Yes, in addition to the more common pricing considerations, the CFPB recently published its latest Supervisory Highlights, Summer 2021 edition, which included a Fair Lending section that stressed the following additional key concerns raised by examiners in a recent supervisory review of a mortgage lender:
- Conducting marketing campaigns that featured models, all of whom appeared to be non-Hispanic white;
- Including mortgage professionals’ headshots in marketing materials that all or mostly appeared to be non-Hispanic white;
- Maintaining office locations that were nearly all concentrated in majority non-Hispanic white areas;
- Focusing marketing campaigns and Multiple Listing Service (MLS) advertising on majority-white areas in a MSA;
- Employing mostly non-Hispanic white mortgage loan officers;
- Permitting communications directed at prospective applicants that would discourage reasonable persons on a prohibited basis from applying to the lender for a mortgage loan: and
- Permitting racist and/or derogatory email communications among mortgage loan officers.
This is not intended to be an exhaustive list of fair lending concerns for lenders, but rather should be considered when evaluating fair lending risk.
Yes, it is permissible for lenders to obtain verbal authorization from the applicant to pull credit. However, if a lender chooses this route, it is recommended that the lender require its mortgage loan originators to document the date and time they received such verbal authorization either into the loan origination system or some other written record.
It is not uncommon for applicants who do not complete the loan application process and do not remember authorizing the credit pull to file a complaint. In this such instances, referencing a written record of when authorization was provided and to whom it was provided can be beneficial for a mortgage lender.
A company must review and update its key policies and procedures as often as necessary to ensure they remain up-to-date and accurate. The Consumer Financial Protection Bureau indicates in its Examination Procedures that examiners should seek to determine, among other things, whether a supervised entity maintains and modifies its compliance policies and procedures so that they remain current and complete and serve as a reference for employees in their day-to-day activities. To comply with this, it is best practice for a company to review its key policies and procedures at least annually. Generally, the review should involve compliance employees and/or subject matter experts at the company. Further, a Company’s Board of Directors (if there is one) and/or Executive Management should review and approve written policies each year and any time there are material changes to such policies. Companies may memorialize this review and approval within the minutes of a meeting, through a corporate resolution, or within the policy itself, provided it is signed by a member of the Board and/or Executive Management.
Timely policy and procedure reviews can be overlooked for a variety of reasons. This can lead to issues on federal and state examinations, as well as with investors and agencies as it signals weakness in a company’s Compliance Management System. For this reason, it is recommended that companies maintain a policy and procedure inventory that documents all of the policies and procedures maintained by the company, the date of last review, the next review date (provided no changes in applicable law or company operation requiring an earlier review/update), and party responsible for the review. A company may also choose to fold annual policy and procedure reviews into the company’s internal audit program as it may make sense to review key policies and procedures as part of the risk assessment process.
In recent months, the CFPB has taken several actions against mortgage lenders for deceptive advertising particularly related to VA loans and reverse mortgages. The consent orders highlight marketing practices that mortgage lenders must avoid. Below are ten (10) key takeaways:
- All marketing material must be reviewed to ensure it does not contain any false, misleading, or inaccurate information.
- Advertisements should clearly disclose who the advertising lender is and not give a false impression that the material is from the consumer’s current lender or a government agency.
- When quoting rates and APR, a mortgage lender must ensure that the rates and APR are actually available to consumers and are accurate. If a rate quoted includes discount points and/or is based on a consumer meeting certain conditions, those discount points and/or conditions must be clearly disclosed in terms a consumer will understand.
- Advertisements should never include terminology about eliminating debt; the loan advertised is a debt.
- Advertisements should not include misleading comparisons involving actual or hypothetical loan terms, particularly when a lender cannot guarantee similar results.
- A mortgage lender should never use the term, “fixed,” when advertising an adjustable rate mortgage.
- Advertisements should not include language indicating an appraisal or income documentation is not required if it is in fact required or may be required in some circumstances.
- Advertisements should not include language indicating a consumer can skip two payments by refinancing.
- Reverse mortgage advertisements should not include language giving consumers the impression that they will always be able to remain in their home or that there is no risk of losing the home.
- Reverse mortgage advertisements must disclose the requirement to continue to pay property taxes and insurance, particularly when highlighting that a monthly mortgage payment is not required.
Yes, the Bank Secrecy Act (“BSA”) requires all residential mortgage lenders and originators to perform an independent review or audit of their AML program. Although the BSA does not specifically set forth the time frame for performing such testing, the Federal Financial Institutions Examination Council (“FFIEC”) indicated that sound practice is for an entity to perform an independent audit of its AML program at least every 12-18 months, commensurate with the entity’s risk profile.
Testing must be performed by both an independent and qualified party. While this does not mean the audit cannot be performed by an employee, the individual or individuals completing the audit must be fully familiar with AML requirements and cannot be involved in any of the AML functions of the Company. As such, the Company designated AML Officer would be unable to perform the audit. For this reason, many entities engage outside service providers to perform independent audits of their AML program.
Whoever performs the review should report directly to the entity’s Board of Directors or Executive Management. Testing should cover all of the entity’s activities and the results should be sufficiently detailed to assist the Board of Directors and/or Executive Management in identifying areas of weakness so that improvements may be made and additional controls may be established. Among other items, the Company’s written policies and procedures should be reviewed as well as the qualifications of the AML Officer and the Company’s training materials and attendance logs.
In recent years, state regulators have commenced examining the AML programs of their supervised entities more closely. In particular, many states now require entities to produce AML policies and procedures, as well as AML risk assessments and independent AML audit results as part of examinations. Failure to maintain these documents can oftentimes result in an adverse finding. Some states also maintain their own money laundering regulations, such as California, Florida, Hawaii, New Jersey, and Texas.
The CFPB established an Advisory Opinions Program to publicly address regulatory uncertainty in existing regulations by providing written guidance in the form of advisory opinions to regulated entities upon request. The CFPB initially published a proposed procedural rule in regard to this program in June 2020, while also launching a Pilot Program. On November 30, 2020, the CFPB published its final Advisory Opinions Policy, which supersedes the Pilot Program.
Under the Advisory Opinions Program, entities subject to the CFPB’s supervisory or enforcement authority can submit a request for an advisory opinion to email@example.com or through other means designated by the CFPB. Requests are accepted and reviewed on a rolling basis. All requests should identify the person or entity seeking the opinion, as well as the identity of any person or entity submitting the request on behalf of a third party. Third parties, such as law firms, trade associations, or consumer advocacy groups, may submit requests on behalf of clients or members without identifying those entities.
The following information must be provided with the request for advisory opinion:
- A statement of whether the issue is the subject of any known or reasonably knowable active litigation or federal or state agency investigations;
- The actual facts or course of action the requestor (or third party) is engaged in or considering engaging in;
- All material facts and circumstances, including detailed specification of the legal question and supporting facts with respect to which the requestor seeks the advisory opinion; and
- A proposed interpretation of law or regulation, identification of the potential uncertainty or ambiguity that the interpretation would address, and an explanation of why the requested interpretation is an appropriate resolution of that uncertainty or ambiguity.
The CFPB advised it intends to consider the following factors when determining whether to issue an advisory opinion:
- The interpretive issue has been noted during prior CFPB exams as one that might benefit from additional regulatory clarity;
- The issue is one of substantive importance or impact or one whose clarification would provide significant benefit; and/or
- The issue concerns an ambiguity that the CFPB has not previously addressed through an interpretive rule or other authoritative source.
The CFPB indicated there will be a strong presumption against appropriateness of an advisory opinion for issues that are the subject of an ongoing investigation or enforcement action or the subject of an ongoing or planned rulemaking. The CFPB also indicated that, in some cases, it may decide to issue an advisory opinion based on questions it receives from the public, through other channels, that are not requests for advisory opinions.
All advisory opinions issued by the CFPB will be posted on the CFPB’s website and published in the Federal Register.
Checking a contract underwriter or processor against exclusionary lists is certainly a best practice. However, it may not always be feasible to do – particularly if the lender is not made aware of the individual contract underwriter’s/processor’s name by the third party service provider that employs them. Below is a summary of Agency guidelines on this issue.
- Fannie Mae indicates in its Selling Guide Chapter A3-3 that effective management procedures for third-party originations include review of the third-party originator’s hiring procedure for checking all employees involved in the origination of loans (including application through closing) against: (i) the U.S. General Services Administration Excluded Parties List, (ii) the HUD Limited Denial of Participation (“LDP”) List, and (iii) the Federal Housing Finance Agency Suspended Counterparty Program List.
- HUD indicates in its Handbook 4000.1, Chapter II, A, 1, iii that a mortgagee may not contract with entities or persons that are suspended, debarred, or otherwise excluded from participation in HUD programs, or under a LDP that excludes their participation in FHA programs. HUD requires a mortgagee to ensure that it does not engage any contractors to perform any function relating to the origination of an FHA-insured Mortgage. Further, HUD indicates a mortgagee must check the System for Award Management (SAM) (www.sam.gov) and must follow appropriate procedures defined by that system to confirm eligibility for participation.
- Freddie Mac indicates in its Seller/Servicer Guide Chapter 3101 that sellers/servicers must use the Freddie Mac Exclusionary List (“Exclusionary List”) to screen parties involved in the origination of the mortgage prior to the sale of each mortgage to Freddie Mac. Freddie Mac also requires sellers/servicers to establish and maintain procedures to ensure they do not employ or contract with individuals or entities listed on FHFA’s Suspended Counterparty Program (“SCP”) list. If a party whose name is on the Exclusionary List or SCP list is the borrower or played a role in the origination of a mortgage or the underlying real estate transaction, the mortgage is not eligible for sale to Freddie Mac.
- Fannie Mae defines third-party origination as any loan that is completely or partially originated, processed, underwritten, packaged, funded, or closed by an entity other than the seller (or its parent, affiliate or subsidiary) that sells the loan to Fannie Mae. Note, Fannie Mae advised that if a seller enters into a contract with a third party known for the quality of its underwriting (such as a mortgage insurer) to help the seller in underwriting its mortgage originations, the loans will not be considered third-party originations.
- HUD permits a mortgagee to utilize contractors to perform administrative and clerical functions, such as typing of mortgage documents, mailing out and collecting verification forms, ordering credit reports, and/or preparing for endorsement and shipping Mortgages to investors. HUD prohibits the use of contract underwriters.
The GSEs require all subservicers to follow GSE guidelines when servicing loans. When utilizing a subservicer, the master servicer should have an oversight policy in place to ensure compliance. The policy should establish the master servicer’s servicing Quality Control (“QC”) Program and include, at a minimum:
- Procedures demonstrating how the master servicer verifies that the subservicer is actually following its own procedures;
- An explanation of how the master servicer implements quality control audits and when and how often such audits will be performed;
- A method to track subservicer servicing errors and deficiencies, as well as any remediation plans; and
- As a best practice, an annual onsite visit that permits the master servicer to sit with key subservicing staff to understand the staff’s day-to-day process and reconcile it against the subservicer’s written policies and procedures.
Subservicer deficiencies may range from warnings to heavy fines up to and including loss of the ability to service loans, therefore, it is important to ensure proper subservicer oversight and monitoring.
It’s not difficult to develop and understand best practices for maintaining IT server security, but physical maintenance is equally important for several reasons:
1. Proper on-going maintenance of equipment helps ensure continued operations, which is imperative in today’s digitally-driven work environment.
2. In the event of an outage or equipment failure, the repair process is not hampered by a disorganized server room.
3. Commitment to organization and order in even the smallest of details reflects well on an organization, especially in the event of an audit.
One recommendation is to develop a color-coding system to organize server wires and use racks with cable management “teeth” or ties to bundle wires and prevent damage. Other best practices include building a checklist during server configuration to ensure that people-based controls are executed when needed. By color-coding wires, technicians will easily be able to distinguish between production server, vital network equipment and workstation wires and quickly identify and correct any issues.
Yes. Fannie Mae’s guidelines for POAs in a purchase transaction now require a written record or a recorded Internet session demonstrating a meeting with the borrower to explain the Closing Disclosure after the borrower receives it.
Fannie Mae’s Lender Letter, LL-2021-03, issued February 10, 2021 indicates:
- Unless a recorded Internet session is required, a Power of Attorney may only be used in a purchase transaction with a note date on or after Apr. 7, 2020, if, after the Closing Disclosure or other closing statement, as applicable, has been delivered to the borrower before closing, an employee of the lender or settlement agent explains the terms of the loan to the borrower(s) to confirm that each borrower understands them. This discussion must take place in person, telephonically, or using a video conference system, and must be “memorialized” by an acknowledgment by the borrowers of his or her understanding of the terms of the loan. The acknowledgment may be in writing or in a recording of the telephonic or video discussion.
Fannie Mae also indicates the following:
- The purpose of the Borrower Acknowledgement provision is to confirm verbally after receiving the Closing Disclosure that the borrower understands both the key features of the loan and that the attorney-in-fact has the ability to contractually bind the borrower to the transaction, including the purchase of a home, on the same basis as if they had signed themselves;
- Key features of the loan would include such things as principal amount, interest rate and adjustment provisions (if applicable), first payment date, loan term, and initial loan payment (P&I and PITIA); and
- The conversation reflecting the Acknowledgment by the borrower(s) must be documented either in a written record created by the lender or settlement agent or in a recording capturing the conversation with the borrower. If documented in writing, there is no expectation that the borrower sign the memorialization. In either case, the lender must retain the acknowledgement in the loan file and make it available to us on request.
Fannie Mae’s Selling Guide, chapter B8-5-05, outlines all of the requirements for use of a POA.
Yes, in January 2021, FinCEN, in collaboration with the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency, published answers to the following seven (7) frequently asked questions (“FAQs”) regarding SARs and other AML considerations:
- Can a financial institution maintain an account or customer relationship for which it has received a written “keep open” request from law enforcement, even though the financial institution has identified suspicious or potentially illicit activity?
- Should a financial institution file a SAR solely on the basis of receiving a grand jury subpoena or other law enforcement inquiries?
- Is a financial institution required to terminate a customer relationship following the filing of a SAR or multiple SARs?
- Is a financial institution required to file a SAR based solely on negative news?
- If there are multiple negative news alerts based on the same event, is a financial institution expected to independently investigate each of those alerts?
- Do financial institutions need to repeat information in the SAR narrative that has already been included in other SAR data fields?
No, information provided in other sections of a SAR does not need to be repeated in the narrative unless necessary to provide a clear and complete description of the suspicious activity.
- Should financial institutions file additional SARs on the same suspicious activity to accommodate narratives that are longer than the SAR narrative character limits?
Yes, a financial institution may decide to maintain an account based on a written “keep open” request from a law enforcement agency, however, it is not obligated to do so.
No, but a financial institution should determine whether SAR filing is necessary based on its assessment of all information available and applicable regulatory requirements.
No, a financial institution has authority to decide whether to maintain or close a customer relationship as a result of suspicious activity based on the information it has available, its assessment of money laundering or other illicit financial activity risks, and its established policies and procedures.
No, but a financial institution may review media reports and other news references to assist in its performance of customer due diligence and to evaluate transactions or activity it considers unusual or possibly suspicious.
No, but a financial institution may consider whether additional alerts contain new or different information that warrant further investigation.
No, filers must provide a clear, complete, and concise description of the suspicious activity. Filers may include additional, relevant information as an attachment to the SAR if necessary, or note that it is available as supporting documentation.
Please refer to the FAQ document for more detailed answers.
Yes, the mandatory effective date for the new URLA is March 1, 2021, but mortgage brokers/lenders have been permitted to use it since January 1, 2021. Fannie Mae and Freddie Mac redesigned the URLA with the goal of assisting both consumers and lenders by making it easier to understand and capture relevant loan application information. Some of the key differences with the new URLA include a larger font, which makes it easier to read and enter information, as well as additional contact information and other requests from applicants. Further, the new URLA incorporates the collection of Demographic Information so that it is in line with current HMDA data collection and reporting requirements. This eliminates the need for a separate Demographic Information Addendum.
It is important to note that as part of the new URLA, if there are multiple borrowers for a loan, each additional borrower must complete an URLA – Additional Borrower Form. Below is guidance on to use the URLA and URLA – Additional Borrower Form:
• Two Borrowers with joint financial information:
• Complete the URLA plus the URLA – Additional Borrower Form, but report assets, liabilities & real estate for additional Borrower on the URLA;
• Complete a separate URLA for each Borrower and report joint assets, liabilities, and real estate on only one URLA (you do not need to duplicate them on more than one URLA);
• In cases where borrowers are not collaborating when completing the loan application, joint assets, liabilities, and real estate may be duplicated.
• Two Borrowers with separate financial information:
• Complete the URLA plus the URLA – Additional Borrower Form and report the assets, liabilities, and real estate for the additional Borrower on the URLA;
• Complete a separate URLA for each Borrower.
• Three or more Borrowers:
• Use any combination of the URLA and URLA – Additional Borrower Form in accordance with the above examples.
There are two separate and distinct amendments to the Regulation Z ability to repay (“ATR”) / qualified mortgage (“QM”) requirements. Both rules become effective for applications taken on or after March 1, 2021, but the new General QM requirements need not be used by creditors until applications received on or after July 1, 2021. The current “Temporary Patch QM” will expire on the mandatory effective date of the new General QM requirements (applications received on or after July 1, 2021). Thus, between March 1, 2021 and July 1, 2021, creditors may use either the current Temporary Patch QM or the new General QM requirements as further detailed below.
1. Revised General Qualified Mortgage Requirements
- Eliminates the requirement that a borrower’s debt-to-income (“DTI”) ratio cannot exceed 43% and eliminates Appendix Q.
- Replaces the eliminated DTI requirement with new pricing requirements:
- For first lien loans, a loan would still be a Safe Harbor QM (despite the borrower’s DTI ratio) if the APR is less than 1.5 percentage points above the APOR at the time the interest rate is set.
- For second lien loans, a loan would still be a Safe Harbor QM (despite the borrower’s DTI ratio) if the APR is less than 3.5 percentage points above the APOR at the time the interest rate is set.
- For first lien loans, a loan will still be a Rebuttable Presumption QM (despite the borrower’s DTI ratio) if the APR is less than 2.25 percentage points above the APOR at the time the interest rate is set.
- A first lien loan with a APR exceeding the APOR by 2.25 percentage points or more cannot meet the definition of a General QM (with the exception of a loan with a small loan amount which has higher caps as set forth below).
- Provides higher pricing thresholds for loans with smaller loan amounts, for certain manufactured housing loans and for subordinate-lien transactions.
- For adjustable rate mortgages, creditors are required to calculate the APR based on the highest rate of interest that can apply during the five (5) years after the first payment date. This differs from the APR calculation currently used for disclosure purposes.
- Effectively loans which exceed a certain APR will not fit within the QM requirements.
- All other current requirements remain unchanged (no risky loan features, terms do not exceed 30 years, 3% max points and fees, verify ATR with income, assets, debts, DTI and liabilities, etc.).
- The rule details the manner in which lenders should consider and verify the income, assets, debts, DTI ratio, residual income and liabilities of applicants. The new General QM rule provides flexibility to creditors to take into account additional factors that are relevant in determining a consumer’s ability to repay.
- The rule includes a list of specific verification standards that creditors may use to meet the revised General QM definition’s verify requirement. If a creditor satisfies the verification standards in the then current Freddie, Fannie, FHA, VA and the USDA manuals, the creditor has a safe harbor for compliance with the verification requirement in the revised General QM definition. A creditor need only comply with requirements in the manuals for creditors to verify income, assets, debt obligations, alimony and child support using specified reasonably reliable third party documents or to include or exclude particular inflows, property, and obligations as income, assets, debt obligations, alimony, and child support.
2. New Seasoned Qualified Mortgage (only for loan applications taken on or after March 1, 2021)
- Permits a loan to acquire QM status and receive Safe Harbor status following its origination if it meets with the precise requirements (among the following):
- Loan must be held in portfolio or transferred only once in the 36-month period following the first payment date (“Seasoning Period”).
- Loan may NOT be securitized during the Seasoning Period.
- Loan can be a higher priced mortgage loan (“HPML”).
- Loan may not be a HOEPA high-cost loan.
- Loan may not be down 30 more than twice and may not be down 60 at all during the Seasoning Period.
- Loan must be a fixed rate first lien loan.
- In connection with the loan, lenders must consider the income, assets, debts, DTI, residual income and liabilities of applicants, including using the underwriting guidelines of Freddie, Fannie, FHA, VA and the USDA for verification standards (see above).
- All other current requirements remain unchanged (no risky loan features, terms do not exceed 30 years, 3% max points and fees).
- The Seasoned QM Rule contains a provision whereby the Seasoning Period is effectively suspended due to a financial hardship caused by a disaster or pandemic, such as COVID-19. There needs to be a presidentially declared emergency, major disaster or pandemic. Many other requirements apply to this exception.
- Permits a loan to acquire QM status and receive Safe Harbor status following its origination if it meets with the precise requirements (among the following):
Please note on January 20, 2021, President Biden’s Chief of Staff issued a memorandum to the heads of executive departments and agencies setting forth terms related to a regulatory freeze. The regulatory freeze requires Acting Director of the CFPB to consider whether to postpone the effective dates of the above rules until March 22, 2021 in order to engage in a review of any questions of fact, law, and policy raised by the rules.
Yes. A lender must comply with Freddie Mac’s updated Power of Attorney (“POA”) requirements when using a POA to close a mortgage with an application date on or after January 4, 2021. Per Freddie Mac’s new guidelines, a POA may only be used when:
- There is an emergency event (i.e., a medical emergency or natural disaster) preventing the borrower from executing the requisite documents in person, by electronic signature or through other alternative electronic means (i.e., remote online notarization, eClosing); or
- Applicable law requires the lender to accept use of a POA.
Under no circumstances may a POA be used merely for the convenience of the parties. Further, evidence of the emergency qualifying the use of a POA must be included in the mortgage file whenever a POA is used. If the acceptance of a POA is required by law, the lender must include a written statement that explains the circumstances in the mortgage file and deliver a copy of the statement to the Document Custodian with the POA.
The person acting as Attorney-in-Fact must:
- Have a familial or fiduciary relationship with the borrower;
- Be an individual employed by the title insurer underwriting the title insurance product insuring the mortgage; or
- Be an individual employed or engaged contractually by the title agency issuing the title insurance product for the mortgage and closing the transaction, but only if the title insurer has issued a closing protection letter relating to the transaction (or has similar contractual indemnity to the lender and it’s assignees) for such policy issuing agent.
Neither the seller of the property in a purchase transaction, nor the lender’s employee is eligible to be an attorney-in-fact under a POA. The borrower may execute the POA using an electronic signature. The POA must be executed by the borrower prior to its use by an attorney-in-fact.
After the lender delivers the finalized Closing Disclosure to the borrower but prior to closing, an employee of the lender or settlement agent must explain and discuss the terms of the mortgage and use of the POA with the borrower to confirm that the borrower understands them. This discussion must take place in person, telephonically, or using a video conference system and must be memorialized in an acknowledgment by the borrower of his or her understanding of the terms of the mortgage. The acknowledgment (i) may be in writing or in a recording of the telephonic or video discussion, (ii) must be retained in the mortgage file, and (iii) must be made available to Freddie Mac upon request. If the discussion occurs using a telephonic or video system, a transcript of the recording or the borrower’s written acknowledgment of the content of the discussion may substitute for a copy of the recording itself in the mortgage file.