PERSON OF THE WEEK: Keven Smith is president and CEO of Mortgage Builder Software, an end-to-end provider of technology to the mortgage banking industry. MortgageOrb recently interviewed Smith to learn more about the security challenges today's cloud-based loan origination system (LOS) and servicing software providers face.
Q: What are the challenges in developing loan origination and servicing software systems due to the recent changes in the mortgage market, such as compliance requirements?
Smith: Compliance is developing into a partnership between lenders and their software providers. We are constantly working on making certain that documents, tracking capabilities and reporting are fully compliant, but we don't work in a vacuum. We have always found direct user input to be essential, and that has led us to conduct regular compliance roundtables with our clients to hear their thoughts and concerns. This bi-directional flow of information has helped us address compliance issues and perform our function of helping clients stay well within regulatory guidelines.
We have found these open lines of communication, whether at compliance roundtables, user group meetings or in the course of our daily business, extremely valuable in a number of ways, including in design. Colonnade, our loan servicing system, was built with single point of contact engineered right in, along with extensive reporting capabilities that anticipated the regulatory requirements long before they were announced. The Blueprint document management system in our Architect LOS and LoanXEngine's customer relationship management (CRM) and product and pricing engine (PPE) capabilities possessed virtually all of the compliance features required today from the start, so being ready was already part of our DNA. Much of this happened as a result of listening to clients as we designed and enhanced our software.
Q: Why are multiple LOS delivery methods more important than ever for lenders? Is cloud delivery more popular with lenders these days? What concerns should lenders have?
Smith: Lenders need flexibility. That's been true ever since the first PC-based LOS systems enabled smaller originators to go beyond the fully manual practices that were inherent in the industry. As systems like Mortgage Builder emerged and went far beyond the capabilities of the PC-based LOS, clients needed to look beyond the traditional installed models. Installed software is great, but it means having an increasingly sophisticated IT staff at the lender's disposal, which increases costs.
For lenders with established IT infrastructures capable of handling today's technology, a purchase model may be the preferred option. Lenders that do not find themselves in that scenario however, tend to find cloud-based solutions to be more desirable. While we are seeing the majority of our customers opting for cloud-based delivery, we have and continue to talk with organizations wanting to host their LOS themselves. Software-as-a-service and cloud delivery leave the heavy lifting to the software provider, reducing cost and labor-intensive activities for lenders, but they also mean the client is more dependent on the provider for service reliability.
Lenders looking at their delivery options should consider whether the provider has both installed and cloud-based models, along with the ability to switch them back and forth without service interruption as their needs change and evolve.
The main concerns lenders should have involve the issues of security and service continuity. Recent high-profile service outages have refreshed these concerns in the minds of lenders, and that is ultimately a good thing for the industry. We have focused on these issues for a long time and have taken a number of steps to demonstrate security and redundancy, including third-party verification of our safeguards.
Q: Security of sensitive information is a popular topic these days. Do you see any possible security issues that lenders and servicers should be aware of when choosing their LOS and servicing systems?
Smith: Security is critically important, and it is linked to other areas regarding how LOS and servicing system providers handle data. Mortgage Builder has undergone annual SAS 70 Type II audits for years – a third-party process that looks at our security and data safeguards objectively. Those examinations, now known as SSAE 16 Type II audits, are exacting and rigorous. I think it is extraordinary that all LOS and LSS providers do not have these certifications. Lenders should definitely require them of vendors with whom they entrust their data, and specifically the Type II audit, which includes on-site evaluations.
Data facilities, disaster recovery plans and all other security aspects are fundamental issues that lenders and servicers need to understand in great detail when selecting LOS and servicing systems. Beyond the selection process, lenders should re-examine the security measures of their current providers on an ongoing basis.
Q: What are the best ways to safeguard information with LOS and servicing systems, and what does Mortgage Builder specifically do to secure information?
Smith: Mortgage Builder has completed 12 consecutive successful SAS 70 Type II and SSAE 16 Type II audits, and we have another coming up shortly. Apart from having an impartial third party audit the provider's security measures, it is important to have redundancies upon redundancies, bulletproof disaster recovery measures in place and highly secure datacenter facilities. Mortgage Builder does all these things and adds the further protection of cyber liability insurance coverage, something we have carried for several years.
Virtually all requests for proposal include a number of these questions for lenders considering new LOS and servicing systems, but the lenders must exercise due diligence and not take it for granted that security measures are as they are claimed in the answers.
Q: Recent figures from the Mortgage Bankers Association show lenders are struggling on costs per loan. How can LOSs reduce origination costs to help boost lender profitability?
Smith: LOSs are like a first line of defense in cost containment for lenders. Choosing one that does the most for your lending approach is important, because not all LOS systems are alike. Some are basic, others are more diversified in their offerings and still others offer cost-saving pricing scenarios where you only pay when loans close.
Most would agree that pull-through rates are among the most important loan origination metrics. Companies that can close more of the loans they start are the ones that will be more profitable by virtue of transactional efficiency. Ways to achieve greater success in closing loans include using very good customer relationship management capabilities; efficient paperless processes; highly responsive communications with prospects; applicants and their agents; and enabling smooth processing and underwriting workflows. Now, of course, the additional dimension of compliance is at the top of everyone's mind, and the LOS can save a lot of time in this regard, too.
The best LOSs do all these things well, and create an origination environment that cuts wasted effort and allows more loans to be closed in a shorter period of time. Every lender should evaluate its LOS to see if it is constantly improving to meet these challenges. If not, it might be time for a change.
