The Truth About Transaction Risk Management


Chris-AppieHow old are your kids? This should be an easy question, but sometimes it’s not. Like many of you, I have young kids and either out of genuine interest or Midwestern civility, people I meet often ask me their ages. There are, of course, rules for these types of inquiries, unwritten conventions with which we must comply or risk eliciting looks of confusion from the questioner. We all know (or should know, I’m told) that if you have a daughter born 17 months ago, she is not one year old: she is 17 months old. But, if you have a daughter born 37 months ago, she is three years old. No one would describe her as 37 months old. Through trial and error, I’ve concluded that 2 ½ is the magic imaginary line where age should be communicated in years rather than months. Fortunately for us, with its new mortgage disclosures the Consumer Financial Protection Bureau (CFPB) has not allowed so much guesswork in requiring a lender to disclose the age (term) of a loan. In fact, they have been rather forthright:

“Describe the loan term as “years” when the Loan Term is in whole years. For example “1 year” or “30 years.” (comment 37(a)(8)-1.i, -1.ii). For a Loan Term that is more than 24 months but is not whole years, describe using years and months with the abbreviations “yr.” and “mo.,” respectively. For example, a loan term of 185 months is disclosed as “15 yr., 5mo.” For a Loan Term that is less than 24 months and not whole years, use months only with the abbreviation “mo.” For example, “6 mo.” or “16 mo.” (comment 37(a)(8)-2).”

The Bureau has required the presentation of data in a way that makes sense to a consumer and is consistent with how one’s brain measures time, whether it’s a baby’s life or a loan. This example, and there are hundreds like it, does provide some regulatory clarity, but how do you ensure the data actually gets disclosed in this way to a borrower? Having a targeted compliance outcome is great, but how do you guarantee it? Do you rely on procedures or loan officers with checklists? The risks are simply too high for that. Today’s financial industry requires a lender to have an entire solution designed exclusively to manage these types of risks. A transaction risk management solution takes the guesswork out of compliance, lowering your risk in a high-risk environment.

A Changing Landscape

The U.S. financial industry is experiencing rapid evolution. While we are past the trial-by-fire days of the 2008 financial crisis, the consequences of that difficult time continue to impact the way we do business. Increased regulatory oversight from the CFPB and other agencies, as well as the uncertainty of regulatory changes yet to come, have created a hazardous business environment. There is a natural tendency in the industry to address these hazards strictly in terms of compliance: if you think you have a compliance problem, then you look for a compliance solution. But if we take a step back, we can see that this is not simply a matter of fulfilling various compliance mandates. In recent years, the Federal Reserve has increased its focus on enforcing the mandate that financial institutions implement an enterprise risk management solution, one that effectively addresses operational risk, compliance risk, reputation risk, and liquidity risk. These risks exist at the enterprise level for your institution and touch everything that you do as an organization. They carry with them costly consequences when they aren’t managed properly. The only way to address them is at the enterprise level, with an enterprise-wide solution.

Raising the Stakes

These risks are ever present and their management by financial institutions is closely monitored by the CFPB as well as other regulating agencies. In the wake of the market upheaval of 2008, financial institutions are becoming increasingly familiar with the demands of managing these various types of enterprise risks. As a result of the CFPB’s aggressive focus on Unfair, Deceptive, or Abusive Acts or Practices (UDAAP), many financial institutions are struggling to ensure that they can demonstrate that their specific policies, processes, and procedures are fairly and consistently applied across their customer communities.

Violations of UDAAP can expose an institution to millions of dollars in potential civil penalties. In July of 2012, one of the nation’s largest consumer lenders was assessed a total of $60 million in penalties by the CFPB and OCC, who cited: “[The] Bank’s failure to develop and implement a comprehensive and effective enterprise risk-management program to detect and prevent unfair and deceptive practices.”

Risk, Unmanaged

In the absence of a transaction risk management solution, your institution is responsible for maintaining the integrity of the entire transaction data flow. You are responsible for ensuring that your institution’s policy disclosures contain appropriate data based on state and federal regulatory requirements and applicable case law. You are responsible for determining that the data is consistent across all documents required to memorialize the transaction. You are responsible for determining in any given transaction that there is data consistency across all documents. You are responsible for determining complex, state-specific entity types such as limited liability companies and limited partnerships, and for determining the correct organizational authorizations. Failing any of these responsibilities exposes your institution to the risk of unenforceable transactions that impact liquidity, compromise your reputation, and result in legal and regulatory repercussions.

The personnel costs associated with documenting organizational practices—and the potential legal costs and regulatory fines associated with failures to do so—are considerable. The likelihood of employee error is significant, exposing your financial institution to legal challenges and regulatory violations. Training is an ongoing, institution-wide effort requiring resources to develop and deliver updates as they become necessary. While your staff is engaged in this effort, they spend less time with loan applicants and have fewer opportunities to set your institution apart in a mortgage lending industry that suffers from over-commoditization, which forces lenders to win business by competing almost solely on the ability to offer the lowest rates.

Your ability to establish and nurture applicant relationships is as critical to your success as your ability to complete every transaction compliantly with minimal risk. Deployment of a transaction risk management solution allows you not only to successfully manage transaction risk, but maximizes your staff’s availability to effectively service customer relationships.

Content Configuration

Of course certain data is required in transactions by federal and state regulation, and every institution must present that content in the same manner at transaction time. That said, your institution is unique. You have operational procedures and policies that are unique, and you certainly have products that are unique and need to be represented as such. In order to present your products and policies accurately at transaction time, you need to define and control the language you use to describe them.

In the absence of a transaction risk management solution, your institution is responsible for maintaining the language used at transaction time. How many FTEs are tasked with reviewing this content for errors and inconsistencies? What happens if they get it wrong? What untapped value could they be delivering if they did not have to spend time on this?

Data Analytics

The analysis of transaction data is critical for successful risk mitigation. Take a moment to think about how you are pulling together the documents required to create an enforceable loan. You probably have a library, but who is responsible for ensuring that you’re using the correct version of each document? What about state-specific requirements that affect applicable content necessary to perfect security interests, correct determination of ownership types and signers, and properly construct often complex signature sections? Are you leveraging risk management technology to reduce payroll and ensure consistent results across all branches? Even if your staff is trained on how to input months rather than years, there is a misdirection of resources if they are manually recreating analytical processes that can be more reliably delivered through technology.

Beyond those first-round diagnostic analytics, any failure to identify the required output documents for a given transaction can jeopardize the integrity of the entire transaction itself. Compliance officers are often required to determine, set up, and maintain document groups. To complete a transaction, your staff must select documents from these pre-set groups that align with the specific transaction in question. The risks created with such a process are numerous, but they virtually disappear when risk management technology does the heavy lifting for you. By automating the operational processes that determine if loan criteria are valid, the correct quantities of each document needed, and which borrowers are required to receive which documents, a risk management solution creates more bandwidth for your loan application and closing personnel to secure customer relationships.

A Dollar Saved

When your institution is compliant, you avoid the serious financial penalties associated with regulatory fines and legal costs. Compliance is critical to protect the assets of your institution, but it is no more a money-making venture than fire-proofing your building. A TRM (transaction risk management) solution does more than protect you from regulatory hazards. It positions your institution to capitalize on business opportunities and extends the profitability of your mortgage lending products. So don’t worry about figuring out how to disclose how long it will take your loans to mature, there’s TRM system for that—now all we need is a system to tell us how long it will take for our kids to mature.

About The Author