Executive Spotlight: Jason Roth of ComplianceEase

Jason-RothToday, the spotlight is on technology and our guest expert is Jason Roth, chief technology officer at ComplianceEase.

Q: TRID has been in effect for nearly two months. What impact has it had on the current operations within the industry?

Jason Roth: TRID has certainly slowed things down as lenders ease into new procedures. The Mortgage Bankers Association’s Weekly Mortgage Applications Survey ending the week of October 2, 2015 showed a 25.5 percent jump in applications—implying that lenders tried to get in as many applications as possible under the pre-TRID forms and rules.

Our own data confirms this. Looking at a sample of more than 200,000 loans audited in ComplianceAnalyzer in October, there was clearly a gradual shift in volume towards TRID loans. In the first week after TRID was effective, only around 9 percent of loans audited were originated on TRID forms. That share increased to about 30 percent for the last week of October.

Featured Sponsors:

[huge_it_gallery id=”2″]

By front-loading pre-TRID applications before the effective date, lenders have been able to limit the number of TRID loans that they have to work with and iron out any issues before the pipeline becomes mainly TRID loans.

Q: What do you see as the most pressing tech challenges facing the industry?

Jason Roth: If you look at TRID and the newly finalized HMDA rule, it seems the most pressing challenges facing our industry center around capturing and retaining data.

Under TRID, lenders must have complete records of every change to every fee charged on a mortgage, along with supporting reasons for the change and subsequent re-disclosure to the borrower. This creates two challenges. First, there are new pieces of data that need to be collected and retained, many of which were not mandatory for compliance under previous TILA and RESPA disclosure requirements.

While it is possible to implement manual workarounds to store the information on spreadsheets or hard-copy documents, it only works in low-volume situations. It does not scale well and could lead to delays that impact the borrower’s experience.

Featured Sponsors:

[huge_it_gallery id=”3″]

Second, the data all must be easily reportable to regulators and investors. If records are scattered throughout different systems or even stored on paper or as imaged documents, it will be very expensive to demonstrate compliance with TRID.

In addition, the new HMDA rule will require significant amounts of new data to be collected and, of course, organized in a way that is easily reportable for regulatory purposes. Moreover, to prevent unpleasant surprises, lenders will need to be performing data analysis on an ongoing basis, and not just when March comes around each year. All of these regulatory changes add up to big changes and big data.

Q: There are endless news stories on the threat to cyber security. How severe is this threat, and how is the industry responding to it?

Jason Roth: Although information security issues seem to have recently emerged as a common topic of coverage in the national news, financial services institutions have been wrestling with security and data handling issues for much longer. Since 1999, the Gramm-Leach-Bliley Act has mandated that financial institutions of all shapes and sizes safeguard customer information. In addition, investors and government agencies have long required that banks and lenders maintain security policies and procedures for the security of sensitive information; and the CFPB has made it clear that financial institutions are responsible for their own policies and procedures as well as those of their technology vendors.

In order to protect themselves from being buried by security audits, many in the industry have looked to standardization of their procedures to provide evidence of their security controls. For example, our company opted to complete an audit under AICPA’s SOC2 standard and the controls stipulated by their Information Security trust principle. We’re also members of the Shared Assessments group, a consortium that develops standardized information collection templates to maintain evidence of security controls.

Since many banks and lenders use these templates, it has been helpful for us to organize our own policies around those standards and saves a lot of time when responding to inquiries. There are also some efforts within workgroups established by the Mortgage Bankers Association to develop some agreed-upon security standards for mortgage lenders.

Q: What do you see as the major tech trends for 2016?

Jason Roth: There are many new financial services companies, armed with newer technology and fewer legacy systems, looking to “disrupt” the industry. Although they still face significant regulatory barriers to operate legally as a financial services institution in the United States, these new types of lenders will eventually start to pose a real threat to traditional lenders.

We’re seeing startups, like SoFi, build successful mortgage and student lending businesses by investing in technology that focuses on streamlining communications, improving borrower interaction and making the lending process more transparent in order to serve the millennial generation. These are things that are difficult for traditional financial services companies to do because they’re using traditional LOSs that don’t provide the borrower with visibility. Complete reinvention for traditional lenders will come incrementally over several years with several iterations of new technology.

But in the near term, the focus will be on developing innovative technology to create a superior customer experience.