Category Archives: Mortgage Banking

The Risks of Mortgage Loan Origination Misconduct and Misleading Practices

Sterling Bancorp in Southfield, Mich., is under investigation by the Justice Department for issues tied to its mortgage business.

The $3.3 billion-asset company disclosed in a regulatory filing late Friday that it had received grand jury subpoenas from the agency seeking documents and information associated with its residential lending practices and related issues. Sterling said it is cooperating with the investigation.

Sterling also disclosed that it is cooperating with the Office of the Comptroller of the Currency, which is looking into the bank’s credit administration and its compliance with Bank Secrecy Act and anti-money-laundering laws. The company has been operating under a formal agreement with the OCC since June tied to BSA and AML compliance.

The company also decided to permanently discontinue its Advantage Loan Program, an initiative it had suspended late last year. The company has been auditing documentation for prior originations and implementing systems and controls to make sure policies and procedures are being followed.

Tom Lopp succeeded Gary Judd as Sterling’s chairman and CEO on Nov. 30.

The company also began an internal review led by a special committee of independent directors and outside counsel.

The ongoing review determined that some employees “engaged in misconduct tied to the origination of such loans, including with respect to income verification and requirements, reliance on third parties and related documentation,” the filing said.

As a result, Sterling said, a “significant number of employees” have been terminated, including the senior vice president in charge of the Advantage Loan Program in California, or have resigned. The company said more terminations and resignations are possible.

While Sterling is working on initiatives to diversify its loan production and review new mortgage products, it said that “the implementation of any new loan products takes time and may be subject to” regulatory review.

Because of those issues, Sterling said it has stopped paying dividends in the near term, halted dividends from its bank to the holding company and will delay filing its annual report.

Finally, Sterling dislcosed that a shareholder lawsuit was filed in the U.S. Disctrict Court for the Eastern District of Michigan against the company and some of its officers and directors. The lawsuit alleges that there were violations of federal securities laws, mostly tied to disclosures leading up to Sterling’s initial public offering, subsequent filings and during earnings calls.

“While the company intends to vigorously defend this action, it is too early to determine the potential outcome,” the filing said.

Source :https://www.americanbanker.com/news/sterling-in-michigan-facing-justice-department-probe-of-mortgage-practices

Beware – How to Spot Fraudulent Transfer Instructions

The past decade has seen the growth of an especially painful and pernicious type of fraud. Criminals have been inserting themselves into the middle of real estate closings, sending believable money transfer instructions to the buyer’s bank or the escrow agent, and absconding with the money. This money was supposed to pay off the remainder of the seller’s mortgage, and has the potential to affect any mortgage banker.

Court cases in this space describe a third party pretending to be a known and trusted vendor and instructing purchase payments sent to a supposedly new account, and the payer bank following that instruction without verifying the account change.1

This article will define and explain this problem, legal underpinnings of claims against the criminals, and how companies are guarding against this type of disaster. We also discuss what mortgage bankers should do to minimize their risks of taking the loss for such thefts at the end of the day.

How could this happen and how can we stop it?

Consumers, real estate agents, and closing lawyers are vulnerable to these attacks through automated phone calls and phishing text messages. Sophisticated versions of these attacks will trick the recipient into clicking a link or installing or downloading an infected attachment. Bad guys gather information that will make their fraudulent instructions look like they genuinely arise from the appropriate parties, such as the lawyer handling the closing or the agent representing the buyer. Fraudulent email or other official-seeming correspondence contain wire transfer payment instructions usually regarding the down payment or closing costs.

With the money gone, all the parties scramble to avoid being left holding the bag for the error, and forced to pay for their mistakes by paying the home buyers back their missing money. The bank paying the money or the lawyer/agent who was impersonated by the fraudsters are the most likely patsies in the chain, as they dealt most closely with the wrongdoer and had the greatest opportunity to catch the fraud before money was lost.

For buyers’ bankers, a confirming phone call to the right party, not using the number on the fraudulent request, but looking up that number directly, is the best move to minimize risk for all parties and to avoid liability for the loss. At this stage, ANY change of payment data or suspicious looking payment request should be questioned with a follow-up call before payments are made. Adding this one step to the mortgage payment process can save immeasurable heartbreak and entirely measurable money losses.

What laws are violated?

In 2018, cyber-crime victims across the United States billion. In the last quarter of 2018, the companies most targeted received approximately 120 fraudulent emails. In fiscal year 2017, $969 million was either diverted or attempted to be diverted from real estate purchase transactions to fraudulent accounts.2

This criminal conduct falls squarely into the wire fraud statute, but the accounts receiving the payments usually belong to criminals overseas, and out of the reach of U.S. law enforcement according to Rahul Gupta.3 Federal law “prohibits, during and in relation to felony violations of certain laws (including, but not limited to, embezzlement or misapplication of bank funds; fraud or false statements; mail, bank, and wire fraud), the knowing use, transfer or possession, without lawful authority, of a means of identification, such as an individual’s social security number or date of birth, of another person with the intent to commit a crime.”4 This statute has been used in the past to prosecute fraudulent real estate transaction schemes, upholding wire fraud conviction for transferring $22,000 via wire with the intent to defraud their creditor.5

Why do they target real estate transactions?

The Gentleman Thief, Willy Sutton, claimed that he robbed backs because “that’s where the money is.” Think how much money can be skimmed by stealing the final payouts of residential house sales, at least hundreds of thousands of dollars each time. And if you convince the buyer’s bank to transfer to a safe account overseas, or you can quickly move the money to one remotely, then the risks are minimal.

Home sales involve significant amount of money that can be easily diverted. The median price of homes that have sold now exceeds $220,000.6 The market value of the commercial and industrial real estate in the United States is approximately $2.655 trillion, according to the Real Estate Investor’s Deskbook § 1:5 (3d ed.). Because there are multiple parties in every real estate transaction with no definite party to always provide payment information, that data may come to the payor bank from the closing lawyer, the alleged receiving bank or mortgage company, any real estate agent in the transaction, or from the buyers themselves; fraudsters can rely on the confusing array of options to fool a payor bank. Much of the information a bad actor needs to impersonate the parties and launch this fraud can be found online.

The issue of wire fraud in real estate is metastasizing. The FBI reported that from 2015 to 2017, there was over an 1,100 percent rise in the number of crimes using business e-mails in the real estate transaction context and an almost 2,200 percent rise in the reported monetary loss. The FBI also reported nearly $150 million in real estate fraud losses in 2018. According to the FTC, consumers reported losing $1.48 billion to fraud in 2018, which marks an increase of 38 percent over 2017. The FTC defines wire fraud is any event where an individual is tricked into sending money via wire transfer to a fraudster.

As participants in real estate transactions, lawyers and real estate brokers are vulnerable to information theft leading to impersonation. According to the Ponemon Institute’s report, 2017 State of Cybersecurity in Small and Medium Sized Businesses, 61 percent of small businesses experienced a cyberattack in 2017, up from 55 percent in 2016. That same research indicated that 43 percent of malware victims are small businesses. During the course of a recent real estate transaction, an associate of a large North American law firm wired $2.5 million of a client’s money to a Hong Kong bank account.7 Cybercriminals had set up the account and induced the associate to send the funds by pretending to be employees of a legitimate mortgage company.

What about insurance?

Victims of this type of crime may expect their insurance to assist in compensating for the stolen payment. However, the insurance industry has made adjustments as a result of the prevalence of this crime. Direct mail or email fraud is generally not covered under cyber insurance policies, even though the crucial information to impersonate a legitimate party may have been secured through hacking or phishing. A payor bank’s errors and omissions policies may cover this, although more insurance companies are requiring a set of procedures to confirm payment destinations before money is sent. If your bank does not have the right procedures, it may not be insured for the loss.

Insurance companies have reacted to this wave of crime by adjusting coverage types and caps to minimize their exposure. Bankers, buyers, brokers, and lawyers should carefully review their insurance policies to find coverage, risk allocation, and coverage limitations.

What is being done about it?

State and local governments are beginning to raise awareness of the issue of wire fraud in the real estate industry. The Utah Division of Real Estate, for example, launched a campaign to call attention to email scams that “target property transactions to force people into wiring down payments and other high dollar real estate proceeds to con artists’ accounts.” According to its website, the Colorado Division of Real Estate at the Department of Regulatory Agencies also warned Colorado consumers to “beware of a national cyber-scam currently taking place that steals money directly from home buyers and sellers.”

In July 2019, American Land Title Association, Community Mortgage Lenders of America, American Escrow Association, Real Estate Services Providers Counsel, created a group called a Coalition to Stop Real Estate Wire Fraud. The group has a stated goal of educating consumers and real estate professionals about the risks of wire fraud.

However, much of the risk of these crimes can be reduced or eliminated by a few extra incidences of careful communication between the payor bank and either its client or the client’s representative in the transaction. The bad guys profit from the complexities of the payment instruction process and lazy assumptions made by all parties. Minimizing your risks of this fraud may be as easy as a phone call.

Source:https://www.mortgagebankermag.com/quality-assurance/security-risk-fraudulent-closing-transfer-instructions-stealing-mortgage-pay-offs/

Coronavirus and HUD / CFPB Mortgage Lending Updates

The U.S. Department of Housing and Urban Development (HUD) and the Consumer Financial Protection Bureau (CFPB) issued separate updates on Monday aimed at clarifying or issuing guidance to their specific sectors in the wake of increasing concern related to the outbreak of the COVID-19 coronavirus.

HUD issued a new informational notice aimed to remind mortgagees of the various loss mitigation program options available to them from the Federal Housing Administration (FHA), in light of concerns related to the spread of the virus.

“As with any other event that negatively impacts a borrower’s ability to pay their monthly mortgage payment, FHA’s suite of loss mitigation options provides solutions that mortgagees should offer to distressed borrowers – including those that could be impacted by the coronavirus – to help prevent them from going into foreclosure,” the notice reads in part.

The relevant home retention options are located in the FHA Single Family Housing Policy Handbook 4000.1, in section III.A.2.

The CFPB, meanwhile, released a statement aimed at encouraging American financial institutions to meet any needs of consumers that arise as a result of the outbreak.

“The agencies recognize the potential impact of the coronavirus on the customers, members, and operations of many financial institutions and will provide appropriate regulatory assistance to affected institutions subject to their supervision,” the CFPB statement reads. “Regulators note that financial institutions should work constructively with borrowers and other customers in affected communities. Prudent efforts that are consistent with safe and sound lending practices should not be subject to examiner criticism.”

The statement goes on to say that financial regulators understand that institutions may be faced with unique challenges as a result of the virus, including staff shortages for those whose employees elect to either remain at, or work from home.

“In cases in which operational challenges persist, regulators will expedite, as appropriate, any request to provide more convenient availability of services in affected communities,” the CFPB said. “The regulators also will work with affected financial institutions in scheduling examinations or inspections to minimize disruption and burden.”

Source : https://reversemortgagedaily.com/2020/03/09/coronavirus-leads-hud-cfpb-to-issue-housing-finance-updates/

California’s New Privacy Law and its Impact on Your Mortgage Lending

On January 1, 2020, the California Consumer Privacy Act (CCPA) became effective and has been described as one of the most comprehensive consumer privacy initiatives ever to be codified into law. Because of its wide implications for businesses throughout the state of California, a panel of legal representatives explained how it could impact the reverse mortgage business during the National Reverse Mortgage Lenders Association (NRMLA) Annual Meeting in Nashville, Tenn.

Though the law was originally passed in June of 2018 under the administration of the last governor, Jerry Brown, the law only recently went into effect and has some major implications due to its large scope. Because California stands as a major source of reverse mortgage business, the implications of the new law will affect large numbers of individuals and entities in the industry who conduct business within the state.

Brief history

Intended to give California consumers more general say over how much of their personal data is collected and used by businesses operating in the state, the CCPA provides further enforcement to language found in the California state constitution, which describes privacy as an “inalienable” right for Californians. During their presentation at the NRMLA Annual Meeting, attorneys Soroush Shahin of Weiner, Brodsky, Kider and Jay Wright of Bradley Arant Boult Cummings LLP described the law as the “broadest and most comprehensive privacy law in the United States to date.”

According to the language of the bill introduced to the California State Assembly in February of 2018, some of the specific intentions of the law are to let consumers know what personal data is being collected about them and if sold, to whom; allow them to decline the sale of personal data; to give them access to their personal data; allow them to request a business to delete personal information that a business may have collected about them; and to not be discriminated against for exercising rights to privacy.

While its scope is broad, the CCPA does not universally apply to all business operating within California. Instead, a company has to meet one of these three requirements in order to require compliance with the new law: it has annual gross revenues in excess of $25 million; buys or sells the personal information of 50,000 or more consumers and/or households; or earns more than half of its annual revenue from selling the personal information of its consumers.

According to Shahin and Wright, the California legislature passed CCPA in quick succession in order to avert a proposed ballot initiative which would’ve sought even more stringent privacy requirements on the state’s businesses, and that rush to pass the law ultimately led to a degree of ambiguity and uncertainty in terms of how it will apply now that it is in effect.

How the law could impact the reverse mortgage business

Among some issues that have specific relevance to the reverse mortgage industry, one reverse mortgage professional in attendance at the event asked the lawyers whether or not there are any specific verification processes that can be used to properly vet a borrower based on identifiable attributes such as Social Security number.

“Masked data is permissible,” Wright says, referring to using only a partial Social Security number for borrower identification purposes. “You’re certainly prohibited from getting the entire Social Security number from a borrower through fear of potentially releasing other customer data as a part of that [inquiry]. You may need to tweak your policies and procedures to ensure they comply with CCPA.”

Another attendee who is not employed by a lending entity asked if the application of the law would extend to institutions other than lenders, and the broadness of the law clearly illustrates that it does, Shahin explains.

“If you’re a for-profit entity and you collect more than 50,000 pieces of personal information from consumers or devices, it’s extremely broad,” he says. “It’s not just limited to lenders. Any entity that meets those thresholds will be subject to CCPA.”

In general, the scope which qualifies as “personal information” is similarly broad, the attorneys say. It counts as, “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”

Examples of what does not qualify as personal information under the letter of the law includes publicly available information, aggregate consumer information or “deidentified information” which has had personally-identifiable elements removed before being released.

Lender responses

Several reverse mortgage lenders have taken recommended actions in terms of providing disclosures and policies specifically for California residents in light of CCPA’s passage. In terms of the disclosures, several major reverse mortgage lenders have created California-specific portals and web pages in order to comply with the requirements of the new law.

For instance, 1st Reverse Mortgage USA specifies on its dedicated CCPA web notice the policies and practices inherent in its various uses of consumer information, along with details concerning what information is collected, how that information is gathered, and how that information is used in the regular course of 1st Reverse’s business.

Also included is a notice about how personal information collected by 1st Reverse is not sold, but is shared among some third-party partners in order to accomplish certain business requirements.

Open Mortgage features both a CCPA notice and a CCPA-bolstered privacy policy, but also informs consumers that much of the data it collects does not necessarily fall under the jurisdiction of the new law.

“[I]t is important to note that CCPA provides exemptions to companies that have consumer data that is necessary to carry out their business. A majority of the data that Open Mortgage collects is exempt from CCPA as it falls under federal privacy laws set out by the Gramm Leach Bliley Act (GLBA) and cannot, as a result, be part of the [law’s required] Opt-Out request,” the Open Mortgage notice reads. “We are GLBA compliant and protect your data to our fullest capability. So, Open Mortgage will receive your Opt-Out request via the option you select, and will work to remove any data that is not exempt.”

Similarly, Champion Mortgage details its own exemptions from the CCPA under the same principles, due to compliance with GLBA.

“The personal information (PI) that we collect, process or share in connection with the reverse mortgage loans we service is safeguarded under federal requirements and is exempt from the CCPA,” the Champion notice reads.

Activity of other states

While there aren’t necessarily other laws with the scope of CCPA being deliberated in other states, there is momentum in other jurisdictions for further protection of consumer information, Wright says.

“Maine and Nevada have passed state laws pertaining to privacy issues, and there are a number of states that have had consumer data privacy statutes that have been introduced and may be passed in the upcoming legislative sessions,” he says. “There’s movement in 11 or 12 other states. Obviously California is the most significant, and to date the toughest rules with which we’re going to have to contend.”

Still, regulations can change, and the reverse mortgage industry is still in a state of flux concerning compliance with these new privacy requirements. The significance of the topic is immense, and businesses in general are expected to spend billions of dollars in legal or regulatory compliance costs over the upcoming year, Wright says.

Anyone subject to upcoming privacy rules should have active conversations internally, and potentially with counsel to make sure that compliance with existing or upcoming privacy rules is maintained, Wright adds.

Source : https://reversemortgagedaily.com/2020/01/21/how-a-new-california-privacy-law-could-impact-reverse-mortgages/

Future of Compliance in the Mortgage Industry

QC 2.0: Next Generation of Quality Control for the Mortgage Industry

By Steve Spies, SWS Risk Advisory

The last mortgage war is over. The mortgage loan quality battles raged from 2008 until the tide turned around 2015. The war was won by the industry’s embrace of quality standards rivaling industries known for their precision manufacturing processes. Rolex would give a tip of the cap to the mortgage industry’s >99.5 percent significant defect accuracy rate. But that long needed permanent investment in quality control was designed for a high document, labor intensive and low-tech world. Digitization, risk proliferation, and the competitive onslaught requires a new mind set for using quality control dollars to survive in the era of Big Data. In short, time to pivot from defense to offense, and this month I lay out a plan to do that.

In next month’s issue, I will take a stab at forecasting the industry’s progress over the next decade in automating the credit decision process in alignment with loan quality requirements. Spoiler Alert: Even though great gains will be made in the routine aspects of the industry, like closing docs, with underwriting and QC, every mortgage is like a thumbprint. Each loan is so borrower unique that big challenges in credit data standardization prevents tech from providing anything close to a 100 percent solution in the next ten years. Count me a doubter that “within two years the majority of mortgages won’t need a human touch.”

Part One

Mortgage QC 2.0—The Best Defense is a Good Offense

Quality Control as an offensive weapon has three main attributes:

  1. Proactive – 80 percent real-time, pre-closing, 20 percent post-close
  2. Profit centered – strategic, targeted QC driving continuous bottom line improvement across the enterprise reducing costly manufacturing defects.
  3. Data driven, human applied – Artificial Intelligence (AI) and Tech rightfully power QC 2.0, but needs extreme discipline to ensure accurate data quality and interpretation.

Proactive:

It’s important to distinguish quality assurance from quality control. Quality assurance is making sure customer expectations are met before the transaction is completed. Quality control is a post-closing validation that the manufacturing process worked as intended and as required by law and investors. Most lenders only intentionally invest in back-end quality control as an audit compliance necessity. During the crisis, QC became synonymous with repurchase avoidance, and then a defense against stricter legal and regulatory compliance standards. Those foundational, post-manufacturing duties must continue, but the GSEs have committed to long-term repurchase risk minimization. This incentivizes resource reallocation to managing quality while creating your product or service. Embedding a quality assurance feedback loop in the product delivery process prevents mistakes from impacting your customers. Have you analyzed the cost of reworking a loan? The price of a lost customer? Getting it right the first time flows right to the bottom line and keeps coveted customer surveys and social media ratings high. It’s not unreasonable to shift 80 percent of your overall loan quality dollars into pre-delivery because QC technology has developed robust pre-funding QC modules, reporting, and feedback loops, possibly with an overall reduced QC budget.

More importantly, as repurchase defects are so rare, quality assurance can focus on manufacturing errors that really cost you money. Over processing, wastes, and delays are eating your lunch now. Mortgage lenders are well aware that the percentage of “just got lucky” defects is much higher than the approximately .5 percent industry repurchase error rate. These impactful defects generally don’t require repurchase when the overall loan credit profile is strong. However, the same mistake on loans with marginal credit parameters might require financial remediation if not outright repurchase. Lenders should have a sense of urgency about this; it’s time to optimize manufacturing quality before the inevitable recession and the typical erosion in loan quality that comes with it. Only proactive QC improves or preserves profits, the second pillar of next generation QC.

Profit Centered:

I recently outlined the case that strategic lenders will view QC as a profit engine. To recap, the cost to originate a loan is pushing $10,000, which cannot last. The industry is constantly bemoaning over documentation and sending loans back through underwriting five or six times due to faulty or errant documentation. And we can’t help ourselves from throwing more and more money at originators. The cost of implementing all the technological bells and whistles may add hundreds of dollars per loan with questionable payback. And that assumes implementation of these tech tools is seamless and accurate. And finally, of course, lenders are absorbing a backbreaking amount of increased compliance and regulatory costs.

Forward-thinking lenders realize investing in quality control as a real-time feedback mechanism drives continuous improvement to revenue and cost. Shifting your mindset from QC as a no news is good news role, to a powerful proactive source of improvement may separate winners and losers. It’s likely no other function in your organization dissects every step and every document on a sample of your loans every month. QC’s timely results drives costs savings now, rather than some imagined future state.

In case you missed it, here are the five immediate ways I suggested your QC work can lower costs and improve revenue:

  1. Underwriting overlays – needed or overly cautious?
  2. Required documents – eliminate CYA docs
  3. Rework – loan defects slowing down the process?
  4. Technology – promised savings being realized?
  5. Liquidity– repurchase/loss reserves excessive?

Here are couple more interesting possibilities:

  1. People – coaching up those with most defects is an easy win
  2. Loan type – self-employed taking twice as long?

Just a couple hours brainstorming your QC results will drive a long list of high impact opportunities. Rather than mechanically sampling and reporting on repurchase and compliance, the more advanced reporting tools from QC vendors and inhouse systems can be plumbed for endless insight into company operations. Engage your QC team or vendor to generate improvement ideas, gather market intel, stop overkill, and prevent mistakes.

Data Driven – Human Applied

There is no looking back on the digitization of business processes, and QC is no exception. In fact, because its main purpose is data analysis, either in a document or a raw data point itself, QC lends itself to automation better than other parts of the business. AI and machine learning excel at spotting when two or multiple pieces of information don’t make sense in relation to each other. Lenders’ investment in these tools requires at least two guardrails. First, implement with a purpose, either driving front-end improvement to a manufacturing weakness, or spotting troubling quality issues or fraud patterns post-close. Don’t act without a plausible ROI. Second, ROI calculations must factor in that AI and Robotics often generate high false positive rates. Chasing down too many inaccurate red flags destroys the benefit and numbs the staff from acting on real risk indicators.

The Big Data era is driving a generational shift in mortgage origination, from customer acquisition to fulfillment, underwriting and closing. Of course, this shift creates new frontiers for quality control. Any investment in data driven solutions comes with a big piece of yellow caution tape around it. Even though we have the technology and skill to spot defects with data, the data quality curve is just emerging. Most mortgage file credit elements lack standardization and controls around data creation, transmission, and protection. Borrowing a baseball analogy, income and employment data integrity is barely out of the first inning. Add in that humans are handling this data at some point introduces everything from normal error, to biased interpretation, to outright manipulation. By comparison, because of widely agreed upon format and data definitions, appraisal data standardization and digitization approaches the late innings. Regardless of where a piece of technology claims to be in the game, QC must lead in testing data quality and holding vendors accountable for data accuracy claims. Confirmation bias can be rampant amid the glamour of new technology.

To keep pace with mortgage digitization, QC must develop data quality testing expertise. But don’t be fooled by tech providers claiming to verify direct from the “source of truth.” This term mistakenly entered industry lexicon believing that going to the “source;” for example, an employer makes it the “truth” for purposes of credit decisioning. I prefer the terms “primary sources” and “alternative sources.” An employer is a primary source for employment information, but its “truth” depends on the employer’s approach to an array of consistency, definitional, and reporting needs. For starters: Did the income vendor interpret and map the employer paystub fields correctly? Did they manually manipulate the data in any way? Did your loan origination system import the data correctly? Your QC team must independently validate and analyze data quality at all points during its digital journey.

A single source for data also complicates independent validation. QC should lead development of secondary sources to confirm accuracy and reasonableness that don’t rely on the primary source. For instance, can LinkedIn give us independent insight on employment status? Even in today’s mostly manual world, we seldom rely on one source of corroboration. As an example, we now get up to four pieces of primary data on employment and income: a paystub, W-2, verbal verification of employment, and sometimes tax returns. Further, relying on a single source opens that source up to targeted manipulation and falsification. Fooling ourselves that QC’s no longer necessary will be the biggest mistake of all. Quite the opposite. By assuming an unvalidated primary source is always accurate, we potentially back into another version of no-doc loans.

Hoping to optimize speed and cost, AI advocates imagine a world where a sufficiently predictive credit decision can be made from modeling publicly available information. Proponents say it’s a straightforward algorithm by mining social media, credit scores, and everything else the internet knows about us. Then, it’s a simple matter of pricing for the modeled default risk. No need for documentation or other controls. Just consider the accuracy of your own internet footprint to know that data quality concerns grow exponentially with such an approach. And pricing for risk was one of the mistakes at the heart of the last crisis. By design, a pricing for risk approach assumes some borrowers lose their homes and is contrary to the goal of sustainable home ownership. My view is no matter the sophistication of the decision engine, we can never comprise the fundamentals of independently establishing borrower willingness and ability to repay a debt.

With these limits on how far “data and done” can carry us, in next month’s issue I share my vision for the next decade’s wins and challenges in pursuit of the digital mortgage.

Source: https://www.mortgagebankermag.com/quality-assurance/qc-2-0-next-generation-of-quality-control-for-the-mortgage-industry/

Compliance Hotspots for Management to Watch in 2020 !

2020: Compliance Risk Management Check-Up

From a federal regulatory viewpoint, managing your compliance risk is an ongoing task, to say the least. As we head into 2020, here’s a list of potential changes as well as annual threshold adjustments of which to be aware. It will be necessary to update your compliance risk assessment, internal controls, and IT systems.

Annual Threshold Adjustments Effective January 1, 2020

  1. HPML escrow exemption: The final rule, published December 23, 2019, adjusts the asset-size threshold for certain creditors to qualify for this exemption located in Regulation Z, section 1026.35(b)(2)(iii)(C) of Regulation Z. Creditors with assets of less than $2.202 billion, which includes assets of certain affiliates, as of December 31, 2019, are exempt, if other requirements of Regulation Z also are met, from establishing escrow accounts for HPMLs in 2020, and in 2021 for loans applied for by April 1, 2021.
  2. HPML appraisal exemption: The final rule, published October 30, 2019, adjusts in Regulation Z to increase the threshold amount to $27,200 for the exemption from the special appraisal requirements for higher-priced mortgage loans.
  3. HOEPA annual threshold: The final rule, published August 1, 2019, adjusted the total loan amount threshold for high-cost mortgages in 2020 will be $21,980. The adjusted points-and-fees dollar trigger for high-cost mortgages in 2020 will be $1,099. For qualified mortgages, which provide creditors with certain protections from liability under the Ability-to-Repay Rule, the maximum thresholds for total points and fees in 2020 will be 3 percent of the total loan amount for a loan greater than or equal to $109,898; $3,297 for a loan amount greater than or equal to $65,939 but less than $109,898; 5 percent of the total loan amount for a loan greater than or equal to $21,980 but less than $65,939; $1,099 for a loan amount greater than or equal to $13,737 but less than $21,980; and 8 percent of the total loan amount for a loan amount less than $13,737.
  4. Residential appraisal threshold: The final rule, published October 8, 2019, increased to $400,000 the threshold for requiring an appraisal by a state certified or licensed appraiser for residential real estate transactions.
  5. HMDA asset-size exemption: The final rule, published December 20, 2019, increases the HMDA asset-size exemption threshold for banks, savings associations, and credit unions from $46 million to $47 million. Therefore, these institutions with assets of $47 million or less as of December 31, 2019, are exempt from collecting data in 2020.
  6. HMDA and EGRRCPA partial exemptions: The final rule, published October 10, 2019, extends for two years the current temporary threshold for collecting and reporting data about open-end lines of credit under HMDA. The rule also clarifies partial exemptions from certain HMDA requirements that Congress added in the EGRRCPA.
  7. FinCEN penalty caps: The final rule, published October 10, 2019, made inflation adjustments of civil money penalties, as mandated by the Federal Civil Penalties Inflation Adjustment Act of 1990, as amended. The rule adjusts certain penalties within the jurisdiction of FinCEN to the maximum amount required by the Act.
  8. Look for a final rule regarding the CRA small bank, intermediate small bank, and large bank revised definitions.

Proposed Rulemakings to Watch in 2020

  1. CRA modernization: On December 12, 2019, the FDIC and the OCC published a Notice of Proposed Rulemaking with Request for Comment seeking to modernize the CRA. The proposed rules are intended to increase bank activity in low- and moderate-income communities where there is significant need for credit, more responsible lending, greater access to banking services, and improvements to critical infrastructure. The proposals will clarify what qualifies for credit under the CRA, enabling banks and their partners to better implement reinvestment and other activities that can benefit communities. The agencies will also create an additional definition of “assessment areas” tied to where deposits are located, ensuring that banks provide loans and other services to low- and moderate-income persons in those areas.
  2. TRID Rule assessment: The CFPB published a Request for Comment on November 22, 2019, where an assessment will be conducted on the TRID Rule. As part of its assessment, the CFPB stated it intends to address the TRID Rule’s effectiveness in meeting the purposes and objectives of Title X of the Dodd-Frank Act, the specific goals of the rule, and other relevant factors. Section 1022(d) of the Dodd-Frank Act requires the CFPB to publish a report of its assessment within five years after the effective date of the rule being assessed. The public is invited to comment on the feasibility and effectiveness of the assessment plan, recommendations to improve the assessment plan, and recommendations for modifying, expanding, or eliminating the TRID Rule, among other questions. Comments are due by January 21, 2019.
  3. Fair lending: On August 19, 2019, HUD published a Proposed Rule that would amend HUD’s interpretation of the FHA’s disparate impact standard to better reflect the Supreme Court’s 2015 ruling in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, Inc., and to provide clarification regarding the application of the standard to state laws governing the business of insurance.
  4. Collection practices: On May 7, 2019, the CFPB published a Notice of Proposed Rulemaking with Request for Comment the proposed rule would provide consumers with clear protections against harassment by debt collectors and straightforward options to address or dispute debts. The NPRM would set clear, bright-line limits on the number of calls debt collectors may place to reach consumers on a weekly basis; clarify how collectors may communicate lawfully using newer technologies, such as voicemail, email and text messages, that have developed since the FDCPA’s passage in 1977; and require collectors to provide additional information to consumers to help them identify debts and respond to collection attempts. The proposal would amend Regulation F, which implements the FDCPA, to prescribe federal rules governing the activities of FDCPA-covered debt collectors. The proposal focuses on debt collection communications and disclosures and also addresses related practices by debt collectors. The CFPB also proposes that FDCPA-covered debt collectors comply with certain additional disclosure-related and record retention requirements. If a final rule is issued, the CFPB proposes that it would become effective one year after it has been published.
  5. Privacy: With the California Consumer Protection Act and the General Data Protection Regulation, you may be impacted more than you realize. Refer to our various articles written on this topic.

More can certainly be added to this abridged list, and the intent is to start planning and keeping an eye out for regulatory change.

Around the Industry:

Happening Now

Fannie Mae and Freddie Mac recently announced the revised implementation timeline for their redesigned Uniform Residential Loan Application (URLA) and updated automated underwriting systems. Lenders may begin using the revised URLA and submitting loan applications to the new AUS September 1. 2020. All applications received on or after November 1, 2020, must use the revised URLA. Starting November 1, 2021, Fannie Mae and Freddie Mac will no longer accept applications using the current URLA format.

MCM Q&A

We encourage you to read, reread, or review our December issue of the best read articles of 2019, specially chosen by our editor.

Source: https://www.mortgagebankermag.com/weekly-newsline/2020-compliance-risk-management-check-up/

Latest Developments on the ATR/QM Rule

The Consumer Financial Protection Bureau (CFPB) is proposing a change to its Ability-to-Repay/Qualified Mortgage (ATR/QM) rule.

In a letter to Sen. Mike Rounds (R-SD), chairman of the Senate Subcommittee on Financial Institutions and Consumer Protection, CFPB Director Kathleen Kraninger noted her agency’s Advanced Notice of Proposed Rulemaking (ANPR) regarding the ATR/QM rule, pointing out the QM requirement that the consumer’s debt-to-income ratio (DTI) cannot exceed 43 percent and adding that standard is not necessary for loans that qualify for the GSE Patch (also known as the QM Patch) which is set to expire in January 2021.

Kraninger informed Rounds that based on the ANPR input, the CFPB “has decided to propose an amendment to the Rule which would move away from DTI and instead include an alternative, such as a pricing threshold (i.e., the different between the loan’s annual percentage rate (APR) and the average prime offer rate (APOR) for a comparable transaction). The proposed alternative would be intended to better ensure that responsible, affordable mortgage credit remains available to consumer in a manner consistent with the purposes of Sections 129B and C of the Truth-in-Lending Act (TILA) and to facilitate compliance with those sections.”

Kraninger also stated that the CFPB expects to propose extending the QM Patch expiration “for a short period” until either the proposed alternative is put into place of the government-sponsored enterprises exit federal conservatorship. A Notice of Proposed Rulemaking on this matter is being planned for no later than May, Kraninger added.

Furthermore, Kraninger said the CFPB was considering an addition to the existing rule that offered a “seasoning” approach that would “create an alternative pathway to QM safe-harbor status for certain mortgages when the borrower has consistently made timely payments for a period.”

Mortgage Bankers Association (MBA) President and CEO Bob Broeksmit welcomed Kraninger’s ideas.

“MBA appreciates CFPB Director Kathy Kraninger’s intention to temporarily extend the GSE patch and move away from the use of a standalone debt-to-income ratio,” Broeksmit said in a statement. “MBA has urged the Bureau to eliminate the use of DTI ratios as a standalone threshold in the QM definition, which would also remove the need to use the rigid, outdated Appendix Q methodology for calculating borrower income and debt. We look forward to working with the Bureau, and other stakeholders, on the proposed rule.”

Critical Mortgage Compliance Updates for 2020

From a federal regulatory viewpoint, managing your compliance risk is an ongoing task, to say the least. As we head into 2020, here’s a list of potential changes as well as annual threshold adjustments of which to be aware. It will be necessary to update your compliance risk assessment, internal controls, and IT systems.

Annual Threshold Adjustments Effective January 1, 2020

HPML escrow exemption: The final rule, published December 23, 2019, adjusts the asset-size threshold for certain creditors to qualify for this exemption located in Regulation Z, section 1026.35(b)(2)(iii)(C) of Regulation Z. Creditors with assets of less than $2.202 billion, which includes assets of certain affiliates, as of December 31, 2019, are exempt, if other requirements of Regulation Z also are met, from establishing escrow accounts for HPMLs in 2020, and in 2021 for loans applied for by April 1, 2021.

HPML appraisal exemption: The final rule, published October 30, 2019, adjusts in Regulation Z to increase the threshold amount to $27,200 for the exemption from the special appraisal requirements for higher-priced mortgage loans.

HOEPA annual threshold: The final rule, published August 1, 2019, adjusted the total loan amount threshold for high-cost mortgages in 2020 will be $21,980. The adjusted points-and-fees dollar trigger for high-cost mortgages in 2020 will be $1,099. For qualified mortgages, which provide creditors with certain protections from liability under the Ability-to-Repay Rule, the maximum thresholds for total points and fees in 2020 will be 3 percent of the total loan amount for a loan greater than or equal to $109,898; $3,297 for a loan amount greater than or equal to $65,939 but less than $109,898; 5 percent of the total loan amount for a loan greater than or equal to $21,980 but less than $65,939; $1,099 for a loan amount greater than or equal to $13,737 but less than $21,980; and 8 percent of the total loan amount for a loan amount less than $13,737.

Residential appraisal threshold: The final rule, published October 8, 2019, increased to $400,000 the threshold for requiring an appraisal by a state certified or licensed appraiser for residential real estate transactions.

HMDA asset-size exemption: The final rule, published December 20, 2019, increases the HMDA asset-size exemption threshold for banks, savings associations, and credit unions from $46 million to $47 million. Therefore, these institutions with assets of $47 million or less as of December 31, 2019, are exempt from collecting data in 2020.

HMDA and EGRRCPA partial exemptions: The final rule, published October 10, 2019, extends for two years the current temporary threshold for collecting and reporting data about open-end lines of credit under HMDA. The rule also clarifies partial exemptions from certain HMDA requirements that Congress added in the EGRRCPA.

FinCEN penalty caps: The final rule, published October 10, 2019, made inflation adjustments of civil money penalties, as mandated by the Federal Civil Penalties Inflation Adjustment Act of 1990, as amended. The rule adjusts certain penalties within the jurisdiction of FinCEN to the maximum amount required by the Act.

Look for a final rule regarding the CRA small bank, intermediate small bank, and large bank revised definitions.

Proposed Rulemakings to Watch in 2020

CRA modernization: On December 12, 2019, the FDIC and the OCC published a Notice of Proposed Rulemaking with Request for Comment seeking to modernize the CRA. The proposed rules are intended to increase bank activity in low- and moderate-income communities where there is significant need for credit, more responsible lending, greater access to banking services, and improvements to critical infrastructure. The proposals will clarify what qualifies for credit under the CRA, enabling banks and their partners to better implement reinvestment and other activities that can benefit communities. The agencies will also create an additional definition of “assessment areas” tied to where deposits are located, ensuring that banks provide loans and other services to low- and moderate-income persons in those areas.

TRID Rule assessment: The CFPB published a Request for Comment on November 22, 2019, where an assessment will be conducted on the TRID Rule. As part of its assessment, the CFPB stated it intends to address the TRID Rule’s effectiveness in meeting the purposes and objectives of Title X of the Dodd-Frank Act, the specific goals of the rule, and other relevant factors. Section 1022(d) of the Dodd-Frank Act requires the CFPB to publish a report of its assessment within five years after the effective date of the rule being assessed. The public is invited to comment on the feasibility and effectiveness of the assessment plan, recommendations to improve the assessment plan, and recommendations for modifying, expanding, or eliminating the TRID Rule, among other questions. Comments are due by January 21, 2019.

Fair lending: On August 19, 2019, HUD published a Proposed Rule that would amend HUD’s interpretation of the FHA’s disparate impact standard to better reflect the Supreme Court’s 2015 ruling in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, Inc., and to provide clarification regarding the application of the standard to state laws governing the business of insurance.

Collection practices: On May 7, 2019, the CFPB published a Notice of Proposed Rulemaking with Request for Comment the proposed rule would provide consumers with clear protections against harassment by debt collectors and straightforward options to address or dispute debts. The NPRM would set clear, bright-line limits on the number of calls debt collectors may place to reach consumers on a weekly basis; clarify how collectors may communicate lawfully using newer technologies, such as voicemail, email and text messages, that have developed since the FDCPA’s passage in 1977; and require collectors to provide additional information to consumers to help them identify debts and respond to collection attempts. The proposal would amend Regulation F, which implements the FDCPA, to prescribe federal rules governing the activities of FDCPA-covered debt collectors. The proposal focuses on debt collection communications and disclosures and also addresses related practices by debt collectors. The CFPB also proposes that FDCPA-covered debt collectors comply with certain additional disclosure-related and record retention requirements. If a final rule is issued, the CFPB proposes that it would become effective one year after it has been published.

Privacy: With the California Consumer Protection Act and the General Data Protection Regulation, you may be impacted more than you realize. Refer to our various articles written on this topic.

More can certainly be added to this abridged list, and the intent is to start planning and keeping an eye out for regulatory change.

Fair Lending Riak Assessment

Have you ever considered fair lending risk? Do you even know what your fair lending risks are? What is your organization’s risk tolerance? As with other areas of compliance and risk management, a risk assessment can reveal strengths, weaknesses, and gaps to create action steps for forward motion. It’s better to be proactive in knowing what the risks are and certainly less costly. Because fair lending risk encompasses all aspects of every loan transaction, conducting a fair lending risk assessment is good business. And, it’s expected by your regulator.

What is a Fair Lending Risk Assessment?

Essentially, a fair lending risk assessment is the process of identifying and measuring risks inherent in your financial institution’s lending processes across the loan life cycle, and determining what internal controls and monitoring mechanisms need to be in place to reduce or minimize the occurrence of illegal discrimination.

Federal regulators utilize the risk-based approach and it would be wise for you to do the same. The risk-based approach will give you the opportunity, in an efficient manner, to apply preventive measures to mitigate fair lending risk. The fair lending risk assessment itself is the preventative measure; a tool to identify and understand specific fair lending risks inherent to your organization. Once the risk assessment is complete, you will gain a better understanding of allocating the right amount of resources to higher risk areas.

The Fair Lending Risk Assessment: Don’t Know Where to Begin?

The format, the tool, or the scale used to measure risk in your fair lending risk assessment is arbitrary. Just be consistent. There isn’t a one-size-fits all because each organization is distinct in its size, complexity, and risk tolerance. But it is important to have these key features within your risk assessment that align with the size and complexity of your financial institution:

Define and measure inherent and residual risks specific to each risk category:

Inherent risk: Consider these adjectives to describe inherent risk. Raw. Untreated. Unprocessed. It’s the pure level of risk that will occur with the current state of controls. This current state may be lacking or insufficient of which the results of the risk assessment will help you identify. Examples of inherent risk include:

Risks within your products, services, and business lines; certain products are riskier than others

Risks tied to operational insufficiencies and failures or external factors that are beyond your organization’s control

The ramifications of noncompliance that involve financial, legal, and reputational costs

Residual risk: The amount of risk that remains after applying controls to inherent risks. Risk cannot be completely eliminated; a fact that we all must accept. The level of residual risk and your organization’s risk tolerance will then determine the actions of implementing or revising controls to manage your fair lending risk.

Identify specific risk categories unique to your organization. Consider the following:

Products, services, and business lines

Geographical footprint

Marketing strategy

Your organization’s fair lending history, risk tolerance, and previous examination results

Policies, procedures, and processes

Training

Lender discretion

Exception tracking and reporting

Tracking tools and reports

Vendor management of third-party relationships

Loan originator compensation

Regulations: ECOA (adverse action notices and spousal signatures are high risk areas) and HMDA (government monitoring information)

Specific fair lending risks to evaluate: redlining, steering, underwriting, pricing, marketing, servicing

Once the information has been collected on the identified categories, a deeper dive must occur to bring those risks to the surface. This deeper dive involves asking questions, lots of them. Test assumptions. Verify processes. Validate that documented policies and procedures actually mirror what you do. Are they static or do they reflect ongoing changes?

The results of your evaluation should be documented as a fair lending risk assessment. Again, the format or scale used to capture the level of risk can be approached in many different ways. Don’t make it complicated; do what makes sense and be consistent.

The Risk Assessment is Done: Now What?

Don’t let it collect dust and become stagnant. It requires action:

Manage your fair lending risk exposure by keeping the board and senior management informed and involved.

Where gaps were identified in the risk assessment process, correct quickly by updating policies, procedures, and processes. Provide training, if necessary.

Take corrective action where needed.

Make sure monitoring and reporting are ongoing.

Fine tune your fair lending compliance program elements based on the results of your risk assessment.

Remember that this risk assessment process is necessary to your organization managing its fair lending risk with success. While you may not have the dedicated resources to accomplish this task internally, don’t let that stop you. Employing a third-party vendor is a great option and should be considered. Dig in. Get started. Gain insights. Further compliance at your organization. Grow!

Burdened by Regulations – Welcome to the Club

Regulatory compliance and risk management concerns are on the rise at U.S. lending institutions, according to the 2019 Regulatory & Risk Management Indicator released Wednesday by Wolters Kluwer. The top areas of concern were HMDA rules, cybersecurity, and credit and compliance risk. 

Lenders reported their top compliance challenges for the next years are “managing and implementing residential mortgage regulations; keeping current with changing regulations; complying with the forthcoming Current Expected Credit Loss (CECL) accounting standards; deposit account regulations; and compliance program management.” 

When it comes to implementing compliance programs, lenders’ top concern was that their institution relies on manual rather than automated compliance processes. This concern was cited by 47% of respondents in the survey, up five percentage points from last year. At the same time, 46% of firms reported they anticipate “little to no investment” in compliance automation at their institution. 

The next two top concerns were inadequate staffing, cited by 45% of lenders, and “too many competing business priorities,” cited by 44% of respondents. 

Just 16% of survey respondents indicated that their institution has a “strategic, integrated” enterprise risk management system across all departments. About 30% said their institution lacks a widespread risk management system, and another 32% reported they were unsure whether their institution had one or not. 

Lenders harbor some major concerns with certain aspects of HMDA reporting but are increasingly comfortable with other aspects of HMDA.  Lenders reported declining concerns in regards to capturing data fields and upgrading systems over the past year. 

At the same time, they reported increasing concerns in regards to training staff, analyzing new data, and reporting in the expanded data submission process. The share of lenders who cited concerns with this last factor jumped from 15% last year to 40% this year. 

Cybersecurity remains a top concern at a majority of lending institutions and 78% of lenders reported it as a top risk that will receive “escalated priority” in the next year. While cybersecurity outranks all other risks in the survey, the level is down from 81% last year. 

Other top concerns that will receive additional attention over the next year are credit risk, up from 34% to 45% and regulatory/compliance risk, up from 33% to 47%. 

“Respondents indicated more confidence in their ability to maintain compliance, keep track of changing regulations, and demonstrate compliance to regulators, reaching the highest confidence levels in the survey’s seven years,” said Timothy R. Burniston, Senior Advisor for Regulatory Strategy at Wolters Kluwer’s Compliance Solutions business. 

The percentage of lenders expressing a high level of concern with compliance was down across the four main areas surveyed, including the ability to stay compliant amid changing regulations, the ability to keep track of regulatory changes, the ability to illustrate their compliance, and the ability to manage risk across the entire institution. However, despite declining concern in all these areas over the past two years, more than half of lenders maintain a high level of concern in these areas. 

The economic factors lenders are most concerned with moving forward are interest rate fluctuations, a concern for 87% of lenders; data privacy, a concern for 85% of lenders; and a pending recession, a concern for 76% of lenders. 

Lenders do not expect regulatory relief in the next two years. Just 22% of lenders believe regulatory relief is likely during that time, compared with 48% a year ago. 

The overall Main Indicator Score for the Wolters Kluwer’s regulatory and risk management survey was 95—up 10 points from last year. The score takes into account the lender survey, which included 704 respondents this year; as well as the number of new federal regulations for the industry, the number of regulatory enforcement actions, and the total dollar amount banks and credit unions incurred in fines over the year. 

Web Statistics