wells Fargo
bank $100 Million for widespread illegal practice of secretly opening unauthorized
Read the attached enforcement notification dated September 08, 2016, by CFPB of the
action it has taken and answer the following questions.

  1. Discuss in your own words, the details of alleged illegal practice of opening
    credit card accounts on behalf of consumers without authorization. You should
    explain the circumstances leading to this practice and how it could be done by
    the employees.
  2. Describe a well-designed internal control that would have prevented such
    unauthorized openings by the employees of the bank. You should identify and
    discuss a specific preventive internal control in detail.
  3. Discuss a detective control that could detect such unauthorized openings and
    alert senior management. You should identify and describe a specific

Name your file ‘Internal Control Deficiencies_your Last Name’. Include your
name within the file also.
Attached: CFPB Enforcement Action Notification of Sept 8 2016 regarding
Wells Fargo
Here is the CFPB Enforcement Action Notification notes:
Consumer Financial Protection Bureau Fines Wells Fargo $100
Million for Widespread Illegal Practice of Secretly Opening
Unauthorized Accounts
Bank Incentives to Boost Sales Figures Spurred Employees to Secretly Open
Deposit and Credit Card Accounts
SEP 08, 2016
WASHINGTON, D.C. — Today the Consumer Financial Protection Bureau (CFPB) fined Wells
Fargo Bank, N.A. $100 million for the widespread illegal practice of secretly opening
unauthorized deposit and credit card accounts. Spurred by sales targets and compensation
incentives, employees boosted sales figures by covertly opening accounts and funding them by
transferring funds from consumers’ authorized accounts without their knowledge or consent,
often racking up fees or other charges. According to the bank’s own analysis, employees opened
more than two million deposit and credit card accounts that may not have been authorized by
consumers. Wells Fargo will pay full restitution to all victims and a $100 million fine to the
CFPB’s Civil Penalty Fund. The bank will also pay an additional $35 million penalty to the
Office of the Comptroller of the Currency, and another $50 million to the City and County of
Los Angeles.
“Wells Fargo employees secretly opened unauthorized accounts to hit sales targets and receive
bonuses,” said CFPB Director Richard Cordray. “Because of the severity of these violations,
Wells Fargo is paying the largest penalty the CFPB has ever imposed. Today’s action should
serve notice to the entire industry that financial incentive programs, if not monitored carefully,
carry serious risks that can have serious legal consequences.”
The full text of the CFPB’s Consent Order can be found at:
Wells Fargo, headquartered in Sioux Falls, S.D., is one of the biggest banks in the country and
offers many consumer financial products and services, including savings and checking accounts,
credit cards, debit and ATM cards, and online-banking services. In recent years, the bank has
11/12/2020 Order 330860468 3/4
sought to distinguish itself in the marketplace as a leader in “cross selling” these products and
services to existing customers who did not already have them. When cross selling is based on
efforts to generate more business from existing customers based on strong customer satisfaction
and excellent customer service, it is a common and accepted business practice. But here the bank
had compensation incentive programs for its employees that encouraged them to sign up existing
clients for deposit accounts, credit cards, debit cards, and online banking, and the bank failed to
monitor the implementation of these programs with adequate care.
According to today’s enforcement action, thousands of Wells Fargo employees illegally enrolled
consumers in these products and services without their knowledge or consent in order to obtain
financial compensation for meeting sales targets. The Dodd-Frank Wall Street Reform and
Consumer Protection Act prohibits unfair, deceptive, and abusive acts and practices. Wells
Fargo’s violations include:
Opening deposit accounts and transferring funds without authorization: According to the
bank’s own analysis, employees opened roughly 1.5 million deposit accounts that may not have
been authorized by consumers. Employees then transferred funds from consumers’ authorized
accounts to temporarily fund the new, unauthorized accounts. This widespread practice gave the
employees credit for opening the new accounts, allowing them to earn additional compensation
and to meet the bank’s sales goals. Consumers, in turn, were sometimes harmed because the
bank charged them for insufficient funds or overdraft fees because the money was not in their
original accounts.
Applying for credit card accounts without authorization: According to the bank’s own
analysis, Wells Fargo employees applied for roughly 565,000 credit card accounts that may not
have been authorized by consumers. On those unauthorized credit cards, many consumers
incurred annual fees, as well as associated finance or interest charges and other fees.
Issuing and activating debit cards without authorization: Wells Fargo employees requested
and issued debit cards without consumers’ knowledge or consent, going so far as to create PINs
without telling consumers.
Creating phony email addresses to enroll consumers in online-banking services: Wells
Fargo employees created phony email addresses not belonging to consumers to enroll them in
online-banking services without their knowledge or consent.
Enforcement Action
Under the Dodd-Frank Wall Street Reform and Consumer Protection Act, the CFPB has the
authority to take action against institutions violating consumer financial laws, including engaging
in unfair, deceptive, or abusive acts or practices. Today’s order goes back to Jan. 1, 2011.
Among the things the CFPB’s order requires of Wells Fargo:
Pay full refunds to consumers: Wells Fargo must refund all affected consumers the sum
of all monthly maintenance fees, nonsufficient fund fees, overdraft charges, and other
fees they paid because of the creation of the unauthorized accounts. These refunds are
expected to total at least $2.5 million. Consumers are not required to take any action to
get refunds to which they are entitled.
Ensure proper sales practices: Wells Fargo must hire an independent consultant to
conduct a thorough review of its procedures. Recommendations may include requiring
employees to undergo ethical-sales training and reviewing the bank’s performance
measurements and sales goals to make sure they are consistent with preventing improper
sales practices.
Pay a $100 million fine: Wells Fargo will pay a $100 million penalty to the CFPB’s
Civil Penalty Fund. Today’s penalty is the largest the CFPB has imposed to date.
11/12/2020 Order 330860468 4/4
The Consumer Financial Protection Bureau is a 21st century agency that helps consumer finance
markets work by making rules more effective, by consistently and fairly enforcing those rules,
and by empowering consumers to take more control over their economic lives. For more
information, visit

Sample Solution