ComplianceEase Adds New Home Equity Audit Functionality

ComplianceEase has updated its flagship platform—ComplianceAnalyzer—so it is now able to audit home equity lines of credit (HELOCs) for state licensing requirements in most states.

Featured Sponsors:


ComplianceAnalyzer with TRID Monitor has been able to audit both closed-end and open-end mortgages for federal, state and local requirements, including TRID compliance, and for state predatory lending issues for some time. ComplianceEase has now enhanced the system to allow non-banks, banks and credit unions to audit all liens in most states in which they are licensed. Currently, the system covers more than 80 licensing types in the 42 states that account for more than 90 percent of home equity originations in the United States.

Featured Sponsors:

Depending on the state license, the system can test HELOC originations for:

>> Interest rates

>> Restricted fees

>> Late fees

>> Grace periods

>> Prepayment penalties

“According to TransUnion, approximately 5.5 million HELOCs were originated in the last five years, and that number could rise to 10 million over the next five years,” said John Vong, president of ComplianceEase. “With rising home prices creating equity, one estimate says that 44 million homeowners now have more than $6 trillion in ‘tappable’ equity and could be candidates for home equity lines and loans.”

Featured Sponsors:

Vong added, “Not surprisingly we are seeing a growing interest from banks and now non-banks in this category. From a compliance perspective, however, the patchwork of different state regulations for both real estate and consumer lending has presented challenges for lenders with multi-state footprints. Our new enhancements to ComplianceAnalyzer mean that lenders can now use their preferred system for first mortgage compliance to reduce exposure to potential state licensing rules for HELOCs as well.”

Enhancing Profitability Through Better Compliance Management

Compliance has always imposed serious financial and human resource costs to servicers. Recent years have brought added pressure on the mortgage industry to better manage compliance and consider its significance. The industry responded by implementing new processes and technology to tighten up the manner in which lenders deal with regulations. Compliance is now considered a top priority by servicers, despite the CFPB’s recent moves to rethink regulation enforcement. It may come as a surprise that the vast majority of servicers are overspending on compliance, yet are still not in full compliance with the latest regulations. This makes them vulnerable during an audit, as well as less profitable.

A major flaw in servicers’ management of compliance is that there is an assumption that one, single universal national standard exists among their staff members, even if it is not official policy. This is misleading as each state has its own requirements that differ greatly from each other.

Featured Sponsors:


Many servicers are actually non-compliant in stricter states, while spending too much on compliance in those that are less strict One example of this is in the collection of reinstatement fees. Some states forbid servicers from collecting them from consumers, yet many servicers do so, despite local regulations. At the same time these same servicers may be declining to collect them in states that permit it.

But how does a servicer, who may feel confident about compliance having already implemented extensive changes to the organization’s compliance efforts, determine whether or not they are falling victim to this trend?

Internal Audit to Access Risk

There are steps servicers can take to assess required changes to compliance and profitability. First, an internal audit should be conducted, with full support of C-level leadership. Audits help identify the level of risk and loss of profitability. Compliance, accounting staffs and the CFO should be involved in this step.

Featured Sponsors:

A typical “red flag” that the internal auditing teams will look for may include the average write-off cost per loan in each state. The strictness of regulatory compliance and cost of doing business within each individual state varies considerably. However, as a general rule, a servicer can expect writing off $750 or more per loan. Anything less is an indicator the servicer may be collecting more than they are allowed. Conversely, if a servicer is writing off more than $1,750, this is a warning that not enough money is being collected. It is very common for servicers to find they are actually missing out on some payments while simultaneously collecting too much for other payments.

Outside Consultant to Seek Areas of Improvement

If the internal audit team finds issues, the next step is to hire an outside consultant to conduct an independent review and make recommendations. Outside consultants bring added objectivity to the project and can dig much deeper by spending more time on the issue than internal auditors. Outsiders can devote themselves full time to solving any problems without disrupting the flow of business. It is critical to include the internal auditing team in the process when changes are being implemented since they will have a much greater knowledge of the company’s culture and people than an outside consultant.

Replace Manual Processes With Automation

One of the most common recommended changes is to replace manual processes with automation. Automated processes enable reduction of errors and increased productivity. Many servicers may not consider technology upgrades until after fines have been levied by auditors. Passing audits without issue is more likely when automated processes are implemented and utilized properly.

Featured Sponsors:

Transform Hiring and Training Processes

Another popular recommendation is to examine and alter recruiting and staffing processes where necessary. Many servicers try to cut costs by hiring people who have limited knowledge of complex compliance issues. Additionally, many of these servicers do not adequately train new staff about compliance once they’ve been hired. When inadequate training is combined with using outdated manual processes, the results can be even more disastrous.

Servicers should focus more on hiring staff with more compliance experience. Hiring staff with less experience because they are cheaper can often be more expensive to a servicer in the long run. Training should also not be viewed as a one-time effort. It should be ongoing throughout the year. Depending on the complexity of the regulations involved, retraining could occur as often as once a quarter.

Improve Quality Control

Finally, servicers need to redefine their quality control procedures. Servicers that have completed their own internal compliance audits will undoubtedly find errors or other violations that need to be corrected. Consultants can offer advice on modifications and revisions to existing quality control efforts.

Compliance checks should occur at every stage of the quality control workflow. Many lenders delay compliance checks until the end of the process. This can cause missteps and require rework. Modern quality control processes provide compliance training to most staff, who are enabled to validate their work before moving forward. All staff plays a vital role in the success of the quality control effort. It is a costly mistake to assume compliance is entirely the responsibility of compliance officers.
Too many servicers have become overconfident in their ability to meet regulatory standards because they have spent years building up their company’s compliance machine and devoting very significant resources to do so. Yet the vast majority are not as compliant as they may assume nor as profitable as they could be, and this puts them at significant financial risk while eating away at their bottom lines. Proactively assessing the level of compliance and risk within the business is the most practical manner in which to reduce risk and boost profitability.

About The Author

Denis Brosnan

Denis Brosnan is the president and chief executive officer of Dallas-based DIMONT, provider of specialty insurance and loan administration services for the residential and commercial financial industries in the United States. Additional information is available at

A New Way To Increase Efficiency And Analyze Fraud Investigation Data

ACES Risk Management (ARMCO), a provider of technology for loan quality and compliance testing, data validation and analytics, announced the launch of Fraud Case Manager, a technology designed for managing and analyzing fraud investigations.

Featured Sponsors:


“Fraud cases are full of confidential details and valuable data, and most lenders aren’t using this data to their advantage,” said Phil McCall, president of ARMCO. “Now lenders can use Fraud Case Manager to protect sensitive information, analyze data for strategies going forward, and increase efficiency and accuracy.” 

Featured Sponsors:

Mortgage lenders, like all financial institutions, are required by law to monitor and report suspicious activities. Most lenders have numerous fraud investigations open at any given time. To manage them, they use spreadsheets or disparate technologies, both of which are prone to security breaches and errors. 

Featured Sponsors:

Fraud Case Manager provides lenders with a secure, fully configurable web-based alternative where they can manage all fraud investigations in one central location, and avoid the risks and delays associated with traditional fraud case management methods. For example, users can track any detail of any case in seconds rather than searching through numerous spreadsheets and technologies. They can limit usage to authorized parties rather than using open access documents like spreadsheets. Fraud Case Manager allows users to analyze data and create comprehensive reports that provide valuable insights for strategies going forward, rather than remaining unaware of trends and reacting to repeated issues as they arise.

“Fraud will never be eliminated—lenders’ best defense is identifying trends as quickly as possible,” said McCall. “Now they can uncover the issues that trigger investigations in moments, whether brought about by staff members, oversights or any other variable. That’s the biggest step forward lenders can take in mitigating fraud risk.”

About The Author

Tony Garritano

Tony Garritano is chairman and founder at PROGRESS in Lending Association. As a speaker Tony has worked hard to inform executives about how technology should be a tool used to further business objectives. For over 10 years he has worked as a journalist, researcher and speaker in the mortgage technology space. Starting this association was the next step for someone like Tony, who has dedicated his career to providing mortgage executives with the information needed to make informed technology decisions. He can be reached via e-mail at

Court Rules All Participants May Be Liable For Fraud Loss

CertifID, a real time identity management platform that helps protect real estate professionals from wire fraud, released its most recent white paper, “WIRE FRAUD IS EVERYONE’S PROBLEM.”  Written by Thomas Cronkright II, CEO and Co-Founder of CertifID, the white paper addresses the recent ruling by the District Court of Kansas in Bain v. Platinum Realty, LLC et al. which heightened the standard of care owed by transaction participants to prevent wire fraud losses.  (Bain v. Platinum Realty LLC et al., Case No. 16-CV-02326-JWL, Dist. Court, D. Kansas, 2018). According to the ruling, anyone, including title agents, underwriters and mortgage lenders, involved in a real estate transaction may be held liable where fraud occurs, regardless of the relationship between the parties.

Featured Sponsors:


The jury in the Bain case found a real estate agent and her broker jointly and severally liable for 85% of losses incurred by a buyer when the buyer was tricked into wiring funds to a fraudulent account in connection with a real estate transaction.  Based on the pleadings and motions filed with the court, the real estate agent’s email account was compromised by cyber fraudsters who used the account access to send fraudulent wiring instructions to the buyer.  The buyer trusted the wiring instructions because they were sent directly from the agent’s email account and contained information relevant to the upcoming real estate closing.  The jury found the agent and her broker liable for negligent misrepresentation and ordered both of them to pay $167,129.27.  Importantly, there was no direct tie between the buyer and the agent or the broker, as the agent and broker in this case, represented the seller.  The buyer was an experienced real estate investor that was unrepresented.

Featured Sponsors:

“The moral of the story appears to be that, no matter your role in the real estate transaction, you have a duty to take reasonable steps against cyber fraud,” said Cronkright. “Title companies; loan officers, attorneys or financial institutions…this ruling sends a strong signal that we’re all responsible to guard against cybercrime and wire fraud.”

Cronkright states the case appears to expand the duty of care in two ways. First, participants may be held jointly and severally liable for losses due to cybercrime if their email, systems or information is compromised.  Secondly, the standard of care may expand to all parties in a transaction regardless of direct contract or fiduciary relationships between them.

Featured Sponsors:

The white paper includes the following:

>> Key facts, pleadings, pre-trial motion activity, verdict and post-verdict motions; and

>> Ways to meet the new standard of care including best practices to keep you and your customers safe.

It is now available for download at no cost at

About The Author

Tony Garritano

Tony Garritano is chairman and founder at PROGRESS in Lending Association. As a speaker Tony has worked hard to inform executives about how technology should be a tool used to further business objectives. For over 10 years he has worked as a journalist, researcher and speaker in the mortgage technology space. Starting this association was the next step for someone like Tony, who has dedicated his career to providing mortgage executives with the information needed to make informed technology decisions. He can be reached via e-mail at

Banking Compliance Index Nearly Doubles In Q2

The Banking Compliance Index (BCI) nearly doubled from Q1 2018 to Q2 2018, revealing the significant impact of regulatory relief bill S.2155, which contained over 50 separate regulatory changes. This BCI increase reinforces that any change, whether adding or reducing regulations, translates to extra work for institutions. Also, the agencies have now filled their vacant leadership positions, which reduced some of the regulatory uncertainty experienced last quarter and may have contributed to a warmer enforcement climate.

Featured Sponsors:


“It’s not unusual to experience an uptick in regulatory activity from Q1 to Q2, but this is a more substantial jump than we’ve seen in years past,” stated Donna Cameron, Continuity’s director of regulatory I/O. “We’re just starting to see the impact of the regulatory relief bill on banks, credit unions and lenders. The bill added a significant number of pages and material that organizations had to read, interpret and decide on appropriate action forward. This increase in activity is only expected to continue as the agencies issue implementing regulations and guidance documents.”

Featured Sponsors:

The Banking Compliance Index, published quarterly by Continuity’s Regulatory Operations Center® (ROC) quantifies the incremental burden on financial institutions in keeping up with regulatory changes. The typical community financial institution needed more than one full-time employee (1.11) just to keep pace with regulatory changes. This score doesn’t include the resources institutions are already dedicating to regulatory and compliance efforts.

Featured Sponsors:

There were 61 issuances delivered between April 1 and June 30, 2018, up from 50 issuances the previous quarter. Compliance costs increased from $10,776 in Q1 2018 to $19,114 in Q2 2018, and hours required to comply per institution went from 219 hours in Q1 2018 to 369 hours in Q2 2018, a 68-percent increase.

Cameron added, “When any change occurs, institutions must make significant modifications such as retraining staff, upgrading technology, reevaluating risk and tweaking operational procedures. This is why it’s critical for institutions to have a strong, comprehensive change management system in place to help them quickly and efficiently navigate the impact of regulatory activity, especially now in the wake of regulatory relief.”

Reinstatement of the Protecting Tenants at Foreclosure Act was a significant change during Q2 2018. The act, which was terminated in December 2014, was reinstated by the regulatory relief bill, effective June 23, 2018. Other notable provisions of the bill were changes to the ways reciprocal deposits and High Volatility Commercial Real Estate are calculated and reported. These amendments were effective on the day the regulatory relief act was enacted, May 24, 2018.

“We can expect to see a more active second half of the year in regards to regulatory activity and issuances,” Cameron explained. “Agencies have made it clear that they plan to accelerate regulatory relief activity and provide guidance as soon as possible. Financial service organizations must proactively work with their regtech partners to help them automate compliance processes, interpret regulations and centralize efforts to prepare for the upcoming changes.”

The Banking Compliance Index (BCI) is a quarterly tracking index published by Continuity’s Regulatory Operations Center. It measures the incremental cost burden on financial institutions to keep up with regulatory changes.

Tony Garritano

Tony Garritano is chairman and founder at PROGRESS in Lending Association. As a speaker Tony has worked hard to inform executives about how technology should be a tool used to further business objectives. For over 10 years he has worked as a journalist, researcher and speaker in the mortgage technology space. Starting this association was the next step for someone like Tony, who has dedicated his career to providing mortgage executives with the information needed to make informed technology decisions. He can be reached via e-mail at

Security, Profitability, and Compliance In The Cyber-Age

We don’t have to look very far to understand the damage of a data breach to individuals, corporations, and governments. Data breaches have become public relations nightmares; the cost to fix and identify the breach plus the costs to win back business hits the bottom line hard, or worse, leads to shuttered services.

In 2017 alone, 143 million consumers were impacted by the hacking of credit rating agency Equifax; the data of 51 million Uber users was stolen; and Yahoo revealed that all three billion of their accounts were hacked.

Featured Sponsors:


As compliance management costs continue to mount, so do the costs to innovate and match the pace of advancing technology and data breaches. The result: Capital One exited the mortgage and home equity loans business in November of 2017 citing lack of profitability, marking a pattern of decline across the traditional mortgage and financial lending industry. Meanwhile, an uptick in agile digital lenders steadily filled the void, with Quicken Loans taking 4.9% of total market share in 2016.

The urgency to protect terabytes of data with legacy systems in light of the increase in cybersecurity breaches has put incredible pressure on the financial services industry to quickly secure its data, while simultaneously tackling complex compliance regulations and preparing for a new set of HMDA 2018 data requirements.

Featured Sponsors:

How can we help the industry quickly adapt to protect its data, efficiently respond to compliance requirements, and maintain a profitable business?

Users of products and services from Microsoft, Amazon, Apple, and Google recently learned of security vulnerabilities in a wide range of computer chips installed on millions of personal tech devices. While the hardware was the source of the vulnerability, cloud-based software solutions closed the vulnerability. All it took was an automatic update.

Featured Sponsors:

To successfully maintain a competitive edge in the mortgage and lending market during the cyber-age, securing the high volume of sensitive mortgage data is paramount. It needs a system that can immediately close security vulnerabilities and update compliance calculations and requirements through the ease of an automatic update.

Cloud-based platforms have revolutionized the security of dynamic document generation software with system infrastructures that increase the protection of consumer data and deliver safer, faster, and more user-friendly systems. This solves for several mortgage industry challenges: the costs to secure big data, protecting the myriad of personal, and much more.

About The Author

David Greenwood

David Greenwood is Chief Technology Officer and oversees all aspects of Asurity Technologies’ technology vision, strategy, and execution for the firm, ensuring that its innovative compliance solutions meet rigorous standards for quality, security, and resiliency. David has significant breadth and depth of executive leadership experience in IT management, technical strategy, solution design, and technology planning, development and delivery. Prior to Asurity Technologies, David served as Chief Information Officer at Promontory Financial Group, where he had executive leadership over corporate information systems and business applications. David was also a Managing Director, Technology, in the U.S. tax business of PricewaterhouseCoopers, with a focus on leveraging new technology to deliver innovative products and services.

Now What?

Over a year in the making, TRID 2.0 was finally released on July 7, 2017. With an effective date 60 days after the final rule is published in the Federal Register, and a mandatory compliance deadline of October 1, 2018, the industry is sure to have a lot to say about these new regulations.

TRID 2.0 is meant to provide additional clarity to the original TRID rule that went into effect on October 3, 2015. Changes include:

Featured Sponsors:


Cooperative Housing. Loans on cooperative housing are now covered by TRID, having previously been left to state law definitions of real and personal property.

Tolerances. New tolerances have been added and others have been clarified, including total of payments, the “no tolerance” category and good faith, and property taxes.

Rate Locks. A new Loan Estimate, or Closing Disclosure, must be provided upon rate lock, even if nothing has otherwise changed.

Featured Sponsors:

Escrow. The Closing Disclosure Escrow Account Disclosures have been clarified, allowing for 12 months in “Year 1” calculations.

Additional Guidance. The amendment provides additional guidance around disclosure of construction to permanent loans, simultaneous second loans, disclosure of principle reductions, and a reiteration that re-disclosure of the Loan Estimate (LE) or Closing Disclosure (CD) is permitted at any time.

What’s Missing?

The CFPB has not yet finalized proposed changes to resolve the infamous “black hole” issue; instead, they published a new proposal. In case you’re unfamiliar, complications arise due to potential timing conflicts between the Loan Estimate and the Closing Disclosure. If a borrower experiences a change in circumstance after they have received the Closing Disclosure and needs to delay the date of closing, there are concerns that a lender will be unable to comply with both the requirements to provide a revised disclosure to the consumer within 3 business days of the change and simultaneously within 4 business days of consummation in order to reset the tolerance thresholds for the good faith determination. There is even uncertainty of the ability of a re-disclosed Closing Disclosure to reset tolerances at all. Can we expect a final TRID 3.0 to resolve the issue? Only time will tell.

Featured Sponsors:

Similarly, the issue of disclosure of simultaneous title quotes for owner’s and lender’s title premiums remains unchanged and unaddressed. The current, and very complicated, method of calculating lender’s title in the case of a simultaneous quote still stands and is not currently included in the “black hole” proposal.

What Happens Next?

Our main concern after dissecting TRID 2.0 is the phased implementation. On the surface this sounds like a great thing for lenders, but what happens when a consumer compares disclosures between lenders? This gets tricky when it comes to the application date. Additionally, you don’t want to change to the new calculations in the Calculating Cash to Close table mid-loan cycle with your consumers. This would result in re-disclosed Loan Estimates, or the Loan Estimate and Closing Disclosure on a single loan may utilizing different logic. This could confuse consumers as well as investors on loan purchase, and examiners down the line.

Regardless of the outcomes our industry will adjust. One thing is for sure, policies, procedures, and technology will continue to play an essential role in mortgage compliance.

About The Author

Amanda Phillips

Amanda Phillips is EVP Legal and Regulatory Compliance for Mortgage Cadence, an Accenture Company. She works closely with Mortgage Cadence Product and Development teams to help interpret compliance requirements and assist in developing risk mitigation strategies and implementing the requisite controls within the Mortgage Cadence platforms. She also communicates with clients regarding Mortgage Cadence compliance interpretations and controls. Phillips joined Mortgage Cadence in January 2014 as its Legal and Compliance Lead, guiding development of the organization’s technologies, including the Enterprise Lending Center, the Loan Fulfillment Center and the Document Center.

Lenders: Are You Unwittingly Violating The Consumer Credit Protection Act?

The Consumer Credit Protection Act. No doubt you’ve heard of it but, unless you’re a consumer protection lawyer or a masochist, you’ve probably never sat down and read it. Sure, everyone knows that law prevents “evil corporations” from taking advantage of consumers, but did you know that it also might penalize you or your company for trying to help your potential clients?

That’s right; you can be sued by the CFPB for providing assistance to your potential clients. This may seem counter-intuitive, but the way the law is written, if you or anyone in your institution attempts to help clients clear up some blemishes or inaccuracies on their credit reports with the goal of qualifying them for one of your financial products, you can be sued under a sub-part of the Consumer Credit Protection Act commonly referred to as The Credit Repair Organizations Act.

Featured Sponsors:


At this point you’re most likely thinking, “I work for a lender. We don’t provide credit repair, nor do we work with any credit repair companies. This can’t be true.” The alarming part is that you are not alone in making that assumption. Although the law was drafted to protect desperate consumers from people and entities that would otherwise prey upon them, in practice, it could potentially have a disparate impact upon upstanding lenders and others that work in the financial sector.

A multitude of lenders often provide seemingly innocuous advice with the intent of helping potential clients when their FICO scores fall short of the qualifying range.

However, in doing so, they’re actually violating federal law and breaching contracts with vendors without even knowing it. This article will provide you with a basic explanation of the Credit Repair Organizations Act, give some examples of how it has recently been enforced, and provide some tips on how to avoid potentially putting yourself or your company at risk.

Featured Sponsors:

Credit Repair Organizations Act


The Credit Repair Organizations Act (“CROA” or the “Act”) is a federal law, which falls under the broader Consumer Credit Protection Act. It was enacted to address growing concerns about unfair and deceptive trade practices in the Credit Repair Service industry. Specifically, the purpose of CROA is twofold: 1) to ensure potential customers have sufficient information to evaluate whether to purchase credit repair services; and 2) to protect the public from false advertising and deceptive business practices.

Prohibited Practices and Statutory Rights

CROA prohibits deceiving any credit reporting agency or any potential creditor, whether directly, or by counseling a consumer to provide misleading information. Furthermore, it specifically bars any credit repair organization from charging an up-front fee for its services, or otherwise defrauding potential clients.

In addition to prohibitions, CROA also dictates the manner in which credit repair companies must engage new clients. All credit repair companies need to provide a written service agreement to any potential clients prior to performing any services. Specifically, the service agreements must set forth the total amounts of any payments to be made, a detailed description of services, and estimated deadline for completion of services, and the right of the customer to cancel the contract within three business days of execution. Furthermore, the customer must also be given duplicate copies of any form that requires a signature.

Featured Sponsors:

In addition to a written service agreement, credit repair companies must provide a separate list of statutory disclosures regarding the rights of the consumers. Among them are the right to access and correct information on consumer credit reports, the right to sue under the Act, and the right to dispute information found on consumer credit reports. The complete list of disclosures may be found under § 1679c of CROA. These disclosures must be provided to potential consumers independently from any service agreement or other documentation, and must be retained for two years after the consumer signs off, acknowledging that they were, in fact provided.

Penalties for Non-Compliance

CROA was drafted to be narrowly interpreted. What this means is that any contract that fails to strictly adhere to all requirement set forth in the Act is automatically void; it cannot be enforced in any state or federal courts. Furthermore, the consumer may not voluntarily waive any provision of the statute, and any attempt to do so will be void as well.

Aside from contract enforcement issues, the statute also allows consumers to sue credit repair companies if those companies violate the provisions of CROA. In addition to being liable for all fees collected under the service agreement, credit repair companies who violate CROA will be liable for any financial harm sustained by the consumer, attorney’s fees, and potential punitive damages. The punitive damages, as the name indicates, are meant to punish companies that violate the provisions in the statute. Although the statute does not set forth a specific amount, factors taken into account when deciding an appropriate award are: 1) how often the company violates the statute; 2) the type of violation(s); 3) whether the violation was intentional; and 4) the number of consumers affected by the violation.

So what? I already told you that I don’t do credit repair.

Many lenders have this reaction after being forced to read through the seemingly irrelevant, dense legalese, above. However, few ask the fundamental question that really puts everything into perspective: How does the law define “credit repair organization”? The answer surprises almost everyone who is not intimately familiar with this law.

A “credit repair organization” is obviously any person or entity that provides a service with the aim of improving a person’s credit. However, the law also deems any person or entity that provides any advice or assistance to any person with the goal of improving their credit is a credit repair organization. That’s right. If you, as a lender, provide advice or assistance to any potential client in order to help that person improve his or her credit to qualify for one of your products, your organization falls within the definition of a “credit repair organization”.

Lenders’ innate desire to help their existing customers and potential clients qualify for loans and other products may, unfortunately, lead them down a slippery slope that could potentially impute unwanted and unintended liability. Once a lender takes any action to land itself under the purview of the statute, not only are they subject to potential law suits from consumers and the CFPB, they are also at serious risk of losing the ability to pull credit for violating the terms of service agreements.


The Consumer Financial Protection Bureau (commonly known as the CFPB) is a governmental agency that was formed after the 2008 financial crisis. The agency was established with the aim of protecting consumers from deceptive and unfair trade practices, and operates with the goal of acting as a watchdog and consumer advocate across a wide range of industries, which includes the prosecution of CROA violations in the credit repair industry. The CFPB has made itself a prevalent force in recent years by vigorously prosecuting violations of the law. When the CFPB gets involved, those companies that find themselves in its crosshairs are usually subject to hefty penalties. Below are two examples of recent cases in which companies were sued for violating the law.

CFPB v. Commercial Credit Consultants, et al.

In June 2017, the CFPB filed suit against three companies and two individuals in the U.S. District Court for the Central District of California. In its complaint, the CFPB alleged that the defendants charged upfront fees, made misrepresentations about their ability to remove negative entries on credit reports and ability to improve credit scores, failed to adequately disclose the terms of their “money back guarantee”, and misrepresented the costs of their services. On June 30, 2017, the Court entered an order granting an award of $1,530,000.00 against the Defendants.

CFPB v. Federal Debt Assistance Association, LLC, et al.

In its most recent filing against credit repair companies in Maryland, the CFPB coupled its consumer protection allegations with violations of the Telemarketing and Consumer Fraud and Abuse Prevention Act. In the Complaint, three companies and two individuals were accused of deliberately misleading consumers to make them think that the defendants were affiliated with the federal government, falsely advertising that they could reduce consumer debt by at least sixty percent, encouraging consumers to stop paying debts without advising as to consequences of non-payments, and collecting up-front fees for their services. This case is still pending as of the date of this publication.

Credit Reporting Companies

Credit repair companies are generally viewed in a negative light because of a few bad actors in the industry. Public perception is easily skewed when most publications and news outlets only report about companies defrauding their clients and/or cases in which the CFPB is prosecuting claims of statutory violations. In fact, this view is so prevalent, that some credit reporting agencies have even incorporated prohibitions on working with credit repair companies into their contracts with lenders.

Many of the largest providers of independent verification services in the financial services industry require lenders to certify that that they are not credit repair companies. These prohibitions are commonplace in the contracts across the industry, and have the unfortunate effect of preventing lenders from forming partnerships with credit repair companies to help their prospective clients begin taking steps toward credit-worthiness. This also means that if you or your company do, in fact, provide the type of assistance or advice contemplated by CROA, you could very well lose the working relationship with credit reporting companies and ability to pull credit, along with it.


It would be very simple to just swear off companies that provide credit repair, altogether, and conduct business by only marketing to those consumers who already qualify for your products. The issue with this mentality is that, according to a 2016 study published by the Federal Reserve Bank of New York, over one-third of all Americans have a FICO score below 620. If banks simply refused to work with or help these people, they would be, in effect, writing off over 80 million potential clients. That is a very large, untapped market that can’t just simply be disregarded. So, how can you help these consumers qualify for your products and get the funding that they need without violating the law? The answer in short: responsible strategic partnerships that do not run afoul of the law.

Under federal law, not-for-profit companies are specifically exempt from being classified or designated as credit repair organizations. The rationale behind this carve-out is that the primary purpose of those companies is to aid consumers in need, rather than maximize revenue. Referring unqualified consumers to one of these non-profits is a great way to ensure that the your potential clients receive the help they need, while simultaneously growing your pool of qualified applicants.

When choosing a partner, it is imperative that you are able to identify and choose a reputable, full service company that not only provides credit remediation services, but also provides consumers with a wealth of resources such as coaching and education. The company should focus on educating the consumers so that they are able to understand ramifications of their financial decisions to ensure responsible borrowing in the future, which will help consumers and lenders, alike. By referring these potential clients to these non-profit companies, lenders can insulate themselves from potential liability and help consumers get the assistance they need to become financially healthy.

About The Author

Elizabeth Karwowski

Elizabeth Karwowski is the CEO of Get Credit Healthy, a technology company that has developed a proprietary process and solution, which seamlessly integrates with the lenders’ loan origination software (LOS) and customer relationship management software (CRM) in order to create new loan opportunity and recapture leads. Get Credit Healthy helped their partners create over $200M of new loan opportunities in 2017 alone, and plan on continued growth in 2018. As a recognized credit expert, Elizabeth has been featured on NBC and Fox News, and published in a number of financial industry publications.

Helping Lenders Comply With 2018 Regulation

Veros, a provider of data, analytics and technology for the mortgage banking industry, has developed a solution for lenders specializing in PACE (Property Assessed Clean Energy) loans in the state of California, where new compliance requirements went into effect on January 1, 2018.

VeroPACE, available through the VeroSELECT ordering platform, will generate, analyze, rank, and report the multiple Automated Valuation Models (AVMs) now required for PACE lending by California State Assembly Bill 1284 and the companion State Senate Bill 242.

Featured Sponsors:


“The passage of this legislation significantly changed the valuation process for PACE loans, which are used to finance greater energy efficiency in homes,” said Veros VP of Sales Rob Walker. “Historically lenders could process a PACE loan in California using the results of a single AVM, but they now need three AVMs and must use a new method of calculating the final value.”

AB 1284 intends to enhance PACE underwriting by requiring lenders to obtain the three AVMs from a third-party vendor, then choose the one with the highest confidence score and calculate the midpoint of that AVM’s high-low value range. The resulting value, combined in a report with data from the three AVMs, becomes the valuation submitted with the PACE loan application.

Featured Sponsors:

“Ordering three AVMs on the same property can be difficult,” Walker added. “And because different AVM providers have different methods of producing confidence scores and values, the mid-range requirement has presented some significant challenges for many PACE lenders. Also, if lenders cannot get three AVMs, they have to get an appraisal, which will add time and cost to the loan application process. To combat this, lenders need to achieve high AVM hit rates.”

“The good news for PACE lenders who are struggling with this new compliance requirement is that VeroPACE handles the entire process for them,” said Luke Ziegenmeyer, Director of Product Management at Veros. “And, if need be, we have an optional add-on for VeroPACE users that can facilitate the request and delivery of appraisals as well.”

Featured Sponsors:

When VeroPACE is ordered through the VeroSELECT platform, a single data call is made, which generates a “cascade” through which up to 10 AVMs may be run to increase the likelihood of getting a hit. The VeroSELECT system stops requesting AVMs once it has received three valid hits. VeroPACE then determines the AVM with the highest confidence score, calculates the average of its high and low values, and returns it to the lender in a standardized data format. VeroPACE also generates a coversheet with all the data elements that can be put in a file of supplemental information.

About The Author

Tony Garritano

Tony Garritano is chairman and founder at PROGRESS in Lending Association. As a speaker Tony has worked hard to inform executives about how technology should be a tool used to further business objectives. For over 10 years he has worked as a journalist, researcher and speaker in the mortgage technology space. Starting this association was the next step for someone like Tony, who has dedicated his career to providing mortgage executives with the information needed to make informed technology decisions. He can be reached via e-mail at

The Cost Of Real-Time Compliance

At a recent regulatory technology conference, RegTech Enable, two telling statistics revealed the mounting cost for financial lending institutions to maintain and respond to government compliance United States Bank paid out $150 bullion in fines, settlements and penalties since 2008, and financial institutions spent $70 billion on regulatory compliance, American Bankers Association reported that 84% of banks needed to hire more staff to manage the growing influx of information and changes.

Thomson Reuters Regulatory Intelligence monitors more than 950 regulatory rulebooks worldwide published by more than 550 regulatory bodies. In 2015, it reported that daily updates for the financial industry increased by 127% from just 68 per business day in 2012 to 155 in 2014. That adds up to a total of 40,603 in 2014 alone – more than double from the previous year. These updates are not restricted to legislation and published regulations – there are numerous sources from which to gather information on what is going to actually regulate a particular lender, including rulebooks, policy papers, speeches, and enforcement actions.

Featured Sponsors:


The Information Pipeline

Approximately 70 individual regulatory entities sit at the center of lending compliance. The process of sifting through their many updates and requirements is layered, starting at the top with nationwide regulations on lenders produced by agencies such as the Consumer Financial Protection Bureau (CFPB), the Office of the Comptroller of Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC), to name a few.

At the state level, regulations depend on the type of loan or specialized loan product. If a given lender wants to make a loan in Ohio for example, it needs to know which regulations apply to that loan type in that state. If the loan is sold, there is an additional layer of requirements imposed by the investor entity that must be considered.

Featured Sponsors:

Investor organizations, including Fannie Mae and Freddie Mac, operate by a set of corresponding guidelines called “investor requirements,” which, alone, are thousands of pages worth of compliance requirements. That is thousands of pages of compliance requirements for a single mortgage loan in addition to implementing state-specific and federal lending regulations, reviewing enforcement actions regarding compliance, and knowing the subjectivity of regulation interpretations.

Lenders conducting business in multiple states must maintain the capacity to address that entire regulatory environment, because it determines the structure of the loan, documents, required disclosures, and eventually calculations for the interest rate, APR, and payment amounts.

There are varying degrees for how a regulator might regulate a particular mortgage lender.

Enforcement actions, for example, may not be consistent nor follow standard administrative procedures, but do indirectly regulate mortgage loans and therefore must be monitored and considered as well.

Featured Sponsors:

Comprehensively, the environment for making a single family mortgage loan is a complex spider web of regulation.

It Takes A Village

Within a financial lending institution, compliance management should begin with the chief executive officer who tasks the chief compliance officer or perhaps an internal auditor with regulation implementation within the business practices. With the emerging RegTech sector, there are a number of technology solutions to help manage compliance from loan document preparation to mortgage portfolio analysis. But who is keeping up with the ever-changing rules of compliance? One day you are in compliance, and the next day you could be out.

Document preparation companies should be maximizing their collective compliance knowledge, building specialized teams stacked with individuals who have decades-worth of experience and are dedicated to overseeing and implementing the many changes mandated by regulatory agencies. To keep up with the quick pace of changes in today’s complex environment and properly implement compliance in real-time, teams must engage a range of experiences and skillsets, from attorneys and compliance experts to programmers and IT experts.

But it is not enough to simply monitor the updates; they must be interpreted, evaluated, integrated, and disseminated.

For example, if the CFPB issues a new regulatory interpretation about how lending disclosures are to be made on a particular type of loan, specialists must learn of that regulation and review it with their lawyers. If the lawyers determine that the regulation changes the status quo, they must identify which lenders and loans it affects and the impact it will have. This change could potentially disrupt the lending process of a single loan or multiple loans – requiring adjustments in documentation, marketing areas, and business practices – across the entire lending business. Once the lawyers determine what the change means and who is affected, there are three paths the information can take.

The first is directly within a loan operation and document preparation platform, which might require minor quantitative adjustments to calculations or data organization. If the change affects the financial institution’s operations, such as how loans are marketed or disclosed, the institution must address it directly. If the regulatory interpretation has a broader impact on a certain loan type or loan area, a more comprehensive analysis of how the change will affect the business at large needs to be conducted.

Managing Compliance In Real-Time

Keeping current is half the battle of any lender, but mortgage executives also shoulder the other half: forecasting.

Regulatory updates released daily are by-products of greater powers at play, trickling down from decisions made by the individuals in charge of each regulatory agency. The Director of the CFPB or the Chairman of the House or Senate Financial Services Committees are dictating the changes, directly impacting that particular agency and the regulations it issues or the legislation the committees may introduce.

To ease the burden and free up more resources for monitoring what is coming down the road, or simply because there is a lack of bandwidth, organizations can rely upon their document preparation company to manage the present day concerns.

It sounds understated to say that this is a major responsibility. Lenders are not only trusting document preparation companies to stay current on all the changes, but also to interpret them, incorporate them into the document packages, and make sure there are no conflicts or inconsistencies across the layers of compliance.

Dedicated teams with many years of collective experience are best suited for the challenge of managing compliance in real-time because they have the bandwidth and depth of knowledge to respond swiftly, accurately, and reputably. The greatest responsibility of a document preparation company is to ensure that regulations are understood and adjusted on a timely basis – whether immediate or taking effect on a specific date – so that documents always remain compliant.

For mortgage executives, that is one less thing to worry about.

About The Author

Michael L. Riddle

Michael L. Riddle is the managing director of Mortgage Resources Group, LLC., responsible for the overall operations of the firm. He guides the teams within the firm that develop and deliver “best in class” compliant disclosure and documentation systems to single family mortgage lenders throughout the country. Mr. Riddle is the co-founder and managing partner of the Middleberg Riddle Group, one of America’s preeminent mortgage banking law firms and, in that role, has spent much of his 40 plus year professional career providing advice and legal counsel concerning regulatory compliance, enforcement and litigation to clients including banks, mortgage lenders, insurers and related financial service entities.