Category Archives: Mortgage Banking

California’s New Privacy Law and its Impact on Your Mortgage Lending

On January 1, 2020, the California Consumer Privacy Act (CCPA) became effective and has been described as one of the most comprehensive consumer privacy initiatives ever to be codified into law. Because of its wide implications for businesses throughout the state of California, a panel of legal representatives explained how it could impact the reverse mortgage business during the National Reverse Mortgage Lenders Association (NRMLA) Annual Meeting in Nashville, Tenn.

Though the law was originally passed in June of 2018 under the administration of the last governor, Jerry Brown, the law only recently went into effect and has some major implications due to its large scope. Because California stands as a major source of reverse mortgage business, the implications of the new law will affect large numbers of individuals and entities in the industry who conduct business within the state.

Brief history

Intended to give California consumers more general say over how much of their personal data is collected and used by businesses operating in the state, the CCPA provides further enforcement to language found in the California state constitution, which describes privacy as an “inalienable” right for Californians. During their presentation at the NRMLA Annual Meeting, attorneys Soroush Shahin of Weiner, Brodsky, Kider and Jay Wright of Bradley Arant Boult Cummings LLP described the law as the “broadest and most comprehensive privacy law in the United States to date.”

According to the language of the bill introduced to the California State Assembly in February of 2018, some of the specific intentions of the law are to let consumers know what personal data is being collected about them and if sold, to whom; allow them to decline the sale of personal data; to give them access to their personal data; allow them to request a business to delete personal information that a business may have collected about them; and to not be discriminated against for exercising rights to privacy.

While its scope is broad, the CCPA does not universally apply to all business operating within California. Instead, a company has to meet one of these three requirements in order to require compliance with the new law: it has annual gross revenues in excess of $25 million; buys or sells the personal information of 50,000 or more consumers and/or households; or earns more than half of its annual revenue from selling the personal information of its consumers.

According to Shahin and Wright, the California legislature passed CCPA in quick succession in order to avert a proposed ballot initiative which would’ve sought even more stringent privacy requirements on the state’s businesses, and that rush to pass the law ultimately led to a degree of ambiguity and uncertainty in terms of how it will apply now that it is in effect.

How the law could impact the reverse mortgage business

Among some issues that have specific relevance to the reverse mortgage industry, one reverse mortgage professional in attendance at the event asked the lawyers whether or not there are any specific verification processes that can be used to properly vet a borrower based on identifiable attributes such as Social Security number.

“Masked data is permissible,” Wright says, referring to using only a partial Social Security number for borrower identification purposes. “You’re certainly prohibited from getting the entire Social Security number from a borrower through fear of potentially releasing other customer data as a part of that [inquiry]. You may need to tweak your policies and procedures to ensure they comply with CCPA.”

Another attendee who is not employed by a lending entity asked if the application of the law would extend to institutions other than lenders, and the broadness of the law clearly illustrates that it does, Shahin explains.

“If you’re a for-profit entity and you collect more than 50,000 pieces of personal information from consumers or devices, it’s extremely broad,” he says. “It’s not just limited to lenders. Any entity that meets those thresholds will be subject to CCPA.”

In general, the scope which qualifies as “personal information” is similarly broad, the attorneys say. It counts as, “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”

Examples of what does not qualify as personal information under the letter of the law includes publicly available information, aggregate consumer information or “deidentified information” which has had personally-identifiable elements removed before being released.

Lender responses

Several reverse mortgage lenders have taken recommended actions in terms of providing disclosures and policies specifically for California residents in light of CCPA’s passage. In terms of the disclosures, several major reverse mortgage lenders have created California-specific portals and web pages in order to comply with the requirements of the new law.

For instance, 1st Reverse Mortgage USA specifies on its dedicated CCPA web notice the policies and practices inherent in its various uses of consumer information, along with details concerning what information is collected, how that information is gathered, and how that information is used in the regular course of 1st Reverse’s business.

Also included is a notice about how personal information collected by 1st Reverse is not sold, but is shared among some third-party partners in order to accomplish certain business requirements.

Open Mortgage features both a CCPA notice and a CCPA-bolstered privacy policy, but also informs consumers that much of the data it collects does not necessarily fall under the jurisdiction of the new law.

“[I]t is important to note that CCPA provides exemptions to companies that have consumer data that is necessary to carry out their business. A majority of the data that Open Mortgage collects is exempt from CCPA as it falls under federal privacy laws set out by the Gramm Leach Bliley Act (GLBA) and cannot, as a result, be part of the [law’s required] Opt-Out request,” the Open Mortgage notice reads. “We are GLBA compliant and protect your data to our fullest capability. So, Open Mortgage will receive your Opt-Out request via the option you select, and will work to remove any data that is not exempt.”

Similarly, Champion Mortgage details its own exemptions from the CCPA under the same principles, due to compliance with GLBA.

“The personal information (PI) that we collect, process or share in connection with the reverse mortgage loans we service is safeguarded under federal requirements and is exempt from the CCPA,” the Champion notice reads.

Activity of other states

While there aren’t necessarily other laws with the scope of CCPA being deliberated in other states, there is momentum in other jurisdictions for further protection of consumer information, Wright says.

“Maine and Nevada have passed state laws pertaining to privacy issues, and there are a number of states that have had consumer data privacy statutes that have been introduced and may be passed in the upcoming legislative sessions,” he says. “There’s movement in 11 or 12 other states. Obviously California is the most significant, and to date the toughest rules with which we’re going to have to contend.”

Still, regulations can change, and the reverse mortgage industry is still in a state of flux concerning compliance with these new privacy requirements. The significance of the topic is immense, and businesses in general are expected to spend billions of dollars in legal or regulatory compliance costs over the upcoming year, Wright says.

Anyone subject to upcoming privacy rules should have active conversations internally, and potentially with counsel to make sure that compliance with existing or upcoming privacy rules is maintained, Wright adds.

Source : https://reversemortgagedaily.com/2020/01/21/how-a-new-california-privacy-law-could-impact-reverse-mortgages/

Future of Compliance in the Mortgage Industry

QC 2.0: Next Generation of Quality Control for the Mortgage Industry

By Steve Spies, SWS Risk Advisory

The last mortgage war is over. The mortgage loan quality battles raged from 2008 until the tide turned around 2015. The war was won by the industry’s embrace of quality standards rivaling industries known for their precision manufacturing processes. Rolex would give a tip of the cap to the mortgage industry’s >99.5 percent significant defect accuracy rate. But that long needed permanent investment in quality control was designed for a high document, labor intensive and low-tech world. Digitization, risk proliferation, and the competitive onslaught requires a new mind set for using quality control dollars to survive in the era of Big Data. In short, time to pivot from defense to offense, and this month I lay out a plan to do that.

In next month’s issue, I will take a stab at forecasting the industry’s progress over the next decade in automating the credit decision process in alignment with loan quality requirements. Spoiler Alert: Even though great gains will be made in the routine aspects of the industry, like closing docs, with underwriting and QC, every mortgage is like a thumbprint. Each loan is so borrower unique that big challenges in credit data standardization prevents tech from providing anything close to a 100 percent solution in the next ten years. Count me a doubter that “within two years the majority of mortgages won’t need a human touch.”

Part One

Mortgage QC 2.0—The Best Defense is a Good Offense

Quality Control as an offensive weapon has three main attributes:

  1. Proactive – 80 percent real-time, pre-closing, 20 percent post-close
  2. Profit centered – strategic, targeted QC driving continuous bottom line improvement across the enterprise reducing costly manufacturing defects.
  3. Data driven, human applied – Artificial Intelligence (AI) and Tech rightfully power QC 2.0, but needs extreme discipline to ensure accurate data quality and interpretation.

Proactive:

It’s important to distinguish quality assurance from quality control. Quality assurance is making sure customer expectations are met before the transaction is completed. Quality control is a post-closing validation that the manufacturing process worked as intended and as required by law and investors. Most lenders only intentionally invest in back-end quality control as an audit compliance necessity. During the crisis, QC became synonymous with repurchase avoidance, and then a defense against stricter legal and regulatory compliance standards. Those foundational, post-manufacturing duties must continue, but the GSEs have committed to long-term repurchase risk minimization. This incentivizes resource reallocation to managing quality while creating your product or service. Embedding a quality assurance feedback loop in the product delivery process prevents mistakes from impacting your customers. Have you analyzed the cost of reworking a loan? The price of a lost customer? Getting it right the first time flows right to the bottom line and keeps coveted customer surveys and social media ratings high. It’s not unreasonable to shift 80 percent of your overall loan quality dollars into pre-delivery because QC technology has developed robust pre-funding QC modules, reporting, and feedback loops, possibly with an overall reduced QC budget.

More importantly, as repurchase defects are so rare, quality assurance can focus on manufacturing errors that really cost you money. Over processing, wastes, and delays are eating your lunch now. Mortgage lenders are well aware that the percentage of “just got lucky” defects is much higher than the approximately .5 percent industry repurchase error rate. These impactful defects generally don’t require repurchase when the overall loan credit profile is strong. However, the same mistake on loans with marginal credit parameters might require financial remediation if not outright repurchase. Lenders should have a sense of urgency about this; it’s time to optimize manufacturing quality before the inevitable recession and the typical erosion in loan quality that comes with it. Only proactive QC improves or preserves profits, the second pillar of next generation QC.

Profit Centered:

I recently outlined the case that strategic lenders will view QC as a profit engine. To recap, the cost to originate a loan is pushing $10,000, which cannot last. The industry is constantly bemoaning over documentation and sending loans back through underwriting five or six times due to faulty or errant documentation. And we can’t help ourselves from throwing more and more money at originators. The cost of implementing all the technological bells and whistles may add hundreds of dollars per loan with questionable payback. And that assumes implementation of these tech tools is seamless and accurate. And finally, of course, lenders are absorbing a backbreaking amount of increased compliance and regulatory costs.

Forward-thinking lenders realize investing in quality control as a real-time feedback mechanism drives continuous improvement to revenue and cost. Shifting your mindset from QC as a no news is good news role, to a powerful proactive source of improvement may separate winners and losers. It’s likely no other function in your organization dissects every step and every document on a sample of your loans every month. QC’s timely results drives costs savings now, rather than some imagined future state.

In case you missed it, here are the five immediate ways I suggested your QC work can lower costs and improve revenue:

  1. Underwriting overlays – needed or overly cautious?
  2. Required documents – eliminate CYA docs
  3. Rework – loan defects slowing down the process?
  4. Technology – promised savings being realized?
  5. Liquidity– repurchase/loss reserves excessive?

Here are couple more interesting possibilities:

  1. People – coaching up those with most defects is an easy win
  2. Loan type – self-employed taking twice as long?

Just a couple hours brainstorming your QC results will drive a long list of high impact opportunities. Rather than mechanically sampling and reporting on repurchase and compliance, the more advanced reporting tools from QC vendors and inhouse systems can be plumbed for endless insight into company operations. Engage your QC team or vendor to generate improvement ideas, gather market intel, stop overkill, and prevent mistakes.

Data Driven – Human Applied

There is no looking back on the digitization of business processes, and QC is no exception. In fact, because its main purpose is data analysis, either in a document or a raw data point itself, QC lends itself to automation better than other parts of the business. AI and machine learning excel at spotting when two or multiple pieces of information don’t make sense in relation to each other. Lenders’ investment in these tools requires at least two guardrails. First, implement with a purpose, either driving front-end improvement to a manufacturing weakness, or spotting troubling quality issues or fraud patterns post-close. Don’t act without a plausible ROI. Second, ROI calculations must factor in that AI and Robotics often generate high false positive rates. Chasing down too many inaccurate red flags destroys the benefit and numbs the staff from acting on real risk indicators.

The Big Data era is driving a generational shift in mortgage origination, from customer acquisition to fulfillment, underwriting and closing. Of course, this shift creates new frontiers for quality control. Any investment in data driven solutions comes with a big piece of yellow caution tape around it. Even though we have the technology and skill to spot defects with data, the data quality curve is just emerging. Most mortgage file credit elements lack standardization and controls around data creation, transmission, and protection. Borrowing a baseball analogy, income and employment data integrity is barely out of the first inning. Add in that humans are handling this data at some point introduces everything from normal error, to biased interpretation, to outright manipulation. By comparison, because of widely agreed upon format and data definitions, appraisal data standardization and digitization approaches the late innings. Regardless of where a piece of technology claims to be in the game, QC must lead in testing data quality and holding vendors accountable for data accuracy claims. Confirmation bias can be rampant amid the glamour of new technology.

To keep pace with mortgage digitization, QC must develop data quality testing expertise. But don’t be fooled by tech providers claiming to verify direct from the “source of truth.” This term mistakenly entered industry lexicon believing that going to the “source;” for example, an employer makes it the “truth” for purposes of credit decisioning. I prefer the terms “primary sources” and “alternative sources.” An employer is a primary source for employment information, but its “truth” depends on the employer’s approach to an array of consistency, definitional, and reporting needs. For starters: Did the income vendor interpret and map the employer paystub fields correctly? Did they manually manipulate the data in any way? Did your loan origination system import the data correctly? Your QC team must independently validate and analyze data quality at all points during its digital journey.

A single source for data also complicates independent validation. QC should lead development of secondary sources to confirm accuracy and reasonableness that don’t rely on the primary source. For instance, can LinkedIn give us independent insight on employment status? Even in today’s mostly manual world, we seldom rely on one source of corroboration. As an example, we now get up to four pieces of primary data on employment and income: a paystub, W-2, verbal verification of employment, and sometimes tax returns. Further, relying on a single source opens that source up to targeted manipulation and falsification. Fooling ourselves that QC’s no longer necessary will be the biggest mistake of all. Quite the opposite. By assuming an unvalidated primary source is always accurate, we potentially back into another version of no-doc loans.

Hoping to optimize speed and cost, AI advocates imagine a world where a sufficiently predictive credit decision can be made from modeling publicly available information. Proponents say it’s a straightforward algorithm by mining social media, credit scores, and everything else the internet knows about us. Then, it’s a simple matter of pricing for the modeled default risk. No need for documentation or other controls. Just consider the accuracy of your own internet footprint to know that data quality concerns grow exponentially with such an approach. And pricing for risk was one of the mistakes at the heart of the last crisis. By design, a pricing for risk approach assumes some borrowers lose their homes and is contrary to the goal of sustainable home ownership. My view is no matter the sophistication of the decision engine, we can never comprise the fundamentals of independently establishing borrower willingness and ability to repay a debt.

With these limits on how far “data and done” can carry us, in next month’s issue I share my vision for the next decade’s wins and challenges in pursuit of the digital mortgage.

Source: https://www.mortgagebankermag.com/quality-assurance/qc-2-0-next-generation-of-quality-control-for-the-mortgage-industry/

Compliance Hotspots for Management to Watch in 2020 !

2020: Compliance Risk Management Check-Up

From a federal regulatory viewpoint, managing your compliance risk is an ongoing task, to say the least. As we head into 2020, here’s a list of potential changes as well as annual threshold adjustments of which to be aware. It will be necessary to update your compliance risk assessment, internal controls, and IT systems.

Annual Threshold Adjustments Effective January 1, 2020

  1. HPML escrow exemption: The final rule, published December 23, 2019, adjusts the asset-size threshold for certain creditors to qualify for this exemption located in Regulation Z, section 1026.35(b)(2)(iii)(C) of Regulation Z. Creditors with assets of less than $2.202 billion, which includes assets of certain affiliates, as of December 31, 2019, are exempt, if other requirements of Regulation Z also are met, from establishing escrow accounts for HPMLs in 2020, and in 2021 for loans applied for by April 1, 2021.
  2. HPML appraisal exemption: The final rule, published October 30, 2019, adjusts in Regulation Z to increase the threshold amount to $27,200 for the exemption from the special appraisal requirements for higher-priced mortgage loans.
  3. HOEPA annual threshold: The final rule, published August 1, 2019, adjusted the total loan amount threshold for high-cost mortgages in 2020 will be $21,980. The adjusted points-and-fees dollar trigger for high-cost mortgages in 2020 will be $1,099. For qualified mortgages, which provide creditors with certain protections from liability under the Ability-to-Repay Rule, the maximum thresholds for total points and fees in 2020 will be 3 percent of the total loan amount for a loan greater than or equal to $109,898; $3,297 for a loan amount greater than or equal to $65,939 but less than $109,898; 5 percent of the total loan amount for a loan greater than or equal to $21,980 but less than $65,939; $1,099 for a loan amount greater than or equal to $13,737 but less than $21,980; and 8 percent of the total loan amount for a loan amount less than $13,737.
  4. Residential appraisal threshold: The final rule, published October 8, 2019, increased to $400,000 the threshold for requiring an appraisal by a state certified or licensed appraiser for residential real estate transactions.
  5. HMDA asset-size exemption: The final rule, published December 20, 2019, increases the HMDA asset-size exemption threshold for banks, savings associations, and credit unions from $46 million to $47 million. Therefore, these institutions with assets of $47 million or less as of December 31, 2019, are exempt from collecting data in 2020.
  6. HMDA and EGRRCPA partial exemptions: The final rule, published October 10, 2019, extends for two years the current temporary threshold for collecting and reporting data about open-end lines of credit under HMDA. The rule also clarifies partial exemptions from certain HMDA requirements that Congress added in the EGRRCPA.
  7. FinCEN penalty caps: The final rule, published October 10, 2019, made inflation adjustments of civil money penalties, as mandated by the Federal Civil Penalties Inflation Adjustment Act of 1990, as amended. The rule adjusts certain penalties within the jurisdiction of FinCEN to the maximum amount required by the Act.
  8. Look for a final rule regarding the CRA small bank, intermediate small bank, and large bank revised definitions.

Proposed Rulemakings to Watch in 2020

  1. CRA modernization: On December 12, 2019, the FDIC and the OCC published a Notice of Proposed Rulemaking with Request for Comment seeking to modernize the CRA. The proposed rules are intended to increase bank activity in low- and moderate-income communities where there is significant need for credit, more responsible lending, greater access to banking services, and improvements to critical infrastructure. The proposals will clarify what qualifies for credit under the CRA, enabling banks and their partners to better implement reinvestment and other activities that can benefit communities. The agencies will also create an additional definition of “assessment areas” tied to where deposits are located, ensuring that banks provide loans and other services to low- and moderate-income persons in those areas.
  2. TRID Rule assessment: The CFPB published a Request for Comment on November 22, 2019, where an assessment will be conducted on the TRID Rule. As part of its assessment, the CFPB stated it intends to address the TRID Rule’s effectiveness in meeting the purposes and objectives of Title X of the Dodd-Frank Act, the specific goals of the rule, and other relevant factors. Section 1022(d) of the Dodd-Frank Act requires the CFPB to publish a report of its assessment within five years after the effective date of the rule being assessed. The public is invited to comment on the feasibility and effectiveness of the assessment plan, recommendations to improve the assessment plan, and recommendations for modifying, expanding, or eliminating the TRID Rule, among other questions. Comments are due by January 21, 2019.
  3. Fair lending: On August 19, 2019, HUD published a Proposed Rule that would amend HUD’s interpretation of the FHA’s disparate impact standard to better reflect the Supreme Court’s 2015 ruling in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, Inc., and to provide clarification regarding the application of the standard to state laws governing the business of insurance.
  4. Collection practices: On May 7, 2019, the CFPB published a Notice of Proposed Rulemaking with Request for Comment the proposed rule would provide consumers with clear protections against harassment by debt collectors and straightforward options to address or dispute debts. The NPRM would set clear, bright-line limits on the number of calls debt collectors may place to reach consumers on a weekly basis; clarify how collectors may communicate lawfully using newer technologies, such as voicemail, email and text messages, that have developed since the FDCPA’s passage in 1977; and require collectors to provide additional information to consumers to help them identify debts and respond to collection attempts. The proposal would amend Regulation F, which implements the FDCPA, to prescribe federal rules governing the activities of FDCPA-covered debt collectors. The proposal focuses on debt collection communications and disclosures and also addresses related practices by debt collectors. The CFPB also proposes that FDCPA-covered debt collectors comply with certain additional disclosure-related and record retention requirements. If a final rule is issued, the CFPB proposes that it would become effective one year after it has been published.
  5. Privacy: With the California Consumer Protection Act and the General Data Protection Regulation, you may be impacted more than you realize. Refer to our various articles written on this topic.

More can certainly be added to this abridged list, and the intent is to start planning and keeping an eye out for regulatory change.

Around the Industry:

Happening Now

Fannie Mae and Freddie Mac recently announced the revised implementation timeline for their redesigned Uniform Residential Loan Application (URLA) and updated automated underwriting systems. Lenders may begin using the revised URLA and submitting loan applications to the new AUS September 1. 2020. All applications received on or after November 1, 2020, must use the revised URLA. Starting November 1, 2021, Fannie Mae and Freddie Mac will no longer accept applications using the current URLA format.

MCM Q&A

We encourage you to read, reread, or review our December issue of the best read articles of 2019, specially chosen by our editor.

Source: https://www.mortgagebankermag.com/weekly-newsline/2020-compliance-risk-management-check-up/

Latest Developments on the ATR/QM Rule

The Consumer Financial Protection Bureau (CFPB) is proposing a change to its Ability-to-Repay/Qualified Mortgage (ATR/QM) rule.

In a letter to Sen. Mike Rounds (R-SD), chairman of the Senate Subcommittee on Financial Institutions and Consumer Protection, CFPB Director Kathleen Kraninger noted her agency’s Advanced Notice of Proposed Rulemaking (ANPR) regarding the ATR/QM rule, pointing out the QM requirement that the consumer’s debt-to-income ratio (DTI) cannot exceed 43 percent and adding that standard is not necessary for loans that qualify for the GSE Patch (also known as the QM Patch) which is set to expire in January 2021.

Kraninger informed Rounds that based on the ANPR input, the CFPB “has decided to propose an amendment to the Rule which would move away from DTI and instead include an alternative, such as a pricing threshold (i.e., the different between the loan’s annual percentage rate (APR) and the average prime offer rate (APOR) for a comparable transaction). The proposed alternative would be intended to better ensure that responsible, affordable mortgage credit remains available to consumer in a manner consistent with the purposes of Sections 129B and C of the Truth-in-Lending Act (TILA) and to facilitate compliance with those sections.”

Kraninger also stated that the CFPB expects to propose extending the QM Patch expiration “for a short period” until either the proposed alternative is put into place of the government-sponsored enterprises exit federal conservatorship. A Notice of Proposed Rulemaking on this matter is being planned for no later than May, Kraninger added.

Furthermore, Kraninger said the CFPB was considering an addition to the existing rule that offered a “seasoning” approach that would “create an alternative pathway to QM safe-harbor status for certain mortgages when the borrower has consistently made timely payments for a period.”

Mortgage Bankers Association (MBA) President and CEO Bob Broeksmit welcomed Kraninger’s ideas.

“MBA appreciates CFPB Director Kathy Kraninger’s intention to temporarily extend the GSE patch and move away from the use of a standalone debt-to-income ratio,” Broeksmit said in a statement. “MBA has urged the Bureau to eliminate the use of DTI ratios as a standalone threshold in the QM definition, which would also remove the need to use the rigid, outdated Appendix Q methodology for calculating borrower income and debt. We look forward to working with the Bureau, and other stakeholders, on the proposed rule.”

Critical Mortgage Compliance Updates for 2020

From a federal regulatory viewpoint, managing your compliance risk is an ongoing task, to say the least. As we head into 2020, here’s a list of potential changes as well as annual threshold adjustments of which to be aware. It will be necessary to update your compliance risk assessment, internal controls, and IT systems.

Annual Threshold Adjustments Effective January 1, 2020

HPML escrow exemption: The final rule, published December 23, 2019, adjusts the asset-size threshold for certain creditors to qualify for this exemption located in Regulation Z, section 1026.35(b)(2)(iii)(C) of Regulation Z. Creditors with assets of less than $2.202 billion, which includes assets of certain affiliates, as of December 31, 2019, are exempt, if other requirements of Regulation Z also are met, from establishing escrow accounts for HPMLs in 2020, and in 2021 for loans applied for by April 1, 2021.

HPML appraisal exemption: The final rule, published October 30, 2019, adjusts in Regulation Z to increase the threshold amount to $27,200 for the exemption from the special appraisal requirements for higher-priced mortgage loans.

HOEPA annual threshold: The final rule, published August 1, 2019, adjusted the total loan amount threshold for high-cost mortgages in 2020 will be $21,980. The adjusted points-and-fees dollar trigger for high-cost mortgages in 2020 will be $1,099. For qualified mortgages, which provide creditors with certain protections from liability under the Ability-to-Repay Rule, the maximum thresholds for total points and fees in 2020 will be 3 percent of the total loan amount for a loan greater than or equal to $109,898; $3,297 for a loan amount greater than or equal to $65,939 but less than $109,898; 5 percent of the total loan amount for a loan greater than or equal to $21,980 but less than $65,939; $1,099 for a loan amount greater than or equal to $13,737 but less than $21,980; and 8 percent of the total loan amount for a loan amount less than $13,737.

Residential appraisal threshold: The final rule, published October 8, 2019, increased to $400,000 the threshold for requiring an appraisal by a state certified or licensed appraiser for residential real estate transactions.

HMDA asset-size exemption: The final rule, published December 20, 2019, increases the HMDA asset-size exemption threshold for banks, savings associations, and credit unions from $46 million to $47 million. Therefore, these institutions with assets of $47 million or less as of December 31, 2019, are exempt from collecting data in 2020.

HMDA and EGRRCPA partial exemptions: The final rule, published October 10, 2019, extends for two years the current temporary threshold for collecting and reporting data about open-end lines of credit under HMDA. The rule also clarifies partial exemptions from certain HMDA requirements that Congress added in the EGRRCPA.

FinCEN penalty caps: The final rule, published October 10, 2019, made inflation adjustments of civil money penalties, as mandated by the Federal Civil Penalties Inflation Adjustment Act of 1990, as amended. The rule adjusts certain penalties within the jurisdiction of FinCEN to the maximum amount required by the Act.

Look for a final rule regarding the CRA small bank, intermediate small bank, and large bank revised definitions.

Proposed Rulemakings to Watch in 2020

CRA modernization: On December 12, 2019, the FDIC and the OCC published a Notice of Proposed Rulemaking with Request for Comment seeking to modernize the CRA. The proposed rules are intended to increase bank activity in low- and moderate-income communities where there is significant need for credit, more responsible lending, greater access to banking services, and improvements to critical infrastructure. The proposals will clarify what qualifies for credit under the CRA, enabling banks and their partners to better implement reinvestment and other activities that can benefit communities. The agencies will also create an additional definition of “assessment areas” tied to where deposits are located, ensuring that banks provide loans and other services to low- and moderate-income persons in those areas.

TRID Rule assessment: The CFPB published a Request for Comment on November 22, 2019, where an assessment will be conducted on the TRID Rule. As part of its assessment, the CFPB stated it intends to address the TRID Rule’s effectiveness in meeting the purposes and objectives of Title X of the Dodd-Frank Act, the specific goals of the rule, and other relevant factors. Section 1022(d) of the Dodd-Frank Act requires the CFPB to publish a report of its assessment within five years after the effective date of the rule being assessed. The public is invited to comment on the feasibility and effectiveness of the assessment plan, recommendations to improve the assessment plan, and recommendations for modifying, expanding, or eliminating the TRID Rule, among other questions. Comments are due by January 21, 2019.

Fair lending: On August 19, 2019, HUD published a Proposed Rule that would amend HUD’s interpretation of the FHA’s disparate impact standard to better reflect the Supreme Court’s 2015 ruling in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, Inc., and to provide clarification regarding the application of the standard to state laws governing the business of insurance.

Collection practices: On May 7, 2019, the CFPB published a Notice of Proposed Rulemaking with Request for Comment the proposed rule would provide consumers with clear protections against harassment by debt collectors and straightforward options to address or dispute debts. The NPRM would set clear, bright-line limits on the number of calls debt collectors may place to reach consumers on a weekly basis; clarify how collectors may communicate lawfully using newer technologies, such as voicemail, email and text messages, that have developed since the FDCPA’s passage in 1977; and require collectors to provide additional information to consumers to help them identify debts and respond to collection attempts. The proposal would amend Regulation F, which implements the FDCPA, to prescribe federal rules governing the activities of FDCPA-covered debt collectors. The proposal focuses on debt collection communications and disclosures and also addresses related practices by debt collectors. The CFPB also proposes that FDCPA-covered debt collectors comply with certain additional disclosure-related and record retention requirements. If a final rule is issued, the CFPB proposes that it would become effective one year after it has been published.

Privacy: With the California Consumer Protection Act and the General Data Protection Regulation, you may be impacted more than you realize. Refer to our various articles written on this topic.

More can certainly be added to this abridged list, and the intent is to start planning and keeping an eye out for regulatory change.

Fair Lending Riak Assessment

Have you ever considered fair lending risk? Do you even know what your fair lending risks are? What is your organization’s risk tolerance? As with other areas of compliance and risk management, a risk assessment can reveal strengths, weaknesses, and gaps to create action steps for forward motion. It’s better to be proactive in knowing what the risks are and certainly less costly. Because fair lending risk encompasses all aspects of every loan transaction, conducting a fair lending risk assessment is good business. And, it’s expected by your regulator.

What is a Fair Lending Risk Assessment?

Essentially, a fair lending risk assessment is the process of identifying and measuring risks inherent in your financial institution’s lending processes across the loan life cycle, and determining what internal controls and monitoring mechanisms need to be in place to reduce or minimize the occurrence of illegal discrimination.

Federal regulators utilize the risk-based approach and it would be wise for you to do the same. The risk-based approach will give you the opportunity, in an efficient manner, to apply preventive measures to mitigate fair lending risk. The fair lending risk assessment itself is the preventative measure; a tool to identify and understand specific fair lending risks inherent to your organization. Once the risk assessment is complete, you will gain a better understanding of allocating the right amount of resources to higher risk areas.

The Fair Lending Risk Assessment: Don’t Know Where to Begin?

The format, the tool, or the scale used to measure risk in your fair lending risk assessment is arbitrary. Just be consistent. There isn’t a one-size-fits all because each organization is distinct in its size, complexity, and risk tolerance. But it is important to have these key features within your risk assessment that align with the size and complexity of your financial institution:

Define and measure inherent and residual risks specific to each risk category:

Inherent risk: Consider these adjectives to describe inherent risk. Raw. Untreated. Unprocessed. It’s the pure level of risk that will occur with the current state of controls. This current state may be lacking or insufficient of which the results of the risk assessment will help you identify. Examples of inherent risk include:

Risks within your products, services, and business lines; certain products are riskier than others

Risks tied to operational insufficiencies and failures or external factors that are beyond your organization’s control

The ramifications of noncompliance that involve financial, legal, and reputational costs

Residual risk: The amount of risk that remains after applying controls to inherent risks. Risk cannot be completely eliminated; a fact that we all must accept. The level of residual risk and your organization’s risk tolerance will then determine the actions of implementing or revising controls to manage your fair lending risk.

Identify specific risk categories unique to your organization. Consider the following:

Products, services, and business lines

Geographical footprint

Marketing strategy

Your organization’s fair lending history, risk tolerance, and previous examination results

Policies, procedures, and processes

Training

Lender discretion

Exception tracking and reporting

Tracking tools and reports

Vendor management of third-party relationships

Loan originator compensation

Regulations: ECOA (adverse action notices and spousal signatures are high risk areas) and HMDA (government monitoring information)

Specific fair lending risks to evaluate: redlining, steering, underwriting, pricing, marketing, servicing

Once the information has been collected on the identified categories, a deeper dive must occur to bring those risks to the surface. This deeper dive involves asking questions, lots of them. Test assumptions. Verify processes. Validate that documented policies and procedures actually mirror what you do. Are they static or do they reflect ongoing changes?

The results of your evaluation should be documented as a fair lending risk assessment. Again, the format or scale used to capture the level of risk can be approached in many different ways. Don’t make it complicated; do what makes sense and be consistent.

The Risk Assessment is Done: Now What?

Don’t let it collect dust and become stagnant. It requires action:

Manage your fair lending risk exposure by keeping the board and senior management informed and involved.

Where gaps were identified in the risk assessment process, correct quickly by updating policies, procedures, and processes. Provide training, if necessary.

Take corrective action where needed.

Make sure monitoring and reporting are ongoing.

Fine tune your fair lending compliance program elements based on the results of your risk assessment.

Remember that this risk assessment process is necessary to your organization managing its fair lending risk with success. While you may not have the dedicated resources to accomplish this task internally, don’t let that stop you. Employing a third-party vendor is a great option and should be considered. Dig in. Get started. Gain insights. Further compliance at your organization. Grow!

Burdened by Regulations – Welcome to the Club

Regulatory compliance and risk management concerns are on the rise at U.S. lending institutions, according to the 2019 Regulatory & Risk Management Indicator released Wednesday by Wolters Kluwer. The top areas of concern were HMDA rules, cybersecurity, and credit and compliance risk. 

Lenders reported their top compliance challenges for the next years are “managing and implementing residential mortgage regulations; keeping current with changing regulations; complying with the forthcoming Current Expected Credit Loss (CECL) accounting standards; deposit account regulations; and compliance program management.” 

When it comes to implementing compliance programs, lenders’ top concern was that their institution relies on manual rather than automated compliance processes. This concern was cited by 47% of respondents in the survey, up five percentage points from last year. At the same time, 46% of firms reported they anticipate “little to no investment” in compliance automation at their institution. 

The next two top concerns were inadequate staffing, cited by 45% of lenders, and “too many competing business priorities,” cited by 44% of respondents. 

Just 16% of survey respondents indicated that their institution has a “strategic, integrated” enterprise risk management system across all departments. About 30% said their institution lacks a widespread risk management system, and another 32% reported they were unsure whether their institution had one or not. 

Lenders harbor some major concerns with certain aspects of HMDA reporting but are increasingly comfortable with other aspects of HMDA.  Lenders reported declining concerns in regards to capturing data fields and upgrading systems over the past year. 

At the same time, they reported increasing concerns in regards to training staff, analyzing new data, and reporting in the expanded data submission process. The share of lenders who cited concerns with this last factor jumped from 15% last year to 40% this year. 

Cybersecurity remains a top concern at a majority of lending institutions and 78% of lenders reported it as a top risk that will receive “escalated priority” in the next year. While cybersecurity outranks all other risks in the survey, the level is down from 81% last year. 

Other top concerns that will receive additional attention over the next year are credit risk, up from 34% to 45% and regulatory/compliance risk, up from 33% to 47%. 

“Respondents indicated more confidence in their ability to maintain compliance, keep track of changing regulations, and demonstrate compliance to regulators, reaching the highest confidence levels in the survey’s seven years,” said Timothy R. Burniston, Senior Advisor for Regulatory Strategy at Wolters Kluwer’s Compliance Solutions business. 

The percentage of lenders expressing a high level of concern with compliance was down across the four main areas surveyed, including the ability to stay compliant amid changing regulations, the ability to keep track of regulatory changes, the ability to illustrate their compliance, and the ability to manage risk across the entire institution. However, despite declining concern in all these areas over the past two years, more than half of lenders maintain a high level of concern in these areas. 

The economic factors lenders are most concerned with moving forward are interest rate fluctuations, a concern for 87% of lenders; data privacy, a concern for 85% of lenders; and a pending recession, a concern for 76% of lenders. 

Lenders do not expect regulatory relief in the next two years. Just 22% of lenders believe regulatory relief is likely during that time, compared with 48% a year ago. 

The overall Main Indicator Score for the Wolters Kluwer’s regulatory and risk management survey was 95—up 10 points from last year. The score takes into account the lender survey, which included 704 respondents this year; as well as the number of new federal regulations for the industry, the number of regulatory enforcement actions, and the total dollar amount banks and credit unions incurred in fines over the year. 

Mortgage Lenders Beware !!

WASHINGTON (Reuters) – A U.S. regulatory panel is recommending increased federal and state oversight of nonbank mortgage lenders and servicers, saying for the first time in a report on Wednesday that their growing presence in the sector may threaten financial stability.

The panel of top U.S. regulators led by the Treasury Department had never flagged the issue as a systemic risk in previous annual reports, only that it was keeping an eye on the nonbank mortgage market. The report, which called overall risks to the financial system “moderate,” is not binding but could serve as a blueprint for policymakers in the coming months.

The Financial Stability Oversight Council report said nonbank lenders now account for more than half of all new mortgages but are not subject to the same rigorous scrutiny as traditional banks.

Nonbanks originate 51% of all new mortgages compared with just 10% at the height of the subprime mortgage crisis in 2009, according to the panel of the top U.S. regulators which is tasked with identifying systemic risks. Nonbanks service 47% of outstanding mortgages compared to 6% in 2009, it added.

A raft of regulatory and legal problems stemming from the subprime mortgage crisis discouraged banks from extending home loans to riskier borrowers. Bank regulations on mortgage lending have also tightened, which may also have led nonbanks to grab on a larger share, the panel said.

“However, most nonbank mortgage companies have fewer resources to absorb adverse shocks and are more dependent on short-term funding than banks,” according to the report.

Need to Know Compliance Factors Surrounding An “Application”

A lot of factors need to be clearly understood regarding the application, and certainly in just considering Regulation B, you need to know the requirements. Definition of an application, what you do before you have an application, and what you do after you have an application all matter. Other laws and regulations have different definitions of an application, so the waters can get murky without appropriate knowledge and training.

According to Regulation B, an application is an oral or written request for an extension of credit that is made in accordance with a creditor’s procedures used for the type of credit requested. Consumers will often inquire about loan terms. When is an inquiry not an application? An inquiry is not an application when:

A consumer calls to ask about loan terms and an employee explains the creditor’s basic loan terms, such as interest rates, loan-to-value ratio, and debt-to-income ratio.

A consumer asks about terms for a loan to purchase a home and tells the loan officer her income and intended downpayment, but the loan officer only explains the creditor’s loan-to-value ratio policy and other basic lending policies, without telling the consumer whether she qualifies for the loan.

A consumer calls to ask about terms for a loan to purchase vacant land and states his income and the sales price of the property to be financed, and asks whether he qualifies for a loan; the employee responds by describing the general lending policies, explaining that he would need to look at all of the consumer’s qualifications before making a decision, and offering to send an application form to the consumer.

Here’s an example of an application: A consumer asks you, the mortgage lender, to “preapprove” her for a loan to finance a home purchase and you review the request under a program in which your institution, after a comprehensive analysis of her creditworthiness, you issue a written commitment valid for a designated period of time to extend a loan up to a specified amount. The written commitment may not be subject to conditions other than conditions that require the identification of adequate collateral, conditions that require no material change in the applicant’s financial condition or creditworthiness prior to funding the loan, and limited conditions that are not related to the financial condition or creditworthiness of the applicant that your institution ordinarily attaches to a traditional application, such as certification of a clear termite inspection for a home purchase loan.

It’s also important to know the meaning of a completed application because notification requirements hinge on this. A completed application is an application in connection with which a creditor has received all the information that the creditor regularly obtains and considers in evaluating applications for the amount and type of credit requested. This may include, but is not limited to, credit reports, any additional information requested from the applicant, and any approvals or reports by governmental agencies or other persons that are necessary to guarantee, insure, or provide security for the credit or collateral. As a lender, you need to exercise reasonable diligence in obtaining such information. For example, you should request information from third parties, such as a credit report, promptly after receiving the application. If additional information is needed from the applicant, such as an address or a telephone number to verify employment, you should contact the applicant promptly. Continue to grow in your compliance career by gaining knowledge, experience what you’re learning, and receive coaching or mentoring. One regulation at a time.

Around the Industry:

Happening Now

The OCC recently issued Bulletin 2019-43 to remind banks that engage appraisal management companies (AMCs) of the new registration requirement for AMCs that became effective on August 10, 2019. Under this requirement, AMCs must register with the state or states in which they do business and must be subject to state supervision. Federal law bars AMCs from providing appraisal management services to financial institutions for consumer credit transactions secured by a consumer’s principal dwelling that are federally related transactions if the AMCs are not registered as required. The bulletin discusses considerations for banks with regard to confirming AMC registration as part of sound third-party risk management and suggests alternatives that banks can use when no registered AMCs are available. The OCC’s rules on banks’ use of AMCs can be found in 12 CFR 34, subpart H. The same requirements are included in the Federal Reserve Board’s Regulation H, subpart E, and the FDIC’s requirements are found in 12 CFR 323 subpart B.

Marketing & Social Media – What YOU Need to Know

Your marketing team excitedly presents their new social media campaigns; they’ve carefully thought through demographics, brand consistency and their budget—everything looks great! Then, like the proverbial needle screeching across a record, compliance walks in the room. Now what? This article suggests several ways you can stand out from your competitors, while minimizing the risk of litigation arising from deceptive marketing or implied discrimination.
 
Compliance concerns

In addition to state laws governing mortgage advertising, at least two federal regulatory agencies prosecute mortgage lenders for deceptive advertising. According to the Consumer Financial Protection Bureau (CFPB), most violations fall into four categories: 


►Potential misrepresentations about government affiliation: For example, ads containing official-looking seals or logos, or having other characteristics that may be interpreted by consumers as indicating a government affiliation.
►Potentially inaccurate information about interest rates: For example, ads promoting low rates that may mislead consumers about the terms of the product actually offered, or advertising rates that are not generally available.
►Potentially misleading statements concerning the costs of reverse mortgages: For example, ads for reverse mortgage products claiming that a consumer will have no payments in connection with the product, even though consumers with a reverse mortgage are commonly required to continue to make monthly or other periodic tax or insurance payments, and may risk default if the payments aren’t made.
►Potential misrepresentations about the amount of cash or credit available to a consumer: For example, ads containing a mock check and/or suggesting that a consumer has been pre-approved to receive a certain amount of money in connection with refinancing their mortgage or taking out a reverse mortgage, when a number of additional steps would customarily need to be completed before the consumer would qualify for the loan.

Ballard-Spahr LLP has a good list of additional examples of deceptive ads:
►Suggesting with a VA loan, that the rate being offered was part of an “economic stimulus plan” that will expire shortly
►Potential inaccurate information about interest rates, such as indicating a “fixed” rate for a variable rate loan
►Potential misrepresentations that the consumer is pre-approved for or guaranteed specific rates or terms
►Advertisements offering a very low “fixed” mortgage rate, without discussing significant loan terms
►Advertisements containing statements, images, symbols, and abbreviations suggesting that an advertiser is affiliated with a government agency
►Advertisements “guaranteeing” approval and offering very low monthly payments, without discussing significant conditions on these offers

Standing out on social media
Given the risk of bad messaging, social media advertising may feel like losing control–especially since most social media sites allow the public to comment then share their comments. What if someone puts non-compliant information into a comment or says you improperly denied them a loan? Fortunately, you can start with social media accounts that allow you to control comments on your posts. Here are some tips for controlling content and comments on popular social media sites.

Facebook
You can maintain control on Facebook by turning off comments for your posts. On the screen where you add a caption or location to your post, tap “Advanced Settings,” then tap “Turn Off Commenting.” This allows you to post your messages and allows other users to share them, while controlling the content seen on your page. If you have a large enough team, you can also make a team member your Facebook monitor with responsibility for hiding or deleting non-compliant comments. Take care with this approach—if people think you are deleting all negative feedback, they may just post more of it. We suggest you have a clear policy on your page that tells consumers what you delete, “We reserve the right to hide comments that may violate mortgage lending advertising laws” plus a short description of what that means, “Posts which include actual rates offered, posts that include incorrect information about the loans we offer …”

LinkedIn
Like Facebook, LinkedIn allows you to disable commenting on your posts so you can ease into your social media presence. It’s often the first social platform a firm tries since you can also control most elements of your firm’s page—including colors and company information. LinkedIn allows your loan officers to connect themselves to your company page which gives borrowers an easy way to learn more about your team.

Pro tips
►You can set up more than one page on LinkedIn–this is helpful if you run campaigns for different types of borrowers. For example, a credit union may offer both purchase and refinance loans. By creating Showcase pages, the credit union can tailor messages, information and links to those two types of borrower.
►Ask your employees to use a common picture or logo for their header so borrowers experience the same “look and feel” as they navigate between your company page, showcase pages and team member profiles.
►Make sure all pictures look professional and backgrounds are in line with your brand guidelines. While some loan officers may think that picture of their dog water-skiing is great, you should encourage them to change it to a professional headshot or your logo.
►Help your team understand what they can freely post on LinkedIn, what is inappropriate for your brand and what needs compliance approval. For example, linking to articles in industry magazines is probably fine, posting about personal activities may be inappropriate and sharing borrower pictures or stories may need compliance approval.

Instagram
Instagram also allows you to disable commenting on your posts and is increasingly preferred by Millennials and Gen Z over Facebook. All of the guidelines and tips for LinkedIn apply to Instagram.

Twitter
Many lenders take a pass on Twitter because you cannot prevent comments or delete them. Twitter’s business model of openness and free speech is a great fit for other consumer product companies, but may not be a good fit for lenders who need to comply with strict communication guidelines.

Emerging sites
Sites catering to building communities are growing, especially in urban areas. Let’s look at one example, Nextdoor.com. Nextdoor is like Facebook for almost 200,000 U.S., U.K. and Netherlands’ neighborhoods, (up from 100,000 in 2016). Users turn to the site to share information about crime, list items for sale, and get recommendations. Nextdoor includes a real estate section with features similar to Realtor.com or Zillow – users can look at homes for sale in their area or another neighborhood and see ads for service providers including mortgage lenders. You can control your content, showcase and add content by claiming your business page on the site. Then you can update your business information and start participating in the community. You can also create advertisements and campaigns, for which you’ll pay a fee. 
Summary
We’ve looked at key compliance communication concerns and thought about ways you can adjust the settings on many social media sites to control messages to borrowers. Since Facebook, LinkedIn and Instagram may be crowded with your competitors, we explored other online opportunities to reach potential borrowers and target your marketing spend to your licensed states and branch locations. If you are at the beginning of your social media journey, we suggest you engage compliance early, understand each Web site’s control features and think about emerging sites to complement your marketing strategy.

Deborah Hill, VP of customer success and operations at MortgageHippo, has more than 10 years of experience helping financial services customers gain efficiencies through their implementation and use of software. Before joining MortgageHippo, Deborah consulted and held board positions with several early-stage fintech firms.

This article originally appeared in the July 2019 print edition of National Mortgage Professional Magazine.

Web Statistics