It’s amazing how little due diligence lenders do on their vendors. Maybe if some lenders looked under the covers at Ellie Mae they might have seen vulnerabilities that might have prevented them from going with a system that could go down or they could have had the right strategies in place to protect themselves when/if their system goes down. Well, vendor and third-party service provider due diligence is actually required by the CFPB and others. Here at PROGRESS we recently demoed a solution to automate this process.
In this case, we saw ServiceProviderCompliance.com (SPC), a centralized vendor management and compliance platform for all types of third party service providers. SPC allows the subscriber to address the compliance and risk mitigation requirements of the OCC, CFPB and other federal and state regulators as they apply to third party service providers. Lenders set up and use the platform as the lender and their compliance team see fit. Lenders establish their own compliance parameters and select what level of compliance and vetting they desire.
ServiceProviderCompliance.com provides all originating lenders, servicers, AMCs, and other entities involved in mortgage lending, buying and selling, with a single platform to perform the following operations on service providers: (1) Search; (2) Select; (3) Contract with; (4) Perform Due Diligence (5) Verification of Documentation and Information; (5) Monitor; (6) Review Performance, and; (7) Terminate any and all of Third Party Service Providers. The system is always free for all service providers and is licensed for use on a monthly subscription basis for basic access to subscribers.
In looking at the system, it was designed to be easy for subscribers to use and third party service providers to hook into. ServiceProviderCompliance.com makes it simple to establish and implement the company’s compliance and due diligence requirements for each service provider type. Here’s how it works:
>> The subscriber sets up the company and its users. The system requires at least two Super Users to set up and agree to the compliance requirements for your company.
>> The subscriber selects the type of service provider that it is setting up compliance requirements for. Closing agent and appraisers are just a couple of examples of the many supported service provider types.
>> Subscribers go through the step-by-step online menu to set up compliance and due diligence requirements for the chosen type of service provider.
>> The subscriber chooses the minimum documentation, licensing and insurance requirements for the service providers. The subscriber can change the compliance parameters at any time with approval of the two super users. Changes in parameters will automatically notify all connected service providers of said changes and the subscriber will be able to determine what if any grace period will be granted to its existing service providers for compliance with the change of compliance parameters.
>> The subscriber can then upload its current list of service providers in one easy step. All that is necessary at minimum is a name and e-mail address.
>> At that point, an e-mail will then go out to all of the service providers inviting them to come to SPcompliance.com, register and provide all of the required information and documentation that the subscriber requires. The subscriber will be able to monitor its service providers’ responses to its request.
It’s that simple and easy to start monitoring all third party service providers.