REQUIRED READING: One of the recurring plot lines of the USA Network series ‘Suits’ is the main character's remarkable ability to remember everything he's ever seen or read about the law. If that character ever decides to go into the mortgage business, he might not need to rely on an advanced loan origination system (LOS) or compliance software to run his business. But, of course, the rest of us do.
Think about it: How could any executive or even a team of managers manually track all of the rules that govern mortgage lending today? There are now approximately 350 federal, state and local rules and regulations that could apply to a specific loan, depending on where it is originated. And even if you had a photographic memory and knew all the rules, how would you know if the rest of your organization and the other parties you deal with – correspondents, brokers, vendors, etc. – had followed them?
Increasingly, the only way to ensure compliance is through automation. This is the way a growing number of lenders, investors and regulators are testing for compliance.
And if you think compliance is complex and fraught with risks now, just wait. As an industry, we've yet to see how the Dodd-Frank Act will define a qualified mortgage and what will constitute compliance. Similarly, the new Consumer Financial Protection Bureau (CFPB) is currently working on its interpretation and enforcement of Unfair Deceptive and Abusive Acts and Practices (UDAAP). Many observers believe that UDAAP, as well as new, broader interpretations of the Community Reinvestment Act rules, will significantly raise the bar in terms of compliance and risk for banks and lenders.
The new Y2K
Remember the threat of Y2K and how it sent the business world scrambling to upgrade their enterprise software packages? An argument could easily be made that the tsunami of new banking regulations has turned compliance into the equivalent of Y2K for our industry. It is certainly driving new interest in LOS and technology.
Today, originators and bankers are keenly aware that they are operating in a zero-tolerance environment, whether they are originating, aggregating, selling or securitizing loans. Make a mistake and most likely you will face consequences in the form of a loss on a loan, a buyback demand, a mortgage insurance cancellation and a fine or, depending on the seriousness of the infraction, even criminal charges.
Investors are actively encouraging originators to take advantage of all available compliance, fraud-detection and quality-assurance tools. It's one of the reasons that we have an embedded compliance engine in our LOS to streamline the process for our users. And of course, most LOS now connect to all major compliance solutions.
Historically, compliance and quality assurance reviews, at the investor level, were done either manually or by using proprietary systems. Recently, however, large investors and the government-sponsored enterprises have begun to integrate leading compliance software into their processes. One of the advantages of using these compliance software packages is that they streamline the review process.Â
For example, originators have the option of sharing their results directly with investors, so an aggregator can see the same data that was returned to the originator, reducing the need to order redundant reports and, at the same time, eliminating cost and accelerating the review process.
Compliance certificates are evolving much the same way automated underwriting engines evolved in the late 1990s. Investors are starting to require them as part of the origination process to help qualify the quality and risk associated with the loans they purchase.
Up, up and UDAAP
Today, LOS and compliance software are primarily helping our industry deal with major federal and state rules. Over the past several years, these systems have evolved to the point where they can automatically handle the following chores:Â Â
- Block loans from unlicensed originators;
- Flag high-cost loans;
- Catch ‘dual compensation’ violations;
- Identify common Truth in Lending Act under-disclosures due to mistreatment of fees;
- Prevent the use of outdated forms and HUD-1 sets;
- Alert managers to key disclosure deadlines and milestones;
- Refuse to print or ship files until all the necessary fields have been completed;
- Check for appraisal compliance;
- Streamline loan-level Home Mortgage Disclosure Act processing and end-of-year reporting; and
- Provide transparency to and test for investor overlays.
But the Dodd-Frank Act is about to up the ante significantly in terms of compliance by defining what a qualified mortgage (QM) is and determine what steps a lender and investor must take to make the determination that a consumer has been given a ‘safe’ loan.
Currently, the CFPB is considering two options to determine lender compliance regarding the proposed QM: A safe-harbor approach that focuses primarily on product design, or a more complex, subjective approach based on the borrowers' capacity to pay. In either case, lenders and investors will be facing greater risks for non-compliance and will rely heavily on LOS and compliance technology to quantify, make and then document their decisions.
Even more daunting, however, is the prospect of UDAAP, which could greatly expand the definition of compliance. Conceivably it could require bankers and lenders not only to prove they have done nothing wrong, but also to demonstrate affirmatively that what they did do was ‘fair.’
In determining what's fair and what's abusive, rule makers will be subjectively looking at the interaction between individual consumers and their banks. They will be trying to determine whether the consumer had the information and the capacity to understand specific mortgage products and how they work, and whether the bank acted in the consumer's best interest. Additionally, compliance areas that were commonly given less attention by lenders previously, such as marketing practices, pricing and advertising, will come under a microscope under UDAAP with the hundreds of examiners the CFPB plans to have.
At this point, it is too early to tell how LOS and mortgage technology will solve these challenges. But it is safe to say that capturing the data that goes into these decisions, and the information provided to the consumers and their informed consent will be critical elements of future UDAAP solutions. Clearly, the topic of compliance is moving from the back room to the corner office.
Richard Roof is senior vice president of Ellie Mae, based in Pleasanton, Calif. He can be reached at (925) 227-9043.
