Question

Answer

What are a mortgage servicer’s obligations under the Servicemembers Civil Relief Act (“SCRA”)?

The Servicemembers Civil Relief Act (“SCRA”) benefits are intended to provide financial relief and legal protection to eligible servicemembers and their families. Specifically, the SCRA may provide for a lower interest rate or prevent foreclosure for a period of time following active duty.

With regard to interest rate reduction, a borrower may submit a request in writing to a mortgage servicer. The SCRA provides relief from obligations on home loans that have an interest rate higher than 6%. Thus, servicemembers that closed their home loans before entering active duty may become eligible to receive a reduced interest rate. Interest rate reductions become effective with the first payment due after the servicemember enters active duty and for one year thereafter. If the mortgage servicer believes in good faith that the servicemember’s ability to pay interest at a rate in excess of 6% per year is not materially affected by the servicemember’s military service, it may apply to a court for relief from reducing the interest rate.

Under the SCRA, the sale, foreclosure, or seizure of real estate shall not be valid if it occurs during or within ninety (90) days after a servicemember’s military service unless a mortgage servicer obtained a valid court order approving the sale, foreclosure, or seizure. With the enactment of the Foreclosure Relief and Extension for Servicemembers Act in March 2016, the time frame for foreclosure protection extended from 90 days to one year after active duty. This increase was retroactively applied as of January 1, 2016, but is temporary and will revert back to 90 days on January 1, 2018 unless extended by further legislation.

A mortgage servicer may receive notification of a mortgagor’s active military status through various means and must be aware of the protections afforded to these individuals, as well as Agency-specific requirements. For instance, the U.S. Department of Housing and Urban Development (“HUD”) requires that for all mortgage loans, including conventional mortgages, the servicer provide a SCRA Notice Disclosure to a borrower that defaults within 45 days from the date a missed payment was due, unless the borrower pays the overdue amount before the expiration of the 45-day period.


What types of anti-money laundering risks are most common with real estate and mortgage transactions?

In August, 2017, the Financial Crimes Enforcement Network (“FinCEN”) issued an advisory to financial institutions and real estate firms and professionals warning of the dangers of money laundering and providing insight into the types of risks that exist in the industry. FinCEN explained that real estate transactions are particularly vulnerable to such abuse because they may involve high-value assets, opaque entities and processes that can limit transparency. FinCEN indicated that real estate transactions are an attractive vehicle for money laundering because they can assist in appreciating the value of the funds, while also “cleaning” the funds.

As part of the Advisory, FinCEN encouraged mortgage lenders and real estate professional to keep the following risks in mind when identifying and reporting suspicious activity:

  • Use of shell companies (i.e. non-publicly traded corporations, limited liability companies, or trusts that have no physical presence beyond a mailing address and generate little to no independent economic value)
  • All-cash real estate purchases.

In addition to these risks, mortgage lenders should be particularly alert to mortgage fraud schemes and concerns, such as altered or fraudulent documents and misrepresentations with regard to occupancy or employment.

Although not required to by regulation, FinCEN encourages real estate brokers, escrow agents, titles insurers and other real estate professionals to voluntarily report suspicious transactions.  Mortgage lenders should speak with their third party vendors and business partners about the dangers of money laundering and encourage them to report any suspicious activity to them if it involves a transaction that both parties are involved in.

It is important for mortgage lenders to maintain an AML Program that meets regulatory requirements.  This includes, but is not limited to, performing AML risk assessments and independent audits of the Program at least every 12-18 months.

The FinCEN Advisory (FIN-2017-A003) referenced in this article may be found at: https://www.fincen.gov/sites/default/files/advisory/2017-08-22/Risk%20in%20Real%20Estate%20Advisory_FINAL%20508%20Tuesday%20%28002%29.pdf


Am I required to ensure that NMLS Unique Identifiers appear on my employees’ LinkedIn, Facebook and other Social Media pages?

To the extent the name of your company appears on any social media utilized by a mortgage loan originator (“MLO”), the company’s NMLS Unique Identifier should be set forth in a clear and conspicuous manner. We are even aware that, most recently, some state banking departments, such as New Mexico and Oklahoma, have fined lenders where their unlicensed employees failed to list the company’s NMLS Unique Identifier on personal social media pages that listed the company’s name.

With respect to the NMLS Unique Identifier of a MLO, it is a best practice to list it on the MLO’s personal social media pages if the MLO mentions that he or she is a loan originator working on behalf of the company. It should be noted, however, that the requirement to list the NMLS Unique Identifier may depend on what is stated on the MLO’s personal social media page as well as the states in which the company and/or MLO operate. Any commercial message promoting a credit transaction must adhere to all state and federal advertising rules which exceed merely listing the company’s and MLO’s NMLS Unique Identifier.

So how do you manage this? It is a best practice to determine what social media pages a MLO utilizes at the time of onboarding, in addition to ensuring the MLO knows and understands the company’s social media and advertising rules. It is also essential that you train your MLOs and entire staff on both federal and state advertising requirements. This should be done at initial hire, follow with consistent reminders (no less than semi-annually), as well as annual recurring training. You should also perform random social media audits and monitoring to identify any possible violations and prove to regulators that you are proactive in monitoring social media compliance. Additionally, it is a best practice to ensure any MLO departing the company (voluntarily or involuntarily) removes his or her affiliation with your company in a timely manner, so as to avoid potential UDAAP (Unfair Deceptive Abuse Acts and Practices) issues.


How do I ensure my subservicer is following its policies and procedures?

The GSEs require all subservicers to follow GSE guidelines when servicing loans.  When utilizing a subservicer, the master servicer should have an oversight policy in place to ensure compliance. The policy should establish the master servicer’s servicing Quality Control (“QC”) Program and include, at a minimum:

  1. Procedures demonstrating how the master servicer verifies that the subservicer is actually following its own procedures;
  2. An explanation of how the master servicer implements quality control audits and when and how often such audits will be performed;
  3. A method to track subservicer servicing errors and deficiencies, as well as any remediation plans; and
  4. As a best practice, an annual onsite visit that permits the master servicer to sit with key subservicing staff to understand the staff’s day-to-day process and reconcile it against the subservicer’s written policies and procedures.

Subservicer deficiencies may range from warnings to heavy fines up to and including loss of the ability to service loans, therefore, it is important to ensure proper subservicer oversight and monitoring.


The Consumer Financial Protection Bureau (“CFPB”) focuses on consumer complaints. What are some best practices related to consumer complaint management?

The CFPB has indicated that consumer complaint management is a key component of a mortgage lender’s complaint management system. There are several proactive measures a mortgage lender should take to assist with consumer complaint management. For instance, all mortgage lenders should maintain a detailed consumer complaint policy that outlines how the mortgage lender handles complaints. Specifically, the policy should include the mortgage lender’s procedures with regard to identifying, acknowledging receipt of, and logging complaints, Further, the policy should detail the individual or individuals responsible for investigating and responding to complaints, timing requirements related thereto, and training of employees with regarding to handling of consumer complaints. It is especially important to train front-line employees, such as processors and loan originators, as well as receptionists and other consumer-facing employees. These individuals must understand how to initially respond and escalate the complaint to the appropriate channels. Lenders that utilize borrower surveys should also strongly consider having their Compliance Department review such responses to identify any negative feedback and treat such negative comments as complaints.

In addition to a consumer complaint policy, it is important for mortgage lenders to maintain a consumer complaint log for tracking and trending purposes. Information contained in the log should include, but may not be limited to, complainant name and contact information, the source of the complaint (i.e. borrower survey, CFPB complaint database, etc.), the employees involved, a brief description of the complaint and resolution, relevant dates (i.e. date received, date resolved), and particular issues involved (i.e. origination, servicing, fair lending, etc.).

The Company should review complaints regularly and any recognized trends should serve as a basis for the implementation of policies and/or training to help eliminate the potential root causes. A common best practice is also to include a summary presentation of complaints as part of a mortgage lender’s Board of Directors’ or Senior Management meetings to ensure Board oversight and involvement.

Finally, it is important that mortgage lenders adequately monitor for complaints. This includes ensuring employees understand reporting requirements in relation to complaints, as well as confirming contact information is up to date and accurate for various sources of complaints, such as the Better Business Bureau, state regulatory agencies, and the CFPB complaint database.


I understand the new HMDA rules require reporting of automated underwriting system (AUS) information effective January 1, 2018, but how do you determine what to report if we use more than one AUS or pull results several times?

The new HMDA rules require the reporting of AUS information if a mortgage lender used an AUS to evaluate the application. Below are guidelines for determining which AUS or AUSs and which result or results to report in such a case:

  1. Conditions that require the identification of a suitable property;
    1. If so, determine whether you obtained only one result from that AUS. If so, report that information.
  2. If you used an AUS that does not match the loan type reported or if you obtained more than one result from the AUS that matches the loan type reported, determine whether an AUS that was used to evaluate the application matches the purchaser, insurer, or guarantor (if any) for the loan (i.e. Desktop Underwriter for a loan that Fannie Mae purchased).
    1. If so, and you obtained only one result from that AUS report that information
  3. If you did not use an AUS that matches the purchaser, insurer, or guarantor or if you obtained multiple results from an AUS that matches the purchaser, insurer, or guarantor or loan type, you report the result that is closest in time to the credit decision and the AUS that generated that result.
    1. If you simultaneously obtain multiple results closest in time to the credit decision, you report each of the multiple AUS results that you obtained and the AUSs that generated each of those results up to a total of 5 results and 5 AUSs. You should never report more than 5 results or 5 AUSs (in such case, only choose 5 AUSs and 5 results to report).

Can you provide clarification on the definition of “Preapproval” under the new HMDA rules and information regarding reporting requirements?

Effective January 1, 2018, the new HMDA rule expands the types of preapproval requests that are reportable. Lenders who are required to file now must report preapproval requests that are approved but not accepted (this used to be optional). However, preapproval requests regarding home purchase loans to be secured by multifamily dwellings, preapproval requests for open-end lines of credit, and preapproval requests for reverse mortgages are not reportable under the new HMDA requirements.

You must report preapproval requests for home purchase loans (not for multifamily, open-end lines of credit or reverses) if reviewed under a preapproval program.

A preapproval program is a program in which you (1) conduct a comprehensive analysis of the applicant’s creditworthiness (including income verification), resources, and other matters typically reviewed as part of your normal credit evaluation program; and then (2) issue a written commitment that: (a) is for a Home Purchase Loan; (b) is valid for a designated period of time and up to a specified amount, and (c) is subject only to specifically permitted conditions.  Specifically permitted conditions include:

  1. Conditions that require the identification of a suitable property;
  2. Conditions that require that no material change occur regarding the applicant’s financial condition or creditworthiness prior to closing; and
  3. Limited conditions that (a) are not related to the applicant’s financial condition or creditworthiness and (b) you ordinarily attach to a traditional home mortgage application (such as requiring an acceptable title insurance binder or a certificate indicating clear termite inspection and, if the applicant plans to use the proceeds from the sale of the applicant’s present home to purchase a new home, a settlement statement showing adequate proceeds from the sale of the present home).

Preapproval requests reviewed under a preapproval program are only reported if denied or approved but not accepted.  The CFPB indicated if you do not regularly use procedures to consider requests but instead consider requests on an ad hoc basis, you are not required to treat the ad hoc requests as having been reviewed under a preapproval program. However, you should be generally consistent in following uniform procedures for considering such ad hoc requests.


Is it permissible for my compliance department, which is independent of the operations and business units, to perform compliance-related internal audits?

The answer depends on the structure of the organization and the scope of the audits. An organization’s compliance department cannot audit areas in which it currently maintains oversight as that would be a conflict of interest. This would remove the independence of the audit. Normally, the compliance department serves as the second line of defense with internal audit serving as the third line of defense.

In many large organizations, the compliance department conducts audits that are directly focused on compliance-related topics, and the internal audit department will review and validate their findings. The internal audit department will also review areas that were identified as issues in the compliance audits.  An internal audit program touches on areas other than compliance, such as operations, HR, accounting, IT, corporate governance, quality control, etc., whereas compliance audits focus solely on regulatory matters.


Should mortgage lenders maintain a documented “Disaster Recovery/Business Continuity Plan”?

Yes, it is not only a best practice recommendation but also a requirement to be maintained and tested by many state regulators and the GSEs (Fannie Mae and Freddie Mac). A formal Business Continuity Plan (“Plan”) should instruct employees who are the key contacts, what steps need to be taken, when to execute each step, where to go, and how to do so in the event of a significant incident or natural disaster that disrupts daily business. The Plan should include detailed steps outlining where employees relocate for business resumption. In many cases they may only need a computer and an internet connection. A phone call tree and how employees can access a list of vendors and contacts critical to keeping the business running should also be a part of the disaster recovery component of the Plan.

The Plan needs to speak to the method utilized by the mortgage lender to ensure that, in the event of a data loss or security compromise to the main systems, the information is capable of being quickly recovered in the exact format as it was prior to the event. If a physical back up facility is used it is recommended to be at least 25 miles from the main office in case a natural or man-made disaster affects an entire region. At a minimum, the Plan should be tested annually.


Often we make exceptions to our established credit standards (i.e. we lower a rate to match a competitor’s offer and thereby retain the consumer). Is it possible that fair lending risks arise as a result of our company engaging in this activity?

Yes. Although reducing a rate to meet your competition’s offer is permissible it is important that these types of decisions are based on a legitimate business justification and that your company maintains adequate documentation and oversight to avoid increasing your fair lending risk.

The CFPB discussed this issue in their Supervisory Highlights in the Spring of 2014. Specifically the CFPB stated:

If the applicant does not qualify for the loan applied for then the lender may counteroffer with a requirement of an additional borrower or guarantor but the lender is not permitted to require this additional borrower or guarantor to be the applicant’s spouse.

“A lender may promote the availability of credit by providing credit to an applicant based on a lawful exception to the lender’s credit standards when exceptions practices are complemented by an appropriate system of fair lending compliance management. A strong compliance management system can also mitigate fair lending risk related to credit exceptions by adequately documenting the basis for the credit exception, monitoring and tracking exceptions activity, and controlling any resulting fair lending risk.”

Thus, any lender who makes exceptions to their credit standards must:

  1. Memorialize written policies and procedures for pricing exceptions (when allowed) and how they must be documented.
  2. Monitor and Audit to make sure these policies are followed.
  3. Train staff on the policies (not just basic fair lending training).

Fair lending risk in this regard is not just limited to credit exceptions but also lender fee reductions, discretionary lender credits and waivers of lock extension fees. All requests for these exceptions/reductions/credits should be tracked and memorialized whether granted or denied. This information will be invaluable if you need to justify pricing discrepancies to a regulator down the road.


Can a lender require a non-borrowing spouse to be a borrower or sign any loan documents?

The Equal Credit Opportunity Act (“ECOA”) strictly forbids a creditor from discriminating against applicants on a number of prohibited bases including marital status.

A lender may not require the signature of a non-borrowing spouse on any loan document (except any loan document that is reasonably believed to be necessary under applicable state law) if the applicant qualifies for the loan applied for without use of the spouse’s assets, income etc.

If the applicant does not qualify for the loan applied for then the lender may counteroffer with a requirement of an additional borrower or guarantor but the lender is not permitted to require this additional borrower or guarantor to be the applicant’s spouse.

With regard to the exception of any loan document that is necessary under applicable state law, a lender may require a non-borrowing spouse’s signature on any loan document necessary to protect the lender in the event of default (i.e. the security instrument in a community property state).


As a lender, am I required to audit my Document Custodian on a regular basis?

Yes, a lender should review a document custodian from a vendor management risk stand point. In addition, Ginnie Mae is explicit in its requirements for each issuer to review their Document Custodians. The Ginnie Mae MBS Guide (Chapter 6, 2000.04 Rev-2 CHG-20) requires an onsite Document Custodian audit by a seller-servicer at least annually if more than one Document Custodian is utilized. All Document Custodians must be audited within a three-year cycle. The review must be comprehensive because the Document Custodian is essentially a vendor of the pool issuer. When conducting an audit, at a minimum, the following areas should be addressed:

  1. Deficiencies are identified and appropriately mitigated;
  2. Management and staff possess adequate knowledge to perform in a custodial capacity;
  3. The Document Custodian has established controls, policies and procedures;
  4. The Document Custodian meets the minimum requirements as determined by GNMA;
  5. The Document Custodian is issuing Final Pool Certifications in a timely manner as required by GNMA;
  6. Recorded modified documents and reinstated loans have had documents inserted into the pool or removed from the pool; and
  7. A loan-level review from a selection of pools is conducted. Files must be reviewed to ensure that the collateral file is intact and contains all the necessary original documents and endorsements.

For most lenders, these areas are not a key area of expertise; therefore, outsourcing to third parties that have the expertise is a common practice. External auditors can be an effective way to ensure the Document Custodian is compliant with Ginnie Mae guidelines.

What is Internal Audit and is it a requirement for mortgage lenders?

Internal Audit is a function within an organization that independently evaluates the risks to the organization and the control environment that the company has in place. Typically, Internal Audit reports to the Board of Directors or Senior Management and is separate from all other departments to ensure that their evaluation remains independent.

Internal Audit is required if you are approved or seeking approval from any GSE’s. One of the most common findings coming out of a Fannie Mae MORA exam is a lack of sufficient internal audit protocols.


Does the Equal Credit Opportunity Act (“ECOA”) permit a creditor to favor elderly applicants when determining whether to extend credit?

Yes, although generally a creditor may not take into account an applicant’s age, 12 CFR Part 1002.6(b)(2) permits a creditor to “consider the age of an elderly applicant when such age is used to favor the elderly applicant in extending credit.”

12 CFR Part 1002.2(o) defines elderly as “age 62 or older.”

For example, if a 65 year old applies for a mortgage loan, the creditor may use their age as a factor in their favor for approving the loan. On the other hand, the creditor may not consider the age as a factor for not approving the loan.


Currently, the Know Before You Owe/TILA-RESPA Integrated Disclosure Rule (“TRID”) does not permit changes to a Closing Disclosure (“CD”) to cure a tolerance violation more than four (4) business days prior to consummation. Is it true that, if enacted, the proposed TRID amendments will eliminate this issue known as the “Black Hole”?

Yes, in most instances the proposed amended language to TRID would permit a lender to reset tolerances using a CD at any time so long as the lender issues a corrected CD within three (3) business days of learning of a valid Change of Circumstances.

This will provide some reprieve for lenders who have been forced to absorb increased costs when closings were delayed.


What events should trigger the production of an off-cycle escrow analysis?

Other than the paying off of the mortgage loan, when a Short Year Escrow Statement is required, off-cycle escrow analyses are not required.

However, in the following situations, it is strongly advisable:

  • When a scheduled escrow disbursement has increased or decreased greater than a predetermined amount.  This could be based upon a fixed dollar amount or percentage, determined by each company,
  • When the Disbursement Date of an escrowed item is changed,
  • The addition or removal of an escrow line, or
  • The change in the maximum allowable escrow cushion.

Under the Know Before You Owe/TILA-RESPA Integrated Disclosure Rule (“TRID” or the “Rule”) the sample Written List of Service Providers (Model Form H-27) includes a column where the estimated charge for each service is set forth. Is a lender required to include an estimated cost for each service on the Written List of Service Providers?

No, TRID does not require a lender to include an estimated cost for each service, nor does it include concrete guidance with regard to contact information for a service provider. Rather, commentary to the Rule indicates that creditors must provide sufficient information, such as the name, address and telephone number, to allow a consumer to contact the provider. §1026.19(e)(1)(vi) only indicates that if a creditor permits a consumer to shop for a settlement service, the creditor must provide the consumer with a written list identifying at least one available provider of that service. It does not require an estimate for each service.

If a lender elects to include a cost estimate it should correspond with the fee set forth on the Loan Estimate. Further, a lender should document its policies and procedures with regard to completion of the Written List of Service Providers to ensure consistency in completion of the document.


Is it true that mortgage lenders may now look at whether a mortgage loan applicant pays off his or her credit card in full or carries a month-to-month balance?

Yes. Credit rating agencies recently began offering “trending data” on potential borrowers. Trending data provides a comprehensive picture of borrowers’ debt management, including whether or not they pay off their credit card statement each month.

The change was based largely on a study by Fannie Mae, which found that borrowers who pay off their credit each month are about 60% less likely to become delinquent on a mortgage than those that only pay the monthly minimum. Although the use of trending data is still in the early stages, it is likely this will become a regular step in the mortgage underwriting process.

Still, it remains unclear whether the change will lead to a greater overall acceptance or denial rate for potential borrowers. On one hand, the change means that individuals with an otherwise borderline approval rating may be pushed over the hump because of favorable trending data. On the other hand, some borrowers who otherwise would have qualified may not qualify because they do not pay off their full credit card balance each month.


Does Freddie Mac require employees of each approved Seller/Servicer to complete annual fraud training?

Yes. Chapter 3201.1 of Freddie Mac’s Single Family Seller/Servicer Guide (the “Guide”) addresses Fraud Prevention and Detection. It indicates, in relevant part, that Sellers/Servicers must train employees, and certain non-employees, who are in a position to notice and report fraud or suspected fraud at least annually to ensure that these employees are aware of emerging fraud scenarios. Such individuals must be trained in all applicable areas of the Seller’s/Servicer’s mortgage business with regard to:

(1) Common and emerging fraud schemes; and

(2) Red flags that may signal fraud and the need for further review.

Non-employees who may require fraud prevention and detection training include, but are not necessarily limited to, contract underwriters and processors, contract quality control firms, borrower outreach companies, loss mitigation providers and collection companies. Trainings may be conducted by the Seller/Servicer or by a qualified third party. Alternatively, the Guide permits Sellers/Servicers to meet the training requirements by obtaining annual written verifications from the individuals requiring training. Verifications must confirm that training has been received from a third party and meets the requirements of the Guide.


Can a mortgage loan originator be held individually liable for a violation of the Loan Originator Compensation Rule?

Yes.

15 U.S. Code § 1639(d)(2) indicates that the maximum penalty for a loan originator’s violation of the Loan Originator Compensation Rule is the greater of the actual damages sustained or three times the total compensation earned on the subject transactions; plus associated costs, such as reasonable attorney’s fees. Noteworthy, personal liability may attach to the mortgage loan originator even if there are no actual damages sustained by a consumer.