In an extraordinary turn of events, “the leadership of the Consumer Financial Protection Bureau has been in controversy since last Friday when outgoing Director, Richard Cordray, and President Trump designated dueling individuals to serve as acting Director of the Bureau following Cordray’s resignation”, to quote Mitch Kider of the law firm Weiner, Brodsky and Kider. This situation presents some interesting dilemmas for compliance and quality control professionals, many of which are described by Mr. Kider in a Special Alert. The Alert provides a synopsis of the situation and its implications and is well worth reading in full right here. The industry is watching closely as the drama unfolds!
One of our favorite newsletters, published by mortgage industry veterans of 30+ years’ standing, is the Garrett McAuley Report, a no-nonsense look at some of the issues percolating in the industry. The latest edition mentions the relevance to our industry of the recent ransomware attacks that affected most major countries in the world . Here’s their take. How are you positioned for this eventuality?
For more along the same lines, check out their Articles page.
May 21, 2017
To Our Clients, Colleagues, and Friends:
- Everyone has heard about the ransomware attacks last week, and our impression is that very few independent mortgage companies are prepared for this sort of thing. About 70-75% of our clients use Ellie Mae’s Encompass, and when we ask about the security of their loan files, the answer is usually along the lines of, “Not a problem. Encompass is hosted.” True but irrelevant if cyber-attacks take down Ellie Mae and you don’t have back-up. Do yourself a big favor and start thinking through all the ways you need to protect yourself.
- Think about all the vendors you do business with, and think about how their sudden failure would affect you. As improbable as it seems, what if Ellie Mae failed, or your hedge advisor, or your biggest investor? I asked one mortgage executive how his company would be affected if Encompass made an announcement that they were immediately ceasing all operations. He laughed and said that could never happen, but people also said that about Lehman, Bear Stearns, New Century, and WaMu. I once met a fellow from Chicago, his last name was Kelly, who owned a bunch of banks. Back around 2005 or so, they bought preferred stock issued by Fannie Mae, and that was when Fannie Mae was considered A+ solid. When Fannie Mae was placed into conservatorship, the securities plunged in value, and the FDIC seized all 5 or 6 of his banks.Anyway, I’d say that 90% of our clients don’t do adequate due diligence on their counterparties, and there’s real risk there. Here’s a 13-page guide, Outsourcing Risk, put out by the Federal Reserve on managing counterparty risk, with an emphasis on outsourcing.
Here’s a good description of the ‘lines of defense’ approach that many financial institutions are taking to quality control, operational risk management and compliance risk management. Without a framework like this, it becomes much more difficult to meet today’s enhanced regulatory scrutiny, increasingly complex regulatory requirements and rapid pace of regulatory change.
In a growing trend towards streamlining and standardization of quality control and compliance methodologies, HUD has introduced a Defect Taxonomy in its “FHA’s Single Family Housing Loan Quality Assessment Methodology“. This document lays out the methodology that the FHA plans to adopt to improve its own QA efforts.
Knowing how FHA will be evaluating loans is helpful in designing your own QA program. Particularly useful is the definition of nine defect categories, numerous sources/causes for the defects, and four levels of defect severity. These can be roughly translated in ‘Cogentspeak’ to audit question categories, preset comments, and findings levels respectively.
For those configuring their Cogent FHA audit shells: your work has just become easier and more complex at the same time.
The 2015 Cogent Quality Symposium (May 6-8) once again brought together clients from all corners of the country in downtown San Francisco. As with all Symposia, the main attraction for clients was the opportunity to interact with other Cogent clients. Judging by feedback, the single most requested item at the Symposium was the opportunity to spend more time with other Cogent clients, sharing challenges and solutions and just plain stories. We will take that into next year’s Symposium planning.
Meanwhile, we are introducing a couple of initiatives to enable clients to interact immediately and on an ongoing basis with fellow Cogent users:
- Starting in Summer 2015, we will schedule live quarterly WebEx sessions for all Cogent users. The initial format – open to change based on feedback – will be 60-minute sessions, beginning with a demo of new or existing Cogent QC System features and proceeding to open discussion on Cogent-related issues.
- We are launching a Cogent QC Systems Users Group on LinkedIn. This will serve as a discussion board.
More information on those initiatives coming shortly.
Of course, client networking was not the full story. Cogent introduced a slew of technical features in the latest release, Version 220.127.116.11, and announced a brand new technology called Document Depot. We will shortly offer an online demo of Document Depot, which allows Cogent QC System users (both ProductionQC and ServicingQC) to upload any document in a standard format (such as PDF, DOC, XLS, etc.) into the Cogent system database. This may include appraisal reports, credit reports, loan documents, reverification letters, and so on. The document may be associated in Cogent with a particular loan record and/or with a particular audit question.
Lastly, what’s a San Francisco experience without a gourmet touch? This year, that took the form of a wonderful menu at La Mar Cebicheria on the Embarcadero. Here’s a taste, for those who could not make it this year. We hope to see everyone next year!