Discover Financial Services disclosed it avoided a monetary penalty in agreeing to a consent order with the Federal Deposit Insurance Corporation (FDIC) over alleged compliance shortcomings at its subsidiary bank.

Discover Bank agreed to improve its consumer compliance management system and enhance corporate governance, enterprise risk management, and board oversight, the company disclosed Friday.

Discover noted potential monetary penalties from the FDIC or other regulators over card product misclassification allegations disclosed in August are still pending.

The details: Discover agreed to the consent order regarding the findings of a consumer compliance review by the FDIC in October 2021.

The review, which also included the Consumer Financial Protection Bureau, found failures to establish and maintain a compliance management system to comply with consumer financial protection laws, including regarding board of directors and bank management oversight and commitment. The alleged lapses led to change management and third-party risk management deficiencies at Discover.

The bank agreed to overhaul its supervision, oversight, and monitoring systems by implementing enterprise risk management and corporate governance frameworks and consumer compliance and compliance vendor management programs, the order stated.

On Sept. 5, Discover announced the appointment of Kathy Lonowski, former FDIC San Francisco regional director, to its board of directors. She brings 38 years of bank regulatory experience.

The order requires certain undertakings by the board, including:

  • Clearly communicating compliance and ethics expectations;
  • Ensuring the bank establishes and maintains proactive and effective risk and governance frameworks and compliance programs;
  • Staffing of one or more compliance officers;
  • Documenting robust consumer compliance-related discussions; and
  • Ensuring the bank’s internal audit is appropriate for its size.

Company response: In an emailed statement, a Discover spokesperson said the company “takes its business practices and compliance seriously.”

“We have been working closely with the FDIC regarding the previously disclosed consent order and are committed to ensuring all requirements of the consent order are met,” the statement said. “Discover continues to enhance its corporate governance and enterprise risk management practices and has taken significant steps to address the issues identified.”

Discover agreed to the order without admitting or denying the FDIC’s findings.