ABA May/June 2025: Electronic Searches of Employee Communications

Redlining enforcement examinations and investigations conducted in recent years by federal and state supervisory and enforcement agencies have expanded to a new frontier: employee communications. Regulators have increasingly insisted upon searching employee emails, video conference chats, Slack1 messages, text messages, and similar forms of electronic communications to uncover statements or terminology indicative of racial or ethnic bias. Searching, collecting, and reviewing electronic communications can substantially increase the costs of an examination or investigation. The prevalence of such communications creates a high level of risk. A broad search for key words, regardless of the context in which they are used, might reveal an employee’s racially insensitive comment or term. It could also uncover an employee’s tacit endorsement of another person’s biased or discriminatory remark if the employee comments on it or forwards it to others.

This article provides an overview of the recent practice of examiners and investigators conducting email searches in redlining examinations and investigations. It also offers suggestions for mitigating risks related to employee emails that may not align with a bank’s mission, values or fair lending policies.

Role of federal and state agencies in electronic communication searches

Redlining claims focus on whether a lender has intentionally avoided lending in a particular geographic area, or has discouraged people from a particular geographic area from applying for loans with the lender, because of the racial or ethnic composition of the population residing in the area. Some government agencies have taken the position that internal employee communications that indicate racial or national origin bias can support redlining claims. Such communications may serve as evidence that bank personnel have avoided doing business in certain areas for prohibited reasons. Even where racially- or ethnically-insensitive emails are not directed to customers and are received from external sources, the government has asserted in publicly-filed redlining complaints that the statements are relevant to establishing discriminatory animus.

Demands for expansive email searches have been a cornerstone strategy pursued by private plaintiffs in Fair Housing Act and Equal Credit Opportunity Act (ECOA) lawsuits—and while limiting the scope in some cases, courts have sanctioned email searches costing banks over $1 million in major cases based on the recognition that emails are a trove of potentially-relevant evidence of racial bias or discriminatory intent. While a longtime staple of private fair lending litigation, electronic communication searches in federal and state redlining examinations and investigations are a more recent development.

The mortgage industry has devoted significant attention to the email searches conducted by the Department of Justice (DOJ) in its investigations prompted by the Combating Redlining Initiative launched in October 2021. While electronic communication searches became a standard element of DOJ investigations in the Biden Administration, email searches were used in examinations by the Consumer Financial Protection Bureau (CFPB) under the leadership of Director Kathy Kraninger during the first Trump Administration. These searches aimed to detect communications between or among lending personnel and senior management that revealed racial bias or overt discrimination. The CFPB’s ECOA Examination Procedures direct examiners evaluating redlining risk to "note any employee statements that reflect preferences as to geographic areas in which to do business, including preferences concerning business in areas with relatively high concentrations of minority residents."2

The DOJ and CFPB do not stand alone in this regard. The Office of the Comptroller of the Currency (OCC) updated their fair lending examination procedures in January 2023. These updated procedures for conducting analyses of discriminatory redlining now identify "internal bank communications, including emails" as a category of information subject to review because "[t] hese communications can provide evidence relevant to findings of redlining."3

State agencies and attorneys general have partnered with the DOJ to investigate potential redlining and have initiated their own investigations of redlining that might violate federal and state fair lending laws— and in connection with such investigations have also pursued employee email searches. For example, emails have been sought in redlining investigations conducted by the Attorney General of North Carolina, Attorney General of New Jersey, and New York Department of Financial Services.

Nuts and bolts of email searches to identify incriminating statements

As to the mechanisms for searching electronic communications in investigations, investigators typically issue an information request that seeks any documents (including emails) that pertain to topics relevant to redlining (e.g., branching, lending, marketing, outreach, fair lending monitoring). Such information requests also typically include a request for electronic communications for certain custodians where a search term appears in the email, regardless of the subject of the email. It could pertain to a sporting event, social gathering, exchange with a friend or family member, or political newsletter. Typical custodians include employees or managers with responsibility for determining the opening or closing of branches or loan production offices, expansion or contraction of Community Reinvestment Act assessment areas and Reasonably Expected Market Areas, and marketing or solicitation of mortgage loans in the geographic area under review.

Establishing mutually agreeable search terms is a critical threshold issue in scoping electronic communication searches. The investigator will typically deliver a preliminary list of racially or ethnically charged phrases, words, or partial words. This is accompanied by a request that the bank produce all electronic communications — that were sent or received by the identified employees — that include, in whole or in part, the terms on the list.

The lists are often customized to reference slurs, street names or neighborhoods associated with a particular racial or ethnic group. Such lists can include over 100 search terms. These lists can be negotiated and reduced by providing hit lists that demonstrate that certain words result in "false positives". Misspellings are a common source of false positives. Communications received from community organizations are another source of false positives, as they may utilize terms on the list in describing the organization’s efforts to eradicate discriminatory practices perpetuated by others. Certain short terms that, standing alone, carry racial or ethnic connotations may be part of larger words that have no racial or ethnic connotation whatsoever. Other examples of false positives include words that coincide with an employee’s last name, a street name, or a word that commonly appears in appraisal reports. False positives not only increase the amount of responsive data that must be collected and hosted at the bank’s expense, but they also substantially increase the time and expense associated with review.

Debate over use of employee emails against a bank

The ongoing debate over the government’s use of emails in redlining examinations and investigations centers on whether it is appropriate to impute the thoughts and sentiments of one or a few employees to a bank, especially when those views are contrary to the bank’s mission, values and policies. The countervailing view is that racial bias and animus permeate the words and actions of employees, which may subtly or overtly influence how that institution serves the lending needs of minority communities through those employees. The government has argued that the use of racial epithets or the mere act of forwarding an email or subscribing to a newsletter that contains racist remarks signals that employees or managers with this mindset are in a position to impact how a bank serves minority communities. For this reason, agencies have asserted that such emails can support a claim of redlining, and those emails have been referenced in multiple settlements in recent years.

Strategies for risk mitigants regarding unauthorized employee emails

Banks are on notice that electronic communication searches in redlining examinations and investigations have been trending in recent years and, from a proactive standpoint, should evaluate potential mitigants to reduce risk in this area. An essential starting point is to ensure that the bank has strong policies prohibiting discrimination in any aspect of a credit transaction, but strong policies regarding permissible use of company email, texts, social media, and chat functions are a necessary corollary for minimizing the likelihood of inappropriate emails on bank accounts and systems.

Banks seeking to reduce risk should conduct a review and inventory of any acceptable-use policies relating to internal and external forms of electronic communication. Depending on the current policy framework in this area, banks might consider drafting a specific policy relating to electronic communications that incorporates anti-discrimination language and cross-references the bank’s fair lending policy.

To serve as an effective control, acceptable-use policies must identify the disciplinary consequences employees will face if they fail to comply. In addition, the bank must take disciplinary action against employees if policy violations are identified. Regulators will closely examine how a bank responds to racist or biased statements made by employees in electronic communications. A bank that uncovers such statements through routine monitoring but fails to take disciplinary action is more likely to be seen as demonstrating discriminatory intent than one that identifies problematic emails only after an investigative request. Proactively addressing non-compliant communications reinforces a bank’s commitment to compliance and fair practices.

Additionally, banks should evaluate how often they refresh employee training on the acceptable-use policy requirements. While it is common to introduce policies governing electronic communications as part of new-hire onboarding, and to notify employees that the bank reserves the right to review all electronic communications on the bank’s accounts and systems, banks should consider requiring all employees to annually review and acknowledge acceptable-use policies. If new policies are prepared or existing policies are revised, it is a best practice to distribute the new or revised policies and to require acknowledgements.

Finally, banks seeking to evaluate more stringent controls should explore tools for detecting, filtering, and blocking internal or external emails containing racial epithets or other inappropriate content. However, they should also recognize that these types of reviews require significant resources, including review time and employee meetings to address the findings.

Be sure to confer with human resources officials to discuss what processes for screening and surveillance of electronic communications might be available. Given the issues with false positives discussed above, banks should be mindful about developing a practical filtering strategy that effectively detects the conduct giving rise to fair lending risk.

Endnotes

1. https://slack.com/

2. CFPB Supervision and Examination Manual, ECOA Baseline Review Modules at 19 (April 2019), available at https://files.consumerfinance.gov/f/documents/cfpb_supervision-and-examination-manual.pdf.

3. OCC Comptroller’s Handbook, Consumer Compliance, Fair Lending, Version 1.0 at 48 (January 2023), available at https://www.occ.treas.gov/publications-and-resources/publications/comptrollers-handbook/files/fair-lending/index-fair-lending.html.

Check out the ABA May/June 2025 Issue HERE.

About the Authors

Andrea Mitchell is a nationally recognized adviser to banks, financial services companies, and third-party service providers on enforcement, regulatory, and compliance matters. She represents clients throughout the country on fair lending, fair servicing, and responsible banking issues, including matters that involve claims of disparate impact; disparate treatment; and unfair, deceptive, or abusive acts and practices (UDAAP). Her work in this area includes advising on redlining, pricing, underwriting, steering, product development, sales and marketing, social media, limited English proficiency, artificial intelligence and machine learning, overdraft and other deposit account practices, credit reporting, servicing, collections, and loss mitigation.

SIGN UP FOR UPDATES

Never miss our news, insights or events.

FEATURED NEWS