Not too long ago, if you were responsible for technology in a mortgage operation, you could keep a reasonably safe distance from the day-to-day details of lending compliance. Over the years, however, several laws, including Sarbanes-Oxley and Gramm-Leach-Bliley, have crept into the world of the mortgage IT professional, requiring that technology work in harmony with a legal department’s policies and procedures.
Today, mortgage regulators are putting technology to work in regulatory enforcement. Technology professionals and IT departments not only need to understand the new regulatory examination requirements, they also need to work more closely than ever with their compliance and operations departments to help adapt to a more comprehensive, technology-driven regulatory compliance environment.
How we got here
Initiatives at the state level to modernize mortgage examinations date back to 2007. The two advocacy groups that represent state banking and mortgage lending regulation, the Conference of State Bank Supervisors (CSBS) and the American Association of Residential Mortgage Regulators (AARMR), worked together to establish an agreement that their members could sign to enable the numerous state agencies across the country to work more closely together on regulatory enforcement.
Regulators called the unprecedented agreement the Nationwide Cooperative Agreement for Mortgage Supervision (NCA). Regulators from every state, the District of Columbia and Puerto Rico signed the agreement, enabling different state agencies to collaborate and share information as they supervised state-regulated lenders and brokers. Although regulators still oversee institutions in their respective jurisdictions, multiple states and agencies can now work together to examine lenders and brokers that do business in multiple states.
To enable that kind of coordination across multiple jurisdictions, CSBS and AARMR looked to existing technology in the mortgage industry to help them gather loan information and to conduct electronic examinations, often referred to as “e-Exams.”
Technology brings it all together
CSBS and AARMR first contemplated building their own technology to enable the new e-Exams. Ultimately, they chose to evaluate solutions that were already available and in use by the mortgage industry. CSBS and AARMR announced in August of 2008 that, following an eight-month vetting period involving representatives from 14 states, they had selected technology from ComplianceEase to facilitate the collection of loan information and to automate compliance audits on loan files.
Instead of just looking at smaller samples of paper loan files by hand, regulators are using the technology to electronically audit up to 100 percent of lenders’ and brokers’ portfolios for regulatory examinations. These new e-Exams include, among other things, checks for compliance with federal laws, such as the Home Mortgage Disclosure Act (HMDA), Truth-in-Lending Act (TILA), Homeownership and Equity Protection Act (HOEPA) and Real Estate Settlement Procedures Act (RESPA), as well as the full scope of state laws, including high-cost, anti-predatory and consumer credit laws that vary depending upon how an originator is licensed.
The technology is also enabling the type of multi-state coordination originally envisioned by CSBS and AARMR. States now collaborate on simultaneous examinations of institutions that do business in multiple states. Regulators refer to them as “multi-state examinations.”
What to expect
In contrast to the mechanics of traditional regulatory examinations, multi-state examinations will begin before examiners go on-site. The coordinator for the exam, called the Examiner-in-Charge (EIC), will contact the institution being audited and request an electronic upload of loan information for the examination time-frame. Again, the scope of the audit may extend to all of the loans in a licensee’s portfolio, so you’ll need to have all of your own loan information ready before you get tapped for an exam.
That’s where technology preparation comes in. A good first step is to understand the technology that CSBS and AARMR have announced is being used in multi-state examinations. These organizations, as well as individual state agencies, have started notifying licensees about the data collection and reporting that will be expected of them.
In particular, CSBS and AARMR have designated that the RegulatorConnect online Web portal at www.RegulatorConnect.org is the central point for submission of electronic loan information at the initiation of an e-Exam. State examiners will use the ComplianceAnalyzer and HMDA Analyzer audit software to conduct the electronic portions of the exams.
Multi-state examinations will start off-site, with examiners receiving the required electronic loan information from the institution being examined. Examiners will run the loans through the audit software to identify loans that they want to look at in more detail, via on-site paper copies of loan files or electronic images.
In the initial off-site examination phase, a lender may be scrutinized by 20 or more examiners from as many as 35 states. Ultimately, depending on whether an on-site visit is deemed necessary, five to 10 examiners will actually go on-site for the follow-up reviews.
It’s important to note that this new type of examination is not just some far-off idea. As of July 2010, several states are pursuing pilot off-site monitoring programs. This means that loan information is collected and audited on an ongoing basis. Regulators build “risk profiles” of the entities they supervise, and target further examinations accordingly.
For example, in a recent announcement, North Carolina stated that it will require mortgage lenders and mortgage brokers to provide the characteristics of originated loans in an electronic format on a quarterly basis, within 45 days after each calendar quarter. The state can make use of this information to track loan origination violations and, in turn, recommend companies for multi-state exams.
With all of these changes approaching quickly, it’s important to start your technology preparations today. A good first step is to go to the RegulatorConnect portal that CSBS and AARMR have designated as the hub for the new e-Exams. From there, licensees can download information about the necessary electronic data formats and the submission process.
Regulators require that loan information is submitted in a specific file format called a Licensee Examination File (LEF). Details about that format are available for license free-of-charge to qualified entities at the RegulatorConnect portal. State-regulated institutions can license the LEF format for use in formatting and transmitting loan-level data required for use in e-Exams.
You will first want to make sure that you have all of the required loan information in an electronic form. Depending on the size of your institution, the data may reside in multiple systems or data warehouses. Data gathering can be a chore, as any IT professional will tell you, so that’s just another reason to start preparations ahead of time. The LEF specifications will tell you what information you will need to have available electronically and how it needs to be formatted.
Another option for lenders and brokers is to check to see if your systems already have built-in capability to export loans in the format needed for e-Exams. Systems of record that commonly have the necessary information include loan origination systems and loan document systems. You can talk to your technology vendors to find out whether they have built the necessary export capabilities into the systems you use.
Similarly, as a mortgage technology vendor, you should be prepared for your customers to come to you asking what your systems can do to facilitate e-Exams. There is a portal called RCCertify, located at www.RCCertify.org, for technology vendors to learn more about the capabilities they can develop to assist their clients with e-Exams. Vendors should review the e-Exam file format to see if they have most of the required information. If so, it may make sense for them to develop export capabilities for their customers to use for e-Exams.
On the compliance side, institutions can plan ahead by instituting “self-examination” policies and procedures. Compliance auditing technology is widely available in the mortgage industry. You should identify a system that covers all of the tests that the examiners run and works together with your existing technology systems. Running audits ahead of time enables you to identify and mitigate deficiencies before you find yourself in the midst of an e-Exam.
You can expect that multi-state examinations will be more intensive and have a higher profile than individual state-by-state exams. Because states can share information, a compliance issue in one state can turn into an issue with many states.
On the other hand, technology should make examinations more uniform and more predictable. Combining multiple state exams into a single multi-state examination should save time and money in the long run. Since regulators have publicized the examination scope and have made the industry aware of the exact tools they will be using for the new e-Exams, you can make technology and operational plans now so that you’ll have no surprises when your first multi-state exam comes around.
Note: This article has not been endorsed by CSBS, AARMR or any state regulator. The information contained herein is derived and compiled from numerous publications, presentations and interviews of regulatory officials.
Jason Roth is co-founder and senior vice president at ComplianceEase, overseeing the company’s suite of mortgage compliance and risk management products, including ComplianceAnalyzer, which audits loans for compliance with federal, state and municipal requirements. Roth has a bachelor of science degree from the California Institute of Technology (Caltech). His previous work includes positions at Adobe Systems Inc., developing Acrobat and PDF document technology. For more information, e-mail email@example.com or visit www.complianceease.com.