California Certified Regulatory Compliance
Manager (CRCM) Practice Exam Questions
And Correct Answers (Verified Answers)
Plus Rationales 2026 Q&A | Instant
Download Pdf
1. What is the primary purpose of a Compliance Management System
(CMS)?
A. Generate operational revenue
B. Conduct internal audits only
C. Ensure compliance with applicable laws and regulations
D. Maintain IT security standards
A CMS helps an organization meet legal and regulatory
requirements, manage compliance risk, and prevent violations.
2. Which federal law primarily governs consumer financial privacy?
A. GLBA
B. Gramm-Leach-Bliley Act
C. Dodd-Frank Act
D. Right to Financial Privacy Act
The Gramm-Leach-Bliley Act (GLBA) contains key provisions
regarding financial privacy and safeguards for consumer data.
,3. A bank that fails to file a required Suspicious Activity Report (SAR)
could be subject to:
A. A loss of federal charter only
B. Internal penalties only
C. Civil and criminal penalties
D. A warning letter only
Failure to file a SAR may result in both civil and criminal penalties
under the Bank Secrecy Act.
4. What agency enforces the Equal Credit Opportunity Act (ECOA)?
A. Federal Deposit Insurance Corporation (FDIC)
B. Office of the Comptroller of the Currency (OCC)
C. Consumer Financial Protection Bureau (CFPB)
D. Financial Industry Regulatory Authority (FINRA)
The CFPB has primary regulatory authority for ECOA compliance and
enforcement.
5. What does the "Three Lines of Defense" model include?
A. IT, Legal, and HR
B. Operational management, risk/compliance functions, and internal
audit
C. Board of Directors, Legal, and Compliance
D. Legal, Compliance, and Public Relations
The model provides a structure for risk management responsibilities,
including operations, oversight, and assurance.
6. What is the role of the Board in a compliance program?
A. Handle daily monitoring of transactions
B. Draft the policy and procedures
C. Train employees on compliance
D. Provide oversight and ensure compliance culture
, The Board provides governance, sets tone at the top, and oversees
the compliance framework.
7. Under the Bank Secrecy Act (BSA), how long must Currency
Transaction Reports (CTRs) be retained?
A. 1 year
B. 3 years
C. 5 years
D. 7 years
BSA regulations require CTRs to be retained for a minimum of 5 years
from the date filed.
8. Which regulation requires disclosure of terms and costs of consumer
credit?
A. ECOA
B. Truth in Lending Act (TILA)
C. Home Mortgage Disclosure Act (HMDA)
D. FCRA
TILA ensures consumers are informed about the costs of credit before
they agree to it.
9. What does Regulation E govern?
A. Mortgage lending
B. Commercial loans
C. Electronic fund transfers
D. Privacy notices
Regulation E implements the Electronic Fund Transfer Act, governing
consumer rights in electronic transfers.
10. What is the purpose of an Internal Audit in compliance?
A. Investigate fraud only
B. Replace compliance function
C. Provide independent assurance on controls
Manager (CRCM) Practice Exam Questions
And Correct Answers (Verified Answers)
Plus Rationales 2026 Q&A | Instant
Download Pdf
1. What is the primary purpose of a Compliance Management System
(CMS)?
A. Generate operational revenue
B. Conduct internal audits only
C. Ensure compliance with applicable laws and regulations
D. Maintain IT security standards
A CMS helps an organization meet legal and regulatory
requirements, manage compliance risk, and prevent violations.
2. Which federal law primarily governs consumer financial privacy?
A. GLBA
B. Gramm-Leach-Bliley Act
C. Dodd-Frank Act
D. Right to Financial Privacy Act
The Gramm-Leach-Bliley Act (GLBA) contains key provisions
regarding financial privacy and safeguards for consumer data.
,3. A bank that fails to file a required Suspicious Activity Report (SAR)
could be subject to:
A. A loss of federal charter only
B. Internal penalties only
C. Civil and criminal penalties
D. A warning letter only
Failure to file a SAR may result in both civil and criminal penalties
under the Bank Secrecy Act.
4. What agency enforces the Equal Credit Opportunity Act (ECOA)?
A. Federal Deposit Insurance Corporation (FDIC)
B. Office of the Comptroller of the Currency (OCC)
C. Consumer Financial Protection Bureau (CFPB)
D. Financial Industry Regulatory Authority (FINRA)
The CFPB has primary regulatory authority for ECOA compliance and
enforcement.
5. What does the "Three Lines of Defense" model include?
A. IT, Legal, and HR
B. Operational management, risk/compliance functions, and internal
audit
C. Board of Directors, Legal, and Compliance
D. Legal, Compliance, and Public Relations
The model provides a structure for risk management responsibilities,
including operations, oversight, and assurance.
6. What is the role of the Board in a compliance program?
A. Handle daily monitoring of transactions
B. Draft the policy and procedures
C. Train employees on compliance
D. Provide oversight and ensure compliance culture
, The Board provides governance, sets tone at the top, and oversees
the compliance framework.
7. Under the Bank Secrecy Act (BSA), how long must Currency
Transaction Reports (CTRs) be retained?
A. 1 year
B. 3 years
C. 5 years
D. 7 years
BSA regulations require CTRs to be retained for a minimum of 5 years
from the date filed.
8. Which regulation requires disclosure of terms and costs of consumer
credit?
A. ECOA
B. Truth in Lending Act (TILA)
C. Home Mortgage Disclosure Act (HMDA)
D. FCRA
TILA ensures consumers are informed about the costs of credit before
they agree to it.
9. What does Regulation E govern?
A. Mortgage lending
B. Commercial loans
C. Electronic fund transfers
D. Privacy notices
Regulation E implements the Electronic Fund Transfer Act, governing
consumer rights in electronic transfers.
10. What is the purpose of an Internal Audit in compliance?
A. Investigate fraud only
B. Replace compliance function
C. Provide independent assurance on controls
