5 Top Findings in Fair Lending Audits – And How to Avoid Them

Fair lending compliance remains a top priority for regulators – and a growing concern for financial institutions of all sizes. Whether you’re a community bank, credit union, or fintech lender, regulators like the CFPB, DOJ, and prudential regulators expect your lending practices to be equitable, well-documented, and free from discriminatory effects, both intentional and unintentional.

In recent years, fair lending audits and exams have intensified, with particular scrutiny on redlining, pricing disparities, underwriting discretion, and the effectiveness of fair lending risk management programs. Institutions found lacking can face reputational harm, enforcement actions, and significant civil penalties.

To help you prepare and stay ahead, we’ve outlined the five most common findings identified in fair lending audits – along with practical tips to avoid them. Whether you’re preparing for an upcoming review or strengthening your compliance program, this guide will help you reduce risk and demonstrate a strong commitment to equitable lending.


Inadequate Fair Lending Risk Assessments

A comprehensive fair lending risk assessment is the cornerstone of a sound compliance program. Yet, one of the most common audit findings is that institutions either lack a risk assessment entirely or are using a generic, outdated version that fails to reflect their current operations.

Why It Matters

Regulators expect institutions to identify, measure, and manage fair lending risk across all facets of their business. Without a current and tailored risk assessment, institutions lack the insight needed to prioritize controls, mitigate issues, and demonstrate regulatory awareness.

Common Issues Identified in Audits

  • No formal risk assessment conducted
  • Assessments copied from templates with little customization
  • Failure to evaluate new or higher-risk products, such as non-QM loans or fintech-driven originations
  • No consideration of marketing or digital channels
  • Risk ratings not supported by clear methodologies or data

How to Avoid This Finding

  • Conduct risk assessments at least annually or whenever there are material changes in products, services, or markets served.
  • Ensure your assessment includes a review of:
    • Loan products and terms (e.g., pricing discretion, underwriting models)
    • Marketing and outreach practices (e.g., digital vs. traditional advertising)
    • Geographic distribution and market penetration (to identify redlining risk)
    • Third-party partnerships (especially those involved in underwriting or servicing)
  • Clearly document how risk ratings are assigned (e.g., inherent vs. residual risk).
  • Engage an independent third party like RADD to perform or validate your assessment for greater objectivity and regulatory credibility.

A strong, data-driven risk assessment not only helps you avoid audit findings, but it forms the foundation for a proactive, resilient fair lending compliance program.


Disparities in Loan Denial or Pricing Outcomes

One of the most serious – and frequently cited – findings in fair lending audits is the presence of statistically significant disparities in loan denials or pricing among applicants of different race, ethnicity, gender, or other protected characteristics.

Why It Matters

Regulators use data analysis to detect patterns of potential discrimination. If a protected group is disproportionately denied loans or charged higher interest rates or fees, it may indicate disparate treatment or disparate impact – even without intent. These findings can lead to enforcement actions, reputational damage, and costly remediation.

Common Issues Identified in Audits

  • No internal analysis of loan data by prohibited basis group
  • Overreliance on automated underwriting with no monitoring for bias
  • Manual overrides or pricing exceptions not adequately documented
  • Lack of controls around discretionary pricing (e.g., rate negotiation by loan officers)

How to Avoid This Finding

  • Analyze your lending data regularly for disparities in approvals, denials, pricing, and loan terms across different demographic groups.
  • Implement robust controls around discretionary pricing and document all exceptions with clear, legitimate business justifications.
  • Train underwriters and loan officers to apply criteria consistently and avoid subjective decision-making that can lead to unintentional bias.
  • Use fair lending regression analysis or matched-pair testing to detect and address any disparities proactively.
  • Review and monitor performance of automated decisioning models for potential bias, and adjust or add overlays as needed.

Identifying and remediating disparities before an examiner does is essential to maintaining compliance and demonstrating your institution’s commitment to fair and equitable lending.


Weak or Incomplete Policies and Procedures

Another top fair lending audit finding is the absence of detailed, institution-specific policies and procedures. Even when policies exist, they often lack sufficient depth or fail to reflect actual practices—leaving regulators with the impression that fair lending compliance is an afterthought.

Why It Matters

Policies and procedures provide the framework for how fair lending is managed, monitored, and enforced throughout the organization. Weak documentation signals a lack of oversight and increases the risk of inconsistent practices that can lead to discrimination or regulatory violations.

Common Issues Identified in Audits

  • Generic policies that don’t reflect the institution’s specific lending activities, risks, or markets
  • Policies that fail to reference applicable laws and regulations (e.g., ECOA/Reg B, FHA)
  • Missing procedures for pricing, exceptions, third-party oversight, and complaint handling
  • No documentation of how the institution monitors for or escalates fair lending issues

How to Avoid This Finding

  • Develop and maintain comprehensive fair lending policies and procedures that:
    • Reference applicable laws and regulations.
    • Address all stages of the credit lifecycle, including advertising, application, underwriting, pricing, and servicing.
    • Include specific controls for discretionary practices, pricing exceptions, and manual underwriting.
    • Outline how complaints and potential violations are investigated and escalated
  • Update policies at least annually or following significant changes in business practices, lending channels, or regulatory expectations.
  • Ensure procedures are consistent with actual day-to-day operations and that staff are trained to follow them.
  • Incorporate fair lending controls into broader compliance management systems (CMS), including monitoring and internal audit functions.

Robust policies and procedures provide a clear signal to regulators that fair lending is a strategic and operational priority.


Insufficient Training Programs

Even the most well-written policies are ineffective without proper training. One of the most common fair lending audit findings is inadequate or inconsistent training—particularly for staff in high-risk roles like lending, underwriting, and marketing.

Why It Matters

Training is critical for ensuring that employees understand fair lending laws and know how to apply them in their daily responsibilities. Examiners often review training materials, attendance logs, and role-specific curricula to evaluate whether an institution is effectively mitigating the risk of discriminatory practices.

Common Issues Identified in Audits

  • Generic, one-size-fits-all training with limited relevance to specific job functions
  • Training completed once at onboarding but not refreshed annually
  • No evidence of board or executive-level training
  • Failure to document completion, participation, or comprehension

How to Avoid This Finding

  • Implement role-specific training tailored to key risk areas, such as:
    • Lending and underwriting staff: consistent application of criteria, identifying red flags, and handling exceptions
    • Marketing teams: inclusive outreach and avoiding discriminatory language or targeting
    • Executive leadership and board: regulatory expectations, oversight responsibilities, and fair lending risk management
  • Ensure all staff complete annual refresher training, with updated regulatory guidance and internal policy changes.
  • Incorporate real-world examples, case studies, and common pitfalls to increase engagement and retention.
  • Track and retain training records including completion dates, roles trained, and content covered.

When training is meaningful, relevant, and consistent, it becomes a powerful tool in preventing fair lending violations and a strong signal to regulators that your institution takes compliance seriously.


Redlining Risk and Marketing Disparities

Redlining—the practice of denying or limiting credit services to residents of certain geographic areas based on race or ethnicity—remains a major focus for federal and state regulators. Examiners are scrutinizing marketing practices, branch locations, and loan distribution patterns for signs that institutions may be avoiding minority or low-to-moderate income (LMI) communities.

Why It Matters

Redlining allegations often lead to major enforcement actions and settlements. Even if unintentional, disparities in outreach or service delivery can result in claims that your institution is failing to meet the credit needs of all segments of its market area, especially majority-minority neighborhoods.

Common Issues Identified in Audits

  • Loan originations concentrated in majority-white neighborhoods with limited activity in nearby majority-minority areas
  • Marketing campaigns that only target affluent or non-diverse areas
  • Lack of presence (physical or digital) in underserved communities
  • No documentation of outreach efforts to LMI or minority populations
  • Failure to monitor third-party originators (e.g., fintech or broker partners) for equitable distribution

How to Avoid This Finding

  • Conduct a redlining self-assessment that analyzes geographic loan distribution against demographic data, including majority-minority census tracts.
  • Use mapping tools and overlays to identify service gaps and areas of potential concern.
  • Ensure marketing campaigns are inclusive, accessible, and representative of your entire service area.
  • Expand outreach to underserved communities through community partnerships, targeted campaigns, and diverse media channels.
  • Monitor and document the efforts and performance of any third-party originators or digital partners to ensure fair lending expectations are upheld.
  • Consider expanding digital access channels to reach historically underserved areas, especially if you lack a physical presence.


How RADD Can Help

Fair lending compliance is complex, high-stakes, and constantly evolving. At RADD, we specialize in helping financial institutions and fintechs build, assess, and strengthen their fair lending programs—so you’re not just audit-ready, but confident in your risk management.

Here’s how we can support your team:

  • We conduct independent, tailored risk assessments that evaluate your products, marketing, underwriting, pricing, and geographic reach—providing actionable insights and risk ratings.
  • RADD performs mock fair lending audits to help you identify potential issues before regulators do. We’ll walk you through the process, highlight gaps, and recommend corrective actions.
  • Whether you need to build fair lending policies from the ground up or refresh outdated procedures, our team ensures your documentation aligns with both regulatory expectations and your actual practices.
  • From denial disparity reviews to regression analysis, we help you monitor lending outcomes and identify any indicators of bias or disparate treatment—before they become a finding.

We design and deliver engaging, role-specific fair lending training for staff, management, and boards—reinforcing expectations and reducing compliance risk at every level.


Conclusion: Innovation Requires Oversight

Fair lending compliance is a commitment to equitable access to credit and responsible business practices. As regulatory scrutiny continues to increase, financial institutions must proactively address the most common audit findings: from weak risk assessments and data disparities to inadequate policies, training gaps, and redlining risk.

Fair lending violations don’t always stem from intent – more often, they result from gaps in oversight, inconsistent practices, or outdated compliance frameworks. As regulatory agencies sharpen their focus on fair lending risks, institutions that fail to prepare are at greater risk for findings, penalties, and reputational damage.

The good news? These top audit findings are preventable. With the right policies, data monitoring, training, and risk assessment processes in place, your institution can confidently demonstrate its commitment to equitable lending and regulatory compliance.

RADD is here to help.
Whether you’re preparing for an exam or simply strengthening your internal controls, we can help you stay ahead of regulatory expectations and reduce your fair lending risk.

Schedule a consultation with RADD today to learn how we can support your fair lending compliance goals.
Click here
to book your session.