In a recent news release, Florida Attorney General Bill McCollum and the Florida Department of Law Enforcement announced the arrest of 10 members of a criminal mortgage fraud and identity theft operation. The group is charged with defrauding numerous financial institutions out of more than $8 million, and using the identities of unsuspecting individuals as part of the conspiracy to obtain mortgage loans.
Senior Federal Bureau of Investigation (FBI) officials recently told Congress that identity misrepresentation tied to mortgage fraud continues to increase at an alarming rate. Identity theft and identity misrepresentation work hand-in-hand to fuel the fire of rampant mortgage fraud. The FBI also reports a 71 percent increase in pending mortgage fraud cases, with 66 percent of those cases involving losses to lenders totaling $1 million or more. These are just a few glaring examples of why lenders should insist that their brokers and correspondents become compliant to the FACTA Red Flag Rule.
Lenders must seriously consider their own liability when allowing their brokers or correspondents to originate loans without the proscribed identity verification protocols. Since the homeowner whose identity was used in the fraudulent transaction did not actually steal the money, they are not generally held liable to repay the lost funds. In almost every case of fraud involving identity misrepresentation, it is the lender who is most damaged by that type of criminal activity.
The FACTA Red Flag Rule requires the broker or correspondent to have a written Red Flag policy in place. They must integrate this into their daily operations. It should be designed to help them identify Red Flags, which might indicate identity misrepresentation or fraud when building a new customer file.
The Rule also requires that third-party vendors be compliant. A vendor is considered anyone you share sensitive customer information with, where there is a reasonable chance that that information could be lost, stolen or otherwise compromised. To emphasize the danger, Privacy Rights Clearing House reports that in just the last few years, more than 525 million sensitive records have been lost, stolen or otherwise compromised from businesses across the country, including mortgage companies and lenders. Under the Red Flag Rule, the broker or correspondent is considered a vendor of the lender, since sensitive customer information moves back and forth between them. Lenders are technically working with non-compliant vendors when they work with non-compliant brokers or correspondents.
Until lenders insist on compliance, much of the lending community will remain part of the problem and contribute nothing to the solution. However, the Rule creates a perfect opportunity for lenders to require their brokers and correspondents to be compliant and require that they submit proof that they have verified the customers’ identity. Taking the lead on this issue, some forward-thinking lenders have already informed their brokers and correspondents that compliance to the Rule is a pre-requisite to continue doing business with them.
If that trend continues and lenders withhold funding or at the very least insist on compliance from their brokers and correspondents unless this critical step is taken, the mortgage community will have no choice but to take this responsibility seriously. Since the mortgage professional has direct contact with the potential borrower, they will always remain the first line of defense for the lender. Instituting these procedures will, at the very least, help cut down the number of fraudulent loans caused by identity misrepresentation.
It is important to understand today’s reality. The Red Flag Rule indicates a much larger trend that we are seeing in both legislation and in court decisions across the country. Simply put, businesses are being held to a higher standard then ever before.
There is one more very compelling reason why the broker or correspondent should also take responsibility for Red Flag scrutiny. It is incumbent upon the broker or correspondent to protect their lending source. This should automatically be part of every one’s “best business practices.” This needs to be done not because it’s required, but because it’s the right thing to do.
Jim De Geronimo Sr. is president of Concord, Ohio-based Majestic Security LLC. He may be reached by phone at (888) 331-2332 or e-mail [email protected]