Will you be Regulator Ready for your next Flood Disaster Protection Act [FDPA] Examination?
Written by Donald J. Brown, Navigator Consulting, Senior Advisor for Tellum
When did you last conduct a review of your institution’s Flood Disaster Protection Act [FDPA] Compliance Program?
Historically, when lenders fail to regularly test the effectiveness of their Program’s top of the house FDPA Policy, Line of Business FDPA Procedures and other risk controls, that omission could result in unnecessary regulatory scrutiny and costly monetary penalties. Enforcement actions continue to uncover numerous deficiencies among lender controls, which often result in potential financial penalties and costly remediation fire drills to enhance outdated controls and address inconsistent practices.
The key to success is centered in developing an enhanced and battle-ready understanding of FDPA compliance requirements and implementing robust, regulatory compliance controls such as:
- Proactive preventive controls, which are designed to prevent violations of law:
- Developing key automated systemic controls [in-house and third-party vendors]
- Providing comprehensive, role specific employee training
- Effective detective controls that identify existing risks or issues and promptly remediate:
- Conducting Internal audits
- Performing regular Testing & Monitoring [T&M] to measure control effectiveness
- Remedial corrective controls that resolve issues identified through preventive or detective controls:
- Completing a root cause analysis
- Document quality control actions taken to address issues for examiners to review
Best Practices to Ensure FDPA Compliance:
- Create and regularly maintain an enterprise-wide FDPA Risk Assessment to evidence ongoing prudent regulatory management to internal auditors and external regulators.
- Maintain a scalable and sustainable FDPA Compliance Program which enables an ongoing proactive approach to address matters requiring attention.
- Provide regular and role specific regulatory training to include loan officers, processors, compliance staff, vendors and senior management to address regulatory updates and reinforce key concepts. Document training completion for review by examiners.
- Prevent violations of law through regular reviews of and enhancements made to the FDPA Program to ensure lessons learned from T&M and audits have been implemented and correct regulatory deficiencies before they become regulatory violations.
- Review the Corporate FDPA Policy and Line of Business FDPA Procedures to ensure a consistent, congruent and seamless regulatory Compliance Program.
- Perform quality control exercises and audits to identify systemic errors and manually review all mission critical processes.
Most common FDPA violations cited by regulators in 2025 include:
- Failing to obtain the mandated flood insurance coverage before making, increasing, renewing or extending [MIRE] a designated loan
- Failure to provide the required “Notice” to the borrower
- Failure to force [lender] – placed, the mandated type and amount of insurance coverage when a coverage deficiency is identified
FDIC – Consumer Compliance Supervisory HIGHLIGHTS March 2026
