All posts by synergy

Updates to Mortgage Debt Collection Rules that YOU NEED TO KNOW

WASHINGTON, D.C. – The Consumer Financial Protection Bureau (CFPB) today announced that two final rules issued under the Fair Debt Collection Practices Act (FDCPA) will take effect as planned, on November 30, 2021. The CFPB issued a proposal in April 2021 that, if finalized, would have extended the effective dates to January 29, 2022. The CFPB has now determined that such an extension is unnecessary. Following this announcement, the CFPB will publish a formal notice in the Federal Register withdrawing the April 2021 proposal.

The CFPB proposed extending the final rules’ effective date by 60 days to allow stakeholders affected by the COVID-19 pandemic additional time to review and implement the rules. The public comments generally did not support an extension. Most industry commenters stated that they would be prepared to comply with the final rules by November 30, 2021. Although consumer advocate commenters generally supported extending the effective date, they did not focus on whether additional time is needed to implement the rules. The alternative basis for an extension that many commenters urged, a reconsideration of the rules, was beyond the scope of the NPRM and could raise concerns under the Administrative Procedure Act. Nothing in this decision precludes the CFPB from reconsidering the debt collection rules at a later date.

Two final rules under the FDCPA will take effect in November. The first rule, issued in October 2020, focuses on debt collection communications and clarifies the FDCPA’s prohibitions on harassment and abuse, false or misleading representations, and unfair practices by debt collectors when collecting consumer debt. The second rule, issued in December 2020, clarifies disclosures debt collectors must provide to consumers at the beginning of collection communications. The second rule also prohibits debt collectors from suing or threatening to sue consumers on time-barred debt. Additionally, the second rule requires debt collectors to take specific steps to disclose the existence of a debt to consumers before reporting information about the debt to a consumer reporting agency.

The CFPB is committed to informing consumers about their rights and protections under the rules and assisting debt collectors in implementing them. Consumer education materials on debt collection and resources to help debt collectors understand, implement, and comply with the rules are available through

The CFPB will consider additional guidance for debt collectors, including those that service mortgage loans, as necessary. The CFPB recognizes that mortgage servicers are expected to receive a potentially historically high number of loss mitigation inquiries in the fall as large numbers of borrowers exit forbearance and that, as a result, mortgage servicers in particular may face capacity constraints. The CFPB will continue to work with all market participants to ensure a smooth and successful implementation.

The Consumer Financial Protection Bureau (CFPB) is a 21st century agency that helps consumer finance markets work by making rules more effective, by consistently and fairly enforcing those rules, and by empowering consumers to take more control over their economic lives. For more information, visit


Mortgage Lenders in Trouble for Shortcutting the Origination Process – Beware !

A former executive at Loan Depot dropped a bombshell on the mortgage industry late Wednesday, alleging in a lawsuit that the California-based nonbank lender, in a ploy to drum up money during the refi boom and in preparation for its initial public offering, closed thousands of loans without proper documentation.

The suit, filed by Tammy Richards, former chief operations officer, accuses loan Depot’s CEO, Anthony Hsieh, of ordering the sales team to “trust [their] borrowers” and close loans, disregarding proper underwriting etiquette. 

Richards claims that this demand was announced during a production meeting in August 2020, where Hsieh allegedly screamed, “I am Mello Clear, and we must immediately close loans regardless of documentation.” Top executives at Loan Depot allegedly didn’t bat an eye at Hsieh’s tactics.

After two months, the same point was made to Ms. Richards, with Hsieh allegedly announcing that the sales team needs to “close all loans…close without credit reports…close without documentation…close all loans.”

Closing loans without documentation violates federal laws, including the Dodd-Frank Act, which requires mortgage originators to follow minimum standards for all mortgage products. The landmark legislation also prohibits lenders from making loans unless they reasonably determine that the borrower can repay based on documentation that proves credit history, and current and expected income.

Officials from the Consumer Financial Protection Bureau, the Federal Housing Finance Agency and Fannie Mae and Freddie Mac did not immediately respond to requests for comment by HousingWire. 

Richards’ suit, filed in California Superior Court in Orange County, claims that her refusal to comply with Hsieh’s demands, specifically with closing loans without credit reports, resulted in her demotion in November.

Richards claims that after her demotion, executives at Loan Depot hatched a strategy dubbed “Project Alpha” in which Hsieh allegedly personally identified over 8,000 loans that were closed without proper documentation. Two-hundred processors were put in charge of closing these loans in exchange for extra bonuses at the end of the year, the lawsuit claims.

Richards accuses the CEO, who founded Loan Depot in 2009, of directing the company’s Chief Credit Officer, Brian Rugg, to refrain from auditing the 8,000 loans.

Richards, who at one point oversaw 4,000 employees, said she was eventually forced out of her job for refusing to break the rules. After a stint on medical leave, she resigned in March 2021.

The lawsuit filed by Richards also includes multiple allegations that male company executives created and enforced a “misogynistic frat house culture” that routinely led to women being harassed and demeaned. 

The nonbank mortgage lender disputed the claims made by Richards, who worked in senior roles at Wells FargoBank of AmericaCaliber Home Loans and Countrywide Financial (one of the bad actors in the subprime loan crisis) before joining Loan Depot. 

“Loan Depot is committed to operating at all times according to ethical, responsible and compliant business practices,” a statement from the company read.

“The claims in the lawsuit, which we take very seriously, were previously thoroughly investigated by independent third parties and found to be without merit,” Loan Depot said, without providing further information about who conducted these investigations and when they occurred. “We intend to defend ourselves vigorously against these outlandish allegations…”

Loan Depot, the nation’s second-largest nonbank retail mortgage lender, went public in February, selling 3.85 million shares at $14 and raising $54 million. The company filed reports that showed its revenues increased from $1.3 billion in 2019 to $4.3 billion in 2020, according to Securities and Exchange Commission filings. The company originated about $100.7 billion in loans in 2020.

Hsieh has been the biggest beneficiary of the IPO – as the largest shareholder, last year he took advantage of a one-time discretionary performance bonus of $42.5 million.

In recent months, the nonbank lender moved to appoint new faces to their board of directors, including Pamela Hughes Patenaude, a former deputy secretary of the U.S. Department of Housing and Urban Development and Mike Linton, marketing expert who currently serves as chief revenue officer at genomics firm Ancestry.

The company was trading at $6.98 late Thursday afternoon, with a valuation of $2.1 billion.


Mortgage Servicers BEWARE – CFPB is Back !

The Consumer Financial Protection Bureau is back — with a vengeance

As summer begins, while things may look relatively quiet on the CFPB mortgage servicing enforcement front, those of us who remember the CFPB’s early days following the 2008 foreclosure crisis have a different view: What we are seeing now has all the hallmarks of the calm before a huge storm.

President Joe Biden’s nomination of progressive firebrand Rohit Chopra to lead the bureau was the first hint, but the surprise move has been the very meaningful tenure of Dave Uejio as acting director. Despite his centrist credentials, Biden has skewed dramatically to the left with several key appointments and initiatives, and both he and Uejio have made racial equity an administration, and bureau, mantra. Uejio, further, is a wild card who has moved quickly to establish himself in his brief but substantive tenure as acting director.

In a video released June 2,[1] Uejio again committed the bureau to racial justice, speaking in personal terms as a Japanese-American being the “target of hatred and violence on the basis of my race.”

“Rest assured,” he concluded, the CFPB will take action against institutions and individuals whose policies and practices prevent fair and equitable access to credit, or take advantage of poor, underserved and disadvantaged communities.”

On the mortgage front, the CFPB enforcement actions we see today are primarily the product of investigations commenced before the new administration. And while the CFPB has proposed rules[2] to clarify technical aspects of COVID-19 relief implementation in loss mitigation, along with a temporary pause on foreclosures, we have yet to see the regulatory avalanche some anticipated.

But the dynamic has plainly changed, and the bureau has launched several warning volleys. On March 31, the CFPB issued Bulletin No. 2021-02,[3] aptly named “Supervision and Enforcement Priorities Regarding Housing Insecurity,” warning servicers to:

[D]edicate sufficient resources and staff to ensure they can communicate clearly with borrowers, effectively manage borrower requests for assistance, promote loss mitigation, and ultimately reduce avoidable foreclosures and foreclosure-related costs.

Further, at a recent mortgage bankers conference, Uejio warned that servicers may be entitled merely to equitable foreclosure recoveries.

Housing security is likewise a focus of CFPB research. At the bureau’s fifth research conference in early May,[4] researchers presented reports focused both on mortgage credit and housing security, “given that mortgage balances make up the largest component of household debt and housing equity accounts for the majority of wealth for the median homeowner.”

Likewise, on May 27, the bureau issued a report on manufactured house financing,[5] decrying the high interest rates and credit barriers that the bureau claims afflict that industry.

Finally, the CFPB has joined other regulators in expressing interest and seeking information about artificial intelligence.[6] Such scrutiny might adversely affect not just automated underwriting, but also the way mortgage servicers systemically deal with borrowers in distress.

This is a critical time for the CFPB, and we expect its regulatory and enforcement actions in the mortgage space to effect a sea change by 2022.

These early signals are just the beginning of what is likely to be a rocky ride for mortgage servicers. As disruptive as the past foreclosure moratoria and new loss mitigation requirements were, the result was to dramatically slow and, for long periods of time, outright stop the volume of foreclosures needing to be processed.

This period will likely be far more chaotic as servicers continue to implement the new programs and restrictions while at the same time returning to foreclosure and eviction volumes rivaling 2010. This will occur as the CFPB gears up for an intense few years of activity by ramping up staff with new hires.[7]

Consider as well that, to date, the above has been occurring against the backdrop of rapid recovery of the job market and historically low mortgage interest rates. What will happen without a full recovery, and in an environment of rising interest rates associated with inflationary pressures?

Will this become an existential moment for the CFPB? We doubt it. But, if the public, and the politicians who answer to it, come to view the CFPB as having failed in this critical moment, structural reform — toward or away from either end of the ideological spectrum — would not be a surprising future outcome after the next presidential elections.

This likely will lead to splash headlines and major enforcement efforts from the CFPB directed at mortgage servicers, and a natural political target in times of stress. Resolving a now yearslong foreclosure backlog will likely give regulators a target-rich environment in which to work.


QM Patch & What YOU Need to Know

Somehow, the qualified mortgage (QM) rules have become even more complicated. Our Financial Services & Products Group parses how the death of the QM Patch will affect creditors seeking to originate residential mortgage loans under Fannie Mae, Freddie Mac, or Consumer Financial Protection Bureau regulations.

1) QM Patch loans are no longer eligible for purchase or guarantee by Fannie or Freddie

2) 5 options for creditors originating QM loans

3) What are the revised QM loan rules?

Whether they realize it or not, absent a last-minute intervention from the Federal Housing Finance Agency (FHFA), effective July 1, 2021, creditors will no longer be able to originate qualified mortgage loans using the “QM Patch.” The reason for this dramatic event is that on April 8, 2021, Fannie Mae and Freddie Mac announced in separate pronouncements that effective for loans with application dates after June 30, 2021 (for Fannie Mae; for Freddie Mac, applications received on or after July 1, 2021), the loans must conform with the revised qualified mortgage (QM) loan rules—and cannot be QM Patch loans. Stated another way, since the FHFA is terminating the QM Patch, loans underwritten to the QM Patch after July 1, 2021 will no longer be eligible for sale to the government-sponsored enterprises (GSEs), and in effect, the QM Patch disappears after that date. This development contradicts the Consumer Financial Protection Bureau’s (CFPB) final rulemaking delaying the mandatory effective date of the revised QM rules until October 1, 2022. Under that CFPB rulemaking, during the period between March 1, 2021 and October 1, 2022, the CFPB intends for creditors to have the option of originating QM loans either under the legacy QM rules, including the QM Patch, or the revised QM rules.


On December 10, 2020, former CFPB director Kathy Kraninger issued the revised QM rules that replaced Appendix Q and strict 43% debt-to-income ratio (DTI) underwriting threshold with a priced-based QM loan definition. The revised QM rules also terminated the QM Patch, under which certain loans eligible for purchase by Fannie Mae and Freddie Mac do not have to be underwritten to Appendix Q or satisfy the capped 43% DTI requirement. The rule was to take effect on March 1, 2021, but compliance would not be mandatory until July 1, 2021. Under the rulemaking, the QM Patch would have expired on the earlier of July 1, 2021 or the date that the GSEs exit conservatorship.

On April 27, 2021, the CFPB promulgated a final rule delaying the mandatory compliance date of the revised QM rule from July 1, 2021 to October 1, 2022. Notably, under this rule, the QM Patch is extended to October 2022, which gives creditors the option of originating QM rules under either the legacy QM rules or the revised QM rules between March 1, 2021 and October 1, 2022.

This “optionality” has been partially negated by the GSEs’ April 2021 pronouncements in which they announced that they, in effect, will adhere to the mandatory effective date of the revised QM rules as originally promulgated by Kraninger in December 2020. In particular, in Fannie Mae Lender Letter 2021-09, Fannie Mae indicated it will no longer acquire loans that are QM Patch loans that do not meet the revised QM rules.

To be eligible for purchase by Fannie Mae, QM Patch loans must:

1) have application dates on or before June 30, 2021, and

2) be purchased as whole loans on or before Aug. 31, 2021, or in MBS pools with an issue date on or before Aug. 1, 2021.

Similarly, in Freddie Mac Bulletin 2021-13, Freddie Mac noted that it will no longer purchase QMs under the QM Patch effective for mortgages with “Application Received Dates” on or after July 1, 2021 and all mortgages with “Settlement Dates” after August 31, 2021.

On May 26, 2021, Fannie Mae and Freddie Mac issued additional guidance reiterating that QM Patch loans that do not meet the revised QM rule must have application dates on or before June 30, 2021. This GSE guidance indicates that single-closing construction-to-permanent loans with application dates before July 1, 2021 that meet the QM Patch (and do not meet the revised QM rules) can be purchased or securitized on or before February 28, 2022.

Under the relevant CFPB regulations governing the QM Patch, a loan must, among other things, be eligible to be “purchased or guaranteed” by Fannie Mae or Freddie Mac. Stated another way, if the loan is not eligible for purchase or guarantee by Fannie Mae or Freddie Mac, the creditor may not avail itself of the QM Patch. Therefore, the GSEs’ April 2021 pronouncements indicating that effective July 1, 2021, QM Patch loans would no longer be eligible for sale to Fannie Mae and Freddie Mac sounds the death knell for the QM Patch notwithstanding the CFPB’s intention to extend it to October 2021.

The Takeaway

1) Commencing March 1, 2021, creditors may underwrite to the revised QM rules.

2) At this juncture, for non-agency loans, the revised QM rules become mandatory on October 1, 2022.

3) For Fannie Mae and Freddie Mac, however, the revised QM rules become mandatory on July 1, 2021, meaning that the QM Patch effectively terminates on July 1, 2021—and that all loans sold to Fannie and Freddie must comply with the revised QM rules, effective July 1, 2021.

4) From March 1, 2021 until October 1, 2022, creditors not selling loans to Fannie and Freddie may continue to underwrite to the legacy QM rules; however, commencing July 1, 2021, legacy QM loans must be underwritten to Appendix Q and NOT to the QM Patch. Stated another way, since the FHFA is terminating the QM Patch, loans underwritten to the QM Patch after July 1 will no longer be eligible for sale to the GSEs, and in effect, the QM Patch disappears after that date, notwithstanding the CFPB’s intent for it to continue until October 1, 2022.

5) Hence, for non-agency loans, from July 1, 2021 until October 1, 2022, legacy QM loans must be underwritten in accordance with Appendix Q.


Current Housing Outlook

It has been a week of staggering home prices increase news which has seen the median existing home price surge to a record $350,000

while today we learned that the median new home price surged 18%, also to a record $374,400 (the average selling price was also a record $430,600)

Remarkably summing up what’s going on in the housing market, veteran housing analyst Ivy Zelman said she was seeing “hyperinflation” in the US housing “ecosystem” fraught with labor and materials bottlenecks.

Zelman’s warning comes as investors are closely watching whether a broad surge in inflation as the economy recovers from pandemic lockdowns will prove to be transitory. At least it validates one part of a recent Bank of America warning which said that the US is facing “hyperinflation” if transitory. Well we now have the hyperinflation part; for the sake of the dollar and cilivization, one can only hope that BofA is also right about the transitory part.

Speaking in a Wednesday webcast with Walker & Dunlop Chief Executive Officer Willy Walker, CEO of real estate research firm Zelman & Associates cited a truck-driver shortage along with shipping constraints and soaring costs as among the biggest problems homebuilders are facing. She underscored difficulty in moving shingles from Canada to the U.S. in particular, along with kinks in the supply chain for other staple building materials including drywall and insulation.

And, confirming the sudden drop in new transactions, Zelman also warned that home buyers are stretched.

“At some point the consumer cries uncle,” she said, quoted by Bloomberg.

She also warned that surging prices today could lead to tumbling prices tomorrow, cautioning about the impact of higher interest rates on home prices and the prospects the Fed may start to taper asset purchases. While more supply is set to come on the market eventually, Zelman sees homebuilder stocks as expensive, and she envisions a tough second half. Her cautious stance would accelerate if rates were to rise.

Perhaps in response to her warning, or today’s huge miss in new home sales, homebuilder stocks fell with the S&P homebuilding index closing down 1.2% on Wednesday after paring a drop of as much as 2.5%. Lennar Corp., M/I Homes Inc., PulteGroup Inc. and D.R. Horton Inc. were among worst performers. The index has dropped more than 13% from its all-time high in May.

Zelman’s “hyperinflation” warning echoes a recent analysis from Bank of America in which the bank’s chief economist Michelle Meyer said that the US economy “is facing an imbalance: a burst in demand has been met with constrained supply. Economics 101 tells us that when the demand curve shifts more than the supply curve, prices will rise, which continues until the balance is restored from a combination of slowing demand and greater supply.”

This narrative, Meyer said, describes the US housing market. Demand for housing climbed higher in the months following the onset of the pandemic, leaving existing home sales to reach a peak of 6.7 million saar in October, the highest since 2006. This has left builders to scramble to respond, sending building permits to a high of 1.9 million saar in January. The result: home prices and building costs have surged higher.

And while prices are soaring, the long journey to restore the equilibrium has at least started as existing home sales have come off the highs and housing starts have increased. For what it’s worth, Bank of America thinks existing home sales will continue to moderate while starts run at a high 1.6 million pace through this year and next until supply has returned to the historical average between 5-6 months, eventually allowing home price appreciation to cool. But, as Meye warns, “this will not be resolved overnight – it will be a long journey to balance the housing market.”

So yes, hyperinflation now… and utopia at some indefinite point in the future.

For those curious, BofA has summarized the recent housing trends in charts covering four key themes:

Signs from the recent data: Mortgage purchase applications and existing homes sales have been declining this year and are expected to slip further. In contrast, we see upside for new home sales and housing starts but with speed bumps due to high costs.

Surveys show discouraged buyers: As shown above, buyer sentiment has fallen to the lowest since 1982, reportedly due to high prices. But yet paradoxically homebuilder sentiment is holding close to record highs given exceptionally low inventory. This can only end in tears.

Builders are facing incredible cost pressure: All else equal, the rise in the price in lumber and related products has added over $34K to the price of a new home over the past year. The sharp gains in builder costs are starting to hold back production.

Double-digit home price gains are not sustainable: Home prices have soared over the year. The trajectory is unsustainable and price appreciation should cool next year but only slowly given the extreme imbalance between supply and demand.


Mortgage Fraud is on the Rise – Look for These Issues

As housing professionals navigate regulatory changes and accelerated tech adoption, wire and title fraud risk factors in mortgage and real estate closings increased almost 90% in the last quarter. According to an analysis by MISMO-certified wire and title fraud prevention Fintech FundingShield, wire and title fraud risk factors in mortgage and real estate closings saw an increase of 87.79% overall across all transaction types in Q1 2021. These risk factors increased from 19.02% in Q4 2020 to 35.75% in Q1 2021.

FundingShield noted that a variety of risk factors could be contributing to these numbers – for example, compliance issues and an increase in transaction data errors. In fact, the report found that 58% of loans that had at least one issue contained multiple errors per transaction.

Other risk factors included problems such as invalid representations by closing agents, invalid/expired licensing, invalid/unregistered title documents, transactions not booked in title insurers’ systems and unauthorized practice of law (UPL violation risk). Wiring and bank account issues such as wire fraud attempts, altered wire account information, compromised bank accounts, and merged and/or closed or otherwise inactive bank accounts also played a part in the increased risk to wire fraud and funding control issues.

Regulatory changes and challenges

Contributing to the risk of wire and title fraud were significant challenges in the regulatory and risk areas for lenders during the first quarter of the year. Updated regulations and an eye toward tighter enforcement have raised new potential for compliance issues – and changes can also provide opportunities for bad actors to insert themselves into the process.

On March 1, 2021, the use of the new Uniform Residential Loan Application (URLA) became mandatory, per Fannie Mae and Freddie Mac, after the impact of the coronavirus delayed last year’s planned implementation. Lenders could begin using the new URLA form, which includes 48 new data points, on Jan. 1, 2021, but it became mandatory after March 1.

In order to use the updated URLA as mandated, lenders needed to ensure that the new form was supported by their tech stack. Otherwise, implementation could potentially disrupt the origination process and lead to errors contributing to fraud risk. These workflow changes required resources from lenders to ensure compliance, which could potentially have taken resources from other risk management areas.

The first quarter of 2021 also saw a changeover in leadership as the Biden administration entered the White House. President Biden appointed FTC Commissioner Rohit Chopra to lead the Consumer Financial Protection Bureau, signaling for many that the administration could be preparing to return the CFPB to a more stringent watchdog status.

A more active approach to enforcement means lenders are likely preparing to work even harder to ensure compliance, while keeping an eye out for any regulatory changes. FundingShield has cited numerous lenders reaching out to discuss closing agent compliance strategies, given indications that third-party service provider oversight as well as the impacts of wire fraud on the industry are top of mind for regulators.

Lingering effects of COVID-19

COVID-19 has continued to have an impact on fraud risks as well, necessitating an extremely accelerated adoption of technology. While this has enabled business continuity, the disruption in normal workflows could have caused errors or created opportunities for fraudsters to step in.

Additionally, ongoing forbearance concerns and CARES Act impacts have created an environment in which criminals may take advantage of confused or concerned borrowers to commit fraud, such as identity theft, intercepting payments and email compromise.

eClosing complications

The increased acceptance and use of eClosing platforms have also contributed to the growth of wire and title fraud risk, FundingShield states in its report. According to an American Land Title Association survey of major vendors working in the remote online notarization space, the adoption of RON skyrocketed 547% in 2020 alone, in part due to more states passing permanent RON legislation as well as the need for virtual closings during the pandemic.

While eClosings have proven invaluable for health and safety and enable a faster closing cycle, these platforms and their integrated partners do not always prioritize wire and title fraud risk management and prevention. Additionally, increased closing cycle speed can create vulnerabilities in the process if data is not being actively verified on a real-time basis, providing live information to help lenders mitigate fraud.

“Third-party oversight of wire and title fraud risk is currently lacking in eClosing workflows, and until they integrate with wire and title fraud prevention fintech solutions, these risks will continue to grow,” FundingShield CEO Ike Suri said. “We are swamped with integration exercises with eClosing partners seeking to protect and secure the journey.”


Given the above challenges as well as the continued stress placed on insurance and risk markets due to COVID-19, it’s evident that preventative solutions for wire and title fraud are necessary. Lenders should work not only to educate and inform borrowers about the risks of fraud but should ensure that their technology helps prevent and manage those risks as well.

To read FundingShield’s full Wire and Title Fraud Index for Q1 2021, click here. For historical quarterly reports or further information reach [email protected]


Agressive Compliance Enforcement is Here

State Notifications Deemed to Trigger DFS Reporting of Non-material Breaches

Two successive Consent Orders have demonstrated the seriousness of non-compliance with New York’s Department of Financial Services financial regulations.  While not surprising given the relatively egregious facts of the two cases, DFS’s unprecedented interpretation of the ‘other’ reporting prong of DFS Part 500.17(a) – any notice to another regulatory authority even if the incident is not material – creates a potential hidden standard for the timing of reporting such incidents.

In March 2021, the New York State Department of Financial Services (“DFS”) entered into a consent order with Residential Mortgage Services (“Residential”), a mortgage loan service company based in Maine, which required Residential to pay a $1.5 million penalty for violating DFS’s cybersecurity regulation, as well as undertake certain remedial measures.

Residential’s cybersecurity event, defined by the regulation as “any act or attempt, successful or unsuccessful, to gain unauthorized access to, disrupt or misuse an Information System”, occurred when an employee responded to a phishing email with the false appearance of a signature of a business partner.  Although this act compromised the employee’s credentials, Residential also required a multi-factor authentication process, which typically acts as a safety net in security protocols.  Unfortunately for Residential, the employee then compounded the initial compromise by subsequently successively authenticating four fraudulent multi-factor authentication requests, after business hours, simply by tapping her phone.  On the following day, prompted by yet another fraudulent attempted authentication request, the employee notified Residential’s IT department of the compromise.  In response however, after it determined that the compromise was limited to the employee’s email, Residential did not undertake any further investigation, despite the employee’s access and use of sensitive personal identifiable financial information of Residential’s customers.  Further, Residential did not report the compromise to individuals whose personal data was potentially compromised by the hacker’s access to the email account.

Months later, Residential Mortgage Services’ Chief Information Security Officer (“CISO”) certified to DFS that Residential was in compliance with DFS cyber-security regulations.  It is not clear whether the CISO was aware of the incident, or conducted any due diligence within Residential before making the certification.  As part of a routine audit, DFS discovered certain compliance issues, undertook a more in-depth review of Residential, and ultimately uncovered the incident.

The compliance breakdowns within Residential in connection with the incident were many, presumably leading to the significant penalty to which Residential agreed:

1) Inadequate training of employees on standard security protocols;

2) Failure to implement an incident response process;

3) Failure to investigate the likely compromise of personal financial information;

4) Failure to report the likely compromise of personal financial information under state notification statutes;

5) Failure to report the incident to NYDFS (which DFS implicitly asserted is required even if the incident was not ‘material’ under DFS regulations, so long as another supervisory authority was or should have been notified); and

6) Failure to undertake appropriate due diligence before certifying compliance with DFS requirements.

Particularly worthy of note is the position by DFS that even if there was no “reasonable likelihood of materially harming any material part of the normal operation(s) of the covered entity” notice to DFS nevertheless was required because notice was required to be given “to any government body, self-regulatory agency or any other supervisory body”, specifically via state breach notification laws.

In another Consent Order entered just a few days later involving National Securities Corporation (NSC), DFS imposed a penalty of $3 million, for violations similar to those found in Residential, including improper certification of compliance notwithstanding knowledge of security shortcoming evidenced by breaches, further complicated by NSC’s failure even to implement adequate security measures, including full Multi-Factor Authentication (MFA).

As with Residential, DFS asserted that any notifications by NSC that would have been required to state authorities automatically required notifications to DFS, again implying that the materiality standard otherwise required to trigger reporting to DFS is no longer relevant.  Particularly noteworthy in the NSC order is the express reference to the 72-hour notification deadline, which DFS seemed to assert was triggered as soon as NSC became aware that state regulatory authorities had to be notified under state breach notification laws, essentially eliminating any requirement of materiality.

The potential consequences of the DFS interpretation could be quite significant for those entities regulated by DFS that experience an incident reportable to any state regulatory authority (which is required by a majority of the state breach notification laws, with varying triggering thresholds), or potentially the FDIC.  While virtually no state  requires notification sooner than “reasonably practicable”, and a few states require notification within 30 days (other than Vermont under certain circumstances, which demands 14 days), the interpretation advanced by DFS in the Residential and NSC Consent Orders, if applied in similar circumstances to other DFS-regulated entities experiencing breaches that would not otherwise be characterized as material by DFS, could have the perverse effect of substituting the DFS 72 hour deadline as the de facto default standard for all states that require notification to state authorities.1

Companies subject to the new DFS regulations or in related industries should pay particular attention to these developments for several reasons.  This enforcement was a matter of first impression and demonstrates the potential consequences of overlooking parallel notifications to DFS whenever state regulators are notified, and that incorrect DFS certifications by CISOs will be sanctioned severely.  Further, the regulation has served as a model for other regulators who are interested in a more prescriptive approach.  Following the enactment of DFS’s regulations, both the U.S. Federal Trade Commission and National Association of Insurance Commissioners have looked to the regulation as model for their own regulations, and that others are likely to follow.

1 Notice to DFS may be submitted confidentially; under 23 NYCRR 500.18, information provided is subject to exemptions from disclosure under Baking law, insurance law, financial services law, public officers law and other applicable law.  Nevertheless, a data controller subject to DFS could find itself in the unenviable position of having to file a protective notice to DFS within 72 hours of discovering a breach that could be reportable to any state regulatory authority under state law, but before having the opportunity to investigate the incident to assess its full consequences, or perhaps even its ultimate reportability if it is determined that there is no likely risk of harm to the data subject.  There are likely to be other significant derivative consequences if such protective notifications are deemed required, that any impacted entity will also have to take into account.


CFPB Focuses on Mortgage Servicing

On 5 April 2021, the Consumer Financial Protection Bureau (CFPB) solicited comments on proposed amendments to Regulation X,[1] which amendments are intended to assist mortgage borrowers impacted by the COVID-19 pandemic.[2] Though the proposal to extend the current foreclosure moratorium to January 2022 is gaining the headlines, it is important to note that the proposed amendments, if adopted, once again require modification to servicers’ existing loss mitigation programs in order to “maximize the likelihood that borrowers exiting forbearances have sufficient time to complete a loss mitigation application.”[3]

The CFPB’s proposed amendments represent the latest attempt to provide relief to residential mortgage borrowers. In March 2020, the Coronavirus Aid, Relief, and Economic Stimulus Act (CARES Act) sought to provide immediate relief to mortgage borrowers impacted by the COVID-19 pandemic. Pursuant to the CARES Act, servicers of federally-backed residential mortgage loans were required to provide homeowners impacted by COVID-19 with payment forbearance for up to 180 days and, if necessary, extend the forbearance period for another 180 days. As anticipated, numerous borrowers entered into forbearance plans and obtained extensions of the plans. Further, in June 2020, the CFPB amended Regulation X in response to the wave of forbearances to address certain streamline modification procedures introduced by Fannie Mae and Freddie Mac. Now, the CFPB is once again proposing to amend Regulation X. Although many servicers are already working with their borrowers on post-forbearance options, the CFPB’s latest proposed amendments are aimed at preventing an anticipated wave of “avoidable” foreclosures and ensuring that servicers provide any borrower facing post-forbearance foreclosure with a range of options to remain in the home.[4] If the amendments are adopted, we expect that the CFPB will use its supervisory and enforcement powers to further those objectives.

First and foremost, the CFPB’s proposal warns mortgage servicers that the industry must be prepared to adequately assist borrowers with forbearance periods that will end in the near term by taking steps to keep those borrowers in their homes. Specifically, the proposed amendment seeks to (1) codify the definition of a “COVID-19-related hardship,” (2) modify early intervention requirements to provide COVID-19-impacted borrowers with additional information regarding loss mitigation options, (3) allow servicers to use incomplete information to make determinations on certain streamlined loan modification products, and (4) implement a foreclosure review period that would generally prohibit servicers from issuing the first notice or filing on foreclosure proceedings before 1 January 2022.[5] Responding to the urgency of the situation, the CFPB seeks comments regarding the impact of the proposed changes on an expedited basis.[6] The comment period runs until 10 May 2021, with an effective date of 31 August 2021.[7]

Below, we discuss the proposed amendments and their rationale and highlight the circumstances where the CFPB expects mortgage servicers to take all necessary steps to ensure that borrowers are fully aware of loss mitigation opportunities to avoid foreclosure. 

Codifying the Definition of “COVID-19-Related Hardship”

The CFPB seeks to codify the term “COVID-19-related hardship,” which includes “a financial hardship due, directly or indirectly, to the COVID-19 emergency as defined in the Coronavirus Economic Stabilization Act, section 4022(a)(1) (15 U.S.C. 9056(a)(1)).”[8] While an immediate focus of the CARES Act was on mortgage payment forbearance, once implemented as part of the proposed amendment to Regulation X, the broad definition of a “COVID-19-related hardship” will also have an expansive application to loss mitigation and foreclosure generally. The absence of a sunset provision indicates that claims for COVID-19-related hardships may last significantly longer than the COVID-19 emergency itself. Regardless, the term’s broad scope signals that the CFPB is focused not only on borrowers who are already in forbearance programs, but also on borrowers who are currently delinquent but not yet in an active loss mitigation or forbearance program.

Changes to the Early Intervention Obligation

In its current iteration, Regulation X requires servicers to attempt to make live contact with the borrower no later than the 36th day of delinquency and specifies the steps that servicers must take when discussing loss mitigation options.[9] The CFPB proposes to modify the early intervention mandates to temporarily require servicers who make live contact to identify whether the borrower’s account is in a forbearance plan.[10] If the borrower is not in a forbearance plan, the servicer must expressly ask whether the borrower is experiencing a COVID-19-related hardship and provide information about available programs to assist the borrower, and the steps the borrower must take to benefit from those programs.[11] If the borrower is already in a forbearance plan, then during the last live contact before the end of the plan period, the servicer must provide the borrower with the date on which the forbearance plan ends, details regarding available loss mitigation options available to the borrower, and the steps needed for the borrower to obtain additional loss mitigation assistance.[12] 

In seeking comments on this section, the CFPB acknowledges the uncertainty around the level of detail that servicers must provide to borrowers regarding loss mitigation options. The CFPB seeks input on whether servicers should provide a list of all possible loss mitigation options or only those applicable based on the type of forbearance program the borrower had previously entered.[13] Nevertheless, the CFPB’s comments make clear that it is imperative that borrowers, particularly those already in forbearance programs, receive sufficient and timely information so that those borrowers do not shift from forbearance directly to foreclosure without sufficient notice of their options and the opportunity to avail themselves of those options.[14] Given the uncertainty regarding the level of detail that must be provided, servicers will need to be flexible and consider how to adjust their processes to ensure that their customer service representatives provide the requisite level of detail during live contact sessions.

Use of Incomplete Application for Loss Mitigation Analysis

Currently, servicers cannot make a loss mitigation offer to a borrower based on an incomplete application unless permitted by the exceptions set forth in Regulation X.[15] In the summer of 2020, the CFPB enacted Section 1024.41(c)(v) to allow for limited review of incomplete applications as it relates to the deferral of forborne payments.[16] The CFPB now proposes to add another exception that authorizes servicers to issue loan modifications based on incomplete applications where the borrower meets the following criteria:

(1) the loan modification extends the term of the loan no more than 480 months and does not cause an increase in the required principal and interest payment;

(2) any amounts that are deferred until refinance, sale, or maturity do not accrue interest; the servicer does not charge a fee for the modification; and the servicer waives all late charges, penalties, stop payment fees, or similar charges upon acceptance of the modification;

(3) the loan modification is made available to borrowers experiencing a COVID-19-related hardship; and

(4) either the borrower’s acceptance of the loan modification or acceptance of the loan modification through satisfaction of a trial plan must resolve any preexisting delinquency.[17]

If the borrower accepts a loan modification based on the above criteria, the servicer is not obligated to comply with the requirements to provide notice of receipt and review a loan modification application as set forth in other sections of Regulation X. The proposed regulations, however, would require a servicer to immediately resume loss mitigation efforts if the borrower fails to fulfill the trial plan requirements or if the borrower requests additional assistance.[18] 

In explaining the newly-proposed amendments, the CFPB notes that the COVID-19 pandemic presented an extraordinary circumstance and that borrowers suffering from the pandemic’s social and financial impacts may not be able to complete full applications.[19] The proposed amendments state that many of the streamlined modifications use simplified application procedures and do not require complete loss mitigation applications.[20] In allowing certain modifications to proceed without requiring complete applications, the CFPB recognizes that servicers need flexibility to efficiently evaluate loan modification options and ensure that the servicers can devote their resources accordingly. The CFPB believes that if servicers can avoid having to track down additional information and grant an investor-approved modification based on streamlined information, servicers can then refocus efforts to continue loss mitigation outreach to impacted borrowers.[21]

These proposed amendments are not without risk. Servicers will need to continue to closely scrutinize how they can implement the loss mitigation provisions without running into some of the same litigation issues arising out of the Home Affordable Modification Program (HAMP) established in 2008. Although successful in providing loan modifications to numerous borrowers, servicers’ HAMP efforts led to a host of litigation, ranging from individual lawsuits to class actions in state and federal courts throughout the country, as well as challenges in bankruptcy courts through adversary proceedings and objections to servicers’ claims and payment change notices.[22] Litigation focused on loss mitigation is likely to mimic HAMP related litigation, and could include disputes regarding the affordability of modifications offered at the end of the forbearance period, the terms of the modifications (including trial plan terms and payments), the servicer’s and investor’s decision to not offer certain loss mitigation options, and the impact of unpaid escrow amounts owed on payments following a modification. If the CFPB enacts the proposed amendments, servicers should take care that they continue to document all aspects of the loss mitigation process and provide a clear explanation to borrowers regarding the type and terms of any loan modification offered following forbearance to minimize the risks of a HAMP-like litigation wave in 2022 and beyond. 

Implementation of Special COVID-19 Emergency Pre-Foreclosure Review Requirements 

In response to the COVID-19 pandemic, foreclosure moratoriums were implemented by state executive orders, federal agency decisions, and investor mandates. As the COVID-19 emergency begins to wane, certain jurisdictions and investors are positioning to relax foreclosure moratoriums. In the absence of any foreclosure moratorium, a servicer is ordinarily prohibited from issuing the first notice or filing required by applicable law for any judicial or non-judicial foreclosure process, unless: (a) the account is more than 120 days past due, (b) the foreclosure is based on a violation of the due-at-sale clause, or (c) the servicer is joining a foreclosure brought by a superior or subordinate lienholder.[23]

With the proposed amendments, the CFPB seeks to add a new paragraph (3) to Section 1024.41(f), requiring a servicer to wait until after 31 December 2021 to issue the first notice or filing.[24] As proposed, a servicer can only proceed with the first notice before 31 December 2021 if the first notice is as a result of (a) a violation of the due-at-sale clause, or (b) the servicer joining a foreclosure brought by another lienholder.[25] The CFPB’s stated goal in limiting the first notice or filing is to ensure that every borrower has the ability to understand and take advantage of all suitable loss mitigation options prior to foreclosure.[26] The CFPB is concerned that borrowers and servicers may need additional time to provide meaningful opportunities to evaluate foreclosure avoidance options.[27] In fact, under the proposed regulations, a servicer’s failure to timely attend to loss mitigation could result in violations of Regulation X.[28] Although the operational enhancements adopted in the wake of the 2008 financial crisis placed servicers in a better position to handle a high volume of defaulted accounts, and although many servicers have already adapted to the new rules and guidance following the enactment of the CARES Act, the CFPB nevertheless believes that servicers have faced, and will face, significant challenges in responding to fast-changing circumstances such that additional regulation is warranted.[29]

Additionally, the CFPB seeks to clarify whether servicers should be permitted to foreclose in situations where the borrower fails to respond to outreach efforts. Specifically, the CFPB is considering exemptions that would allow servicers to make the first foreclosure notice or filing before 31 December 2021 if (1) the servicer has completed a loss mitigation review and the borrower is not eligible for any program, or (2) the servicer has made certain efforts to contact the borrower and the borrower has not responded (“potential foreclosure exemptions”).[30] To the extent that servicers support the potential foreclosure exemptions and wish to begin foreclosure efforts prior to 31 December 2021, servicers must ensure that sufficient documentation exists to support the potential foreclosure exemption and to limit risk associated with challenges as to whether an account meets the potential foreclosure exemption criteria.


If implemented, the CFPB’s proposed changes to Regulation X will mandate how servicers must evaluate loan modification applications and foreclosures in the near term, and how servicers must handle their early intervention live contact attempts. Servicers should consider whether the CFPB’s expectations clash with the reality of business operations and begin to prepare now for the influx of loss mitigation requests that will likely occur in the coming months. If nothing else, the proposed amendments signal that the CFPB expects that servicers must provide any borrower experiencing a COVID-19-related hardship with the opportunity to participate in loss mitigation efforts. Similarly, servicers can expect that compliance with the new rules will be a priority for the CFPB moving forward. Perhaps most importantly, servicers must recognize that failure to comply with the proposed amendments, if enacted, could result in adverse CFPB actions, individual and class action litigation by borrowers in state, federal, and bankruptcy courts, and other negative consequences.


Beware ! CFPB Initiates “REDLINING” Enforcement Action Against Mortgage Lender

A&B ABstract:

Recently, the Consumer Financial Protection Bureau (“CFPB”) brought its first ever redlining case against a non-depository institution. While the CFPB has yet to issue guidance regarding how it would evaluate a non-bank lender’s activities for potential redlining, the CFPB’s allegations in this case provide some insight to mortgage lenders regarding compliance expectations.


On July 15, 2020, the CFPB filed a complaint in the U.S. District Court for the Northern District of Illinois against Townstone Financial, Inc. (“Townstone”), alleging that the mortgage lender engaged in the redlining of African-American neighborhoods in the Chicago Metropolitan Statistical Area (“MSA”) in violation of the Equal Credit Opportunity Act (“ECOA”) and, in turn, the Consumer Financial Protection Act (“CFPA”).

The complaint does not assert any claims under the Fair Housing Act (“FHA”), as that fair lending statute is enforced by the U.S. Department of Housing and Urban Development (“HUD”) and the U.S. Department of Justice (“DOJ”). Typically, “redlining” refers to a specific form of discrimination whereby the lender provides unequal access to, or unequal terms of, credit because of the prohibited basis characteristics of the residents of the area in which the loan applicant resides or in which the residential property to be mortgaged is located.

The Complaint

According to the complaint, during the January 1, 2014 to December 31, 2017 time period, Townstone “engaged in unlawful redlining and acts or practices directed at prospective applicants that would discourage prospective applicants, on the basis of race, from applying for credit in the Chicago MSA.” In support of this claim, the CFPB asserts that Townstone’s weekly marketing radio shows and podcasts included statements about African Americans and predominantly African-American neighborhoods (using terms such as “scary” and “jungle”) that would discourage African-American prospective applicants from applying to Townstone for mortgage loans.

Lack of Direct Marketing

Apart from the allegations regarding Townstone’s radio shows and podcasts, the complaint does not point to any intentional conduct or effort by Townstone to discriminate against African Americans or African-American neighborhoods. Rather, the complaint arrives at a general conclusion that Townstone “made no effort to market directly to African Americans.” In support of this statement, the CFPB notes that Townstone did not specifically target any marketing toward African-Americans and did not employ an African-American loan officer among its 17 loan officers in the Chicago MSA. As a result, Townstone received few applications from African-Americans and only a handful of applications from residents of majority African-American neighborhoods.

However, with respect to the allegation that Townstone did not specifically target any marketing toward African-Americans, the CFPB concedes that Townstone generated 90% of its applications from radio advertising on an AM radio station that “reached the entire Chicago MSA” and thus included residents of majority African-American neighborhoods. Further, with respect to the allegation that Townstone did not employ any African-American loan officers, it is unclear how the CFPB expects that the race of a particular loan officer would have increased the number of applications from members from the same racial group, since Townstone’s business model relied upon leads received through radio advertising rather than referrals.


HUD and DOJ brought early redlining cases under a disparate treatment theory of discrimination, which requires evidence of a lender’s discriminatory motive or intent. More recently, federal regulatory agencies have based redlining claims on statistical evidence that demonstrates a lender’s failure to market to, and infiltrate, geographic areas that have a strong minority presence.

Data Support

As further support for its claim against Townstone, the CFPB cites to data comparing the loan applications received by Townstone with those of its peer mortgage lenders. While only 1.4% of the loan applications received by Townstone were from African Americans, the average among peer lenders was 9.8%. Similarly, only between 1.4% and 2.3% of Townstone’s loan applications came from majority African-American neighborhoods, while the average among peer lenders was between 7.6% and 8.2%. In further support of its claim, the CFPB argues that African Americans make up approximately 30% of the population of Chicago, though fails to note the Chicago MSA’s African-American population of approximately 16%.

Given this data, the complaint asserts that Townstone acted to meet the credit needs of majority-white neighborhoods in the Chicago MSA while avoiding the credit needs of majority African-American neighborhoods. As a result, the CFPB alleges that Townstone thereby discouraged prospective applicants from applying to Townstone for mortgage loans in those neighborhoods.

Townstone’s Response

In response to the allegations, Townstone has published a fact sheet defending itself against the CFPB’s claim and noting its efforts to “reach as broad a geographic area as possible” by considering legitimate, non-discriminatory factors such as signal strength, and referencing other marketing measures specifically targeted at the African-American community. Further, Townstone has hired a third-party expert to help demonstrate how Townstone is not an outlier among its peers.


The complaint illustrates the CFPB’s position that non-bank lenders can be held liable for redlining even though they are not subject to Community Reinvestment Act requirements regarding meeting the needs of an entire assessment area. Further, the complaint reminds lenders that their performance – measured primarily by number of loan applications received – will be compared against that of other lenders with similar size and loan origination volume. As such, lenders seeking to mitigate fair lending risk should evaluate the geographic distribution of their lending activity to determine whether, during a particular time period, they were significantly less likely to take loan applications from minority areas than non-minority areas.

CFPB’s Pursuit of Redlining Claim

More importantly, the complaint demonstrates the CFPB’s willingness to pursue a redlining claim absent the traditional allegation that the lender sought to draw a “red line” around a particular demographic group or geographic area. Townstone’s radio advertising was not restricted to a particular demographic group or geographic area, nor could Townstone have altered the radio signals somehow to include or exclude particular groups or geographic areas. Further, Townstone had no control over the demographics of the AM radio station’s audience or that of particular radio shows.

Rather than alleging a traditional claim of redlining (i.e., actively avoiding a particular demographic group or geographic area), the CFPB seeks to hold Townstone liable for failing to conduct affirmative outreach and marketing to African-Americans. For example, the CFPB points out that Townstone had no African-American loan officers. Yet a lender’s failure to perform affirmative outreach to certain demographic groups or geographic areas, including by hiring loan officers of a particular demographic group, does not constitute redlining – nor are such actions required by ECOA.

The only allegation that Townstone redlined, in the traditional sense, is that its employees made statements that may have been intended to discourage African-American consumers from seeking a loan from Townstone. It is unclear whether these statements were intended to be commercial speech or merely ad hoc commentary regarding local current events.

ECOA Claim

Finally, it is worth noting that ECOA prohibits a creditor from discriminating against any “applicant,” which Regulation B clarifies to include prospective applicants. While the complaint alleges that Townstone discriminated against both prospective applicants and applicants, the CFPB makes no claim that Townstone’s actions had any effect on consumers who already had applied for a loan.

Ultimately, the complaint appears to signal the CFPB’s return to more aggressive and creative redlining enforcement under ECOA, and the mortgage industry may need to consider a more comprehensive approach to compliance to avoid regulatory risk.


What is a “Seasoned” QM Loan

Lenders approve qualified mortgages (QM), knowing Fannie or Freddie will buy them – but they could buy “seasoned QM loans” if lenders hold them for a period of time.

WASHINGTON, D.C. – The Consumer Financial Protection Bureau (CFPB) issued a notice of proposed rulemaking (NPRM) to create a new category of “seasoned qualified “mortgages. CFPB says the new loan category should encourage innovation and help ensure access to responsible affordability in the mortgage credit market.

A seasoned loan under the proposal is held by lenders for a while. During that time, the buyers prove that they can handle it and, under the proposed lending criteria, Fannie Mae or Freddie Mac will then buy the loan, just as it does now for qualified mortgages (QM). CFPB is calling them a Seasoned QM. In general, the new loan category would lower the risk for banks to approve less qualified borrowers.

Seasoned QMs under the proposal would have to be first-lien, fixed-rate transactions that have met certain performance requirements over a 36-month seasoning period. They’d have to be held in the lender’s portfolio during the seasoning period, comply with general restrictions on product features and points and fees, and meet some underwriting requirements.

To be a Seasoned QM, the proposal also requires the creditor to consider and verify the consumer’s debt-to-income ratio (DTI) or residual income at origination.

To become a Seasoned QM, a loan could have no more than two 30-day delinquencies and no delinquencies of 60 or more days at the end of the seasoning period. A disaster or pandemic-related national emergency, under certain conditions, would not necessarily disqualify a loan from becoming a Seasoned QM if the consumer receives a temporary payment accommodation.

“Today’s proposal continues the (CFPB’s) work to encourage safe and responsible innovation in the mortgage origination market,” says CFPB Director Kathleen L. Kraninger. “Our goal through our very deliberative rulemaking process is to protect, promote and preserve the financial well-being of American consumers, while at the same time offering access to responsible, affordable mortgage credit.”

The announcement follows two NPRMs from June. The first proposes to amend the General QM definition in Regulation Z to replace the debt-to-income limit with a price-based approach.

The second NPRM proposes to amend Regulation Z to extend a temporary QM definition known as the Government-Sponsored Enterprise Patch to expire upon the effective date of the final rule proposed in the first NPRM.


Web Statistics