Compliance Documentation Gap Report

Prepared for Sample Consumer Disclosures | April 02, 2026 | Generated by FinCompliance

0/100
Compliance Documentation Score
29
Errors (must fix)
18
Warnings (should fix)
0
Suggestions

Detailed Findings

[ERROR] DocumentMetadata: Missing required metadata: 'Effective Date'. All compliance documents must include an effective date.
[ERROR] DocumentMetadata: Missing required metadata: 'Last Reviewed'. Examiners check that policies are reviewed regularly.
[ERROR] DocumentMetadata: Missing required metadata: 'Next Review Date'. Demonstrates commitment to ongoing review.
[ERROR] DocumentMetadata: Missing required metadata: 'Approved By'. Documents must show who authorized the policy.
[ERROR] DocumentMetadata: Missing required metadata: 'Version'. Version control is required for audit trail.
[ERROR] BSA_FivePillars: BSA/AML policy is missing required pillar: 'Internal Controls'. (FFIEC BSA/AML Manual, Core Overview)
[ERROR] BSA_FivePillars: BSA/AML policy is missing required pillar: 'Independent Testing'. (FFIEC BSA/AML Manual, Core Overview)
[ERROR] BSA_FivePillars: BSA/AML policy is missing required pillar: 'Designated BSA Compliance Officer'. (FFIEC BSA/AML Manual, Core Overview)
[ERROR] BSA_FivePillars: BSA/AML policy is missing required pillar: 'Training'. (FFIEC BSA/AML Manual, Core Overview)
[ERROR] BSA_FivePillars: BSA/AML policy is missing required pillar: 'Customer Due Diligence'. (FFIEC BSA/AML Manual, Core Overview)
[WARNING] BSA_CTRRequirements: CTR section may be missing: '$10,000 threshold'. (31 CFR 1010.310)
[WARNING] BSA_CTRRequirements: CTR section may be missing: 'Aggregation rules'. (31 CFR 1010.310)
[WARNING] BSA_CTRRequirements: CTR section may be missing: 'Structuring monitoring'. (31 CFR 1010.310)
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'may apply'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] RegE_IllegalPreconditions: Reg E illegal precondition: 'must file a police report'. Institutions cannot require this as a condition for error resolution investigation (12 CFR 1005.11). Remove or rephrase as optional.
[ERROR] RegE_IllegalPreconditions: Reg E illegal precondition: 'notarized affidavit'. Institutions cannot require this as a condition for error resolution investigation (12 CFR 1005.11). Remove or rephrase as optional.
[ERROR] RegE_IllegalPreconditions: Reg E illegal precondition: 'must visit a branch'. Institutions cannot require this as a condition for error resolution investigation (12 CFR 1005.11). Remove or rephrase as optional.
[ERROR] RegE_IllegalPreconditions: Reg E illegal precondition: 'Written statement required before'. Institutions cannot require this as a condition for error resolution investigation (12 CFR 1005.11). Remove or rephrase as optional.
[WARNING] RegE_MissingDisclosures: Reg E disclosure concern: 'see separate disclosure'. Ensure EFT disclosures address all elements required by 12 CFR 1005.7.
[WARNING] RegE_MissingDisclosures: Reg E disclosure concern: 'refer to your account agreement'. Ensure EFT disclosures address all elements required by 12 CFR 1005.7.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'fees may apply'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'Your actual payment'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'Additional fees may'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'We reserve the right to change'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'without prior notice'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'Pricing subject to'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'may be larger'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'Rates may fluctuate'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'Results may vary'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'Terms and conditions may'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[ERROR] UDAAP_DeceptiveLanguage: UDAAP risk: 'at our sole discretion'. CFPB flags imprecise conditional language that obscures costs or terms. Provide exact figures and conditions.
[WARNING] UDAAP_DeceptiveSpeed: UDAAP deceptive speed claim: 'Money in seconds'. CFPB flags absolute temporal claims when actual processing times differ. Add disclaimers or use accurate language.
[WARNING] UDAAP_DeceptiveSpeed: UDAAP deceptive speed claim: 'real-time payment'. CFPB flags absolute temporal claims when actual processing times differ. Add disclaimers or use accurate language.
[WARNING] UDAAP_DeceptiveSpeed: UDAAP deceptive speed claim: 'Guaranteed same-day'. CFPB flags absolute temporal claims when actual processing times differ. Add disclaimers or use accurate language.
[WARNING] UDAAP_DeceptiveSpeed: UDAAP deceptive speed claim: 'Funds available immediately'. CFPB flags absolute temporal claims when actual processing times differ. Add disclaimers or use accurate language.
[ERROR] RegDD_TerminologyEnforcement: Reg DD terminology: 'Annual Percentage Yield (APY)' must be 'annual percentage rate on deposits' in deposit account disclosures (12 CFR 1030).
[ERROR] RegDD_TerminologyEnforcement: Reg DD terminology: 'Annual Percentage Yield (APY)' must be 'yearly percentage' in deposit account disclosures (12 CFR 1030).
[ERROR] RegDD_TerminologyEnforcement: Reg DD terminology: 'Annual Percentage Yield (APY)' must be 'rate of return on deposits' in deposit account disclosures (12 CFR 1030).
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'Notwithstanding the foregoing'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'hereby acknowledges and agrees'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'pursuant to the provisions of'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'without limiting the generality'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'irrevocably and unconditionally'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'waives any and all'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'to the fullest extent permitted by law'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'including but not limited to'. CFPB targets language that interferes with consumer comprehension. Simplify.
[WARNING] UDAAP_BuriedDisclosures: UDAAP buried disclosure risk: 'except as otherwise provided herein'. CFPB targets language that interferes with consumer comprehension. Simplify.

What These Findings Mean

Each error represents a gap that NCUA or OCC examiners are likely to cite as a finding during your next examination. Errors include missing required policy elements, prohibited language suggesting incomplete compliance, and structural issues that prevent examiner review.

Warnings are issues that weaken your documentation but may not result in a formal finding. These include vague language, unspecified timeframes, and unassigned responsibilities that make policies harder to enforce and audit.

Recommended Next Steps

  1. Address all errors before your next examination cycle
  2. Review warnings with your compliance officer or committee
  3. Consider a full documentation suite review across all compliance policies

Want a full compliance documentation audit?

FinCompliance checks your entire policy suite against BSA/AML, SOX, PCI-DSS, GLBA, and NCUA requirements. Get a complete gap analysis with specific remediation steps.

Contact: bipinrimal314@gmail.com | github.com/BipinRimal314/comply

This report was generated by FinCompliance v0.1.0 — the first open-source compliance documentation linter for financial institutions. The analysis covers document structure, regulatory language, required elements, and policy completeness. It is not a substitute for legal or compliance advice.

Report generated: 2026-04-02 13:25:11 UTC