SVB Failure Starts Aggressive Regulation Talk in Washington, IMBs Take Note

It did not take long after the Silicon Valley Bank failure for politicians in Washington to rush to the next available microphone and lament the “loosening of bank regulations”. Instinctively the finger pointing began, and in many quarters ended up in the direction of the prior administration’s policy to generally roll back stringent business regulations and allow free market decisions to govern various industries.

Chief among the complainants (no pun intended) was Sen Elizabeth Warren, who emerged out of the 2008 crisis as an architect and advocate for the Wall Street Reform Act and the creation of the vaunted Consumer Financial Protection Bureau ( CFPB), which she briefly directed.

Just yesterday in DC’s The Hill publication, Sen Warren was reported as blaming the the collapse of Silicon Valley Bank on Republicans in Congress, which in 2018 helped pass a law to ease bank regulations put in place following the 2008 financial crisis.  “No one should be mistaken about what unfolded over the past few days in the U.S. banking system: These recent bank failures are the direct result of leaders in Washington weakening the financial rules,” Warren is quoted as saying.

According to The Hill piece, Warren, who voted against the 2018 bank deregulation bill, said that the crises would have been avoided if the banks were required to hold more liquid assets because the bill exempted banks with less than $250 billion in assets from rigorous Fed stress tests. Warren and other Democrats say the old rules could have caught the issues at SVB sooner.

Given that politicians generally “never let a crisis go to waste,” many now suspect that the banking industry is about to be slammed with heightened regulatory scrutiny, tighter operational rules, more audits and exams, and larger and very public fines, penalties and consent orders.

What does this mean for independent mortgage bankers (IMBs)? It means that they have to get back to the compliance mindset they were frightened into adopting between 2008 and 2018, and before the bottoming out of interest rates led everyone to believe that easy money was here to stay and that self-regulation meant hiring more loan officers. Keep those risk management officers and compliance directors close by folks, we are all in for a bumpy ride on the regulatory roller coaster!

Why Compliance And Fraud Prevention Are Critical For Mortgage Lenders Right Now

Compliance is important to mortgage lenders because it helps ensure that they are following federal and state regulations related to lending, consumer protection, and fair lending practices. This helps minimize legal risk and protects the lender’s reputation, while also ensuring that borrowers receive fair and transparent loans.

Compliance is equally important regardless of the state of the business, whether it is doing well or facing difficulties. Failing to comply with regulations can result in legal and financial consequences, which can be even more severe when the business is struggling. Moreover, maintaining a good reputation for compliance can enhance the credibility and trust of the business, which is crucial for attracting and retaining customers, especially during tough times. Hence, compliance should always be a priority, regardless of the state of the business.

With statistics reflecting the rise of fraud in down economic markets, there are big risks to eliminating or scaling back fraud prevention and deterrence tools when revenue is down.  This is especially true for lenders where they have an obligation to protect consumers from fraud that can cause serious harm to them during a mortgage transaction.

Mortgage fraud can have serious consequences for consumers, including:

Financial loss: Consumers may lose their homes or their savings if they become victims of mortgage fraud.

Credit damage: Fraudulent mortgage activity can harm consumers’ credit scores, making it more difficult and expensive for them to obtain loans in the future.

Stress and emotional harm: The process of dealing with mortgage fraud can be stressful and emotionally draining for consumers, who may feel violated and vulnerable.

Legal trouble: Consumers may face legal action if they are found to have participated in or unknowingly facilitated fraudulent mortgage activity.

Overall, mortgage fraud can have a significant negative impact on consumers’ financial security, reputation, and well-being.

For those lenders committed to fighting fraud and protect consumers from harm, the decision then becomes how to do it effectively and affordably.  A critical point when making this determination involves the differences in the quality of data used for risk management. Some of the factors that can affect the quality of data include:

Data accuracy: The data used for risk management should be accurate and up to date to ensure that it reflects the current state of the business or market.

Data completeness: Data used for risk management should be complete and cover all relevant aspects of the business or market being analyzed.

Data consistency: The data used for risk management should be consistent, meaning that it should use the same definitions and units of measurement across different sources.

Data reliability: The data used for risk management should be reliable, meaning that it should come from trustworthy sources and be free from errors or biases.

Data relevance: The data used for risk management should be relevant to the specific risk being analyzed and provide actionable insights to help manage that risk.

Quality of data is important for effective risk management as it directly impacts the accuracy and reliability of risk assessments and decision-making.

Beyond the quality of data, what about the process used to evaluate and report on the risks associated with the data being managed?  If it acceptable to outsource?  Is it risky to outsource where the functions of data analysis and risk evaluation are conducted overseas?

Outsourcing itself involves little risk if a lender properly investigates the vendor, its process and its reliability in delivering the promised results. Outsourcing data to overseas companies however can pose several business risks, including:

Data privacy: Foreign companies may not be subject to the same privacy laws as those in the country where the data originates, which can put sensitive information at risk.

Cybersecurity: Outsourced data may be vulnerable to cyber-attacks, especially if the foreign company does not have robust security measures in place.

Data breaches: A breach of sensitive data at an overseas company can have serious consequences for the company and its customers, as well as damage its reputation.

Loss of control: Outsourcing data to a foreign company means giving up control over the data, which can limit the ability to manage the data or access it when needed.

Compliance: Foreign companies may not be subject to the same regulations or standards as those in the country where the data originates, which can make it more difficult to ensure compliance with regulations such as data protection laws.

Reliability: There may be concerns about the reliability of the foreign company, such as the ability to deliver quality services or meet contractual obligations.

In summary, outsourcing data to overseas companies can expose businesses to a range of risks, from data privacy and security to reliability and compliance, and it is important to carefully assess the risks and benefits before making a decision.

What then about ROI?  Many lenders view compliance as a drain on their budget and not a revenue enhancement.  Decisions are often made to trim fraud tools when revenue is off, perhaps because the risk of a fraud loss outweighs the need to maintain cash flow.  Yet that decision can ultimately be fatal to a company’s existence.

The return on investment (ROI) of operational risk management is the increase in financial performance or cost savings that result from implementing an effective operational risk management program. Yet, the ROI of operational risk management can be difficult to quantify, as it depends on a variety of factors, including the size and complexity of the organization, the nature of its operations, and the specific risks being managed.

However, some of the benefits of operational risk management that can contribute to a positive ROI include:

Cost savings: By identifying and mitigating risks before they materialize, organizations can reduce the costs associated with losses, legal fees, and other expenses.

Improved efficiency: An effective operational risk management program can help organizations streamline their processes and improve their overall efficiency.

Better decision-making: With a better understanding of the risks they face, organizations can make more informed and effective decisions.

Enhanced reputation: Organizations that are seen as responsible and risk-averse can enhance their reputation and increase customer trust.

Ultimately, the ROI of operational risk management will depend on how well the program is designed and implemented, as well as the specific risks and challenges faced by the organization.

The bottom line is this: lenders cannot simply turn off or turn away from compliance, especially compliance that involves fraud prevention and deterrence when revenue is off.  Often the key to maintaining your business in a down market is compliance and fraud prevention.  Reduced cash flow only makes a lender more vulnerable to financial harm and even insolvency when a fraud event occurs.

While fraud tools are not immediate revenue enhancers, they are always revenue protectors, preserving lenders’ hard earned profits from poaching by criminal elements, and from depletion from fines and penalties for regulatory non-compliance.

NCUA Releases 2023 Guidelines for Credit Unions on Fraud Prevention, Cybersecurity and Consumer Protection

NCUA Releases 2023 Guidelines for Credit Unions on Fraud Prevention Cybersecurity and Consumer Protection

The National Credit Union Administration, which issues regulations and guidance for credit union operations nationwide, released its 2023 guidelines today covering key topics for its members. High on the list of items credit unions need to be focused on are: fraud prevention and detection tools, cyber security defense plans, and consumer protection policies.

Credit Unions tend to be more customer sensitive, which makes sense as the customer relationship typically precedes and extends beyond a mortgage transaction. Protecting the experience of their credit union members in all aspects of their business relationship is critical to maintaining their overall success, including growth and retention of their membership. This is very different from the typical mortgage broker or mortgage lender experience where a relationship will not usually extend beyond one or perhaps two transactions in a lifetime.

Consequently credit unions must be more laser-focused on the issues of compliance relating to fraud, cyber security and consumer protection. One bad event can close a credit union’s doors for good.

Because many credit unions are multi-faceted business enterprises, mortgage lending is often managed through the outsourcing of the lending workflow to a CUSO (credit union servicing organization) and to experienced vendors in areas such as cybersecurity and fraud prevention. At Secure Insight we have helped many credit unions manage the risk of wire fraud and closing table mortgage fraud for years, and it is an effective partnership.

For more detailed information on NCUA’s new regulatory supervision letter for 2023, please use this link:

Share this post

Recent Posts

Continue reading

The AOL Title Insurance Alternative: Real or Hype?

In April 2022, Fannie Mae (FNMA) made industry news by publishing a decision that it would accept attorney opinion letters (AOL) in lieu of and as a suitable replacement for title insurance. Freddie Mac soon followed with a similar decision. The actions by these agencies were allegedly due to dissatisfaction by lenders and consumers with the value and cost of traditional title insurance policies.

The emergence of the AOL service and product has created waves in the title industry which has never had any real competition to its products in the past and has resulted in significant push back and objection by title insurers and their agents. This is understandable given ALTA reported title insurers earned $26.2 Billion in title insurance premiums in 2021.

Consideration of an industry monopoly in title insurance products has been the subject of Congressional hearings, academic analysis and industry platform debates for many decades. Yet to date the AOL has been the first real effort to adopt any alternative to either title insurance or the closing protection letter, which is not insurance but a form of warranty packaged and sold like insurance to consumers. Can the AOL become a widespread alternative and disrupt the industry? The jury is still out, and may it take a long time to deliver that verdict.

An attorney opinion letter is just that, a letter of opinion, following (presumably and hopefully) a thorough review of land records and public records searches, to determine ownership challenges, liens and so forth. Like any legal opinion, it must and does have limitations. In addition unlike a title insurance policy, a form of property and casualty product, which is issued, priced and governed (including a managed claims process) by government regulation, an AOL is a subjective formal opinion that if wrong provides little alternative but to initiate a lawsuit for damages. In addition, the opinion must be backed by an errors and omissions policy which itself will have limitations of coverage and damage limits per occurrence and per insured. Rather than create a simpler method of maintaining title risk it seems to create more layers of complexity which, when it fails can cause lender and consumer heartache and headache.

When it comes to the closing protection letter, the exact opposite is true. The current CPL offered by title insurers and paid for by consumers is not an insurance policy. Like the AOL it is merely an opinion letter in the form of a watered down warranty, and yet consumers pay upwards of $75 for it each time there is a closing. An alternative to the CPL would be welcomed as a true insurance product, separate and distinct from the title insurance policy. Secure Insight has been advocating for years for a better CPL alternative and the opening created by the AOL may just be the opportunity to establish a replacement for the CPL that will not just look like insurance but provide actual insurance protection to lenders, investors, warehouse banks and consumers.

The title industry is changing. With RON, blockchain, and now title insurance alternatives, the landscape is being remolded. Whether the AOL is a real honest to goodness improvement remains to be seen, however the market will supply the answer soon enough. Until then it is wise to become educated and informed as to the differences.

FBI Reports Increase In Cyber Fraud, Mortgage Lenders Prime Targets

Recently, the Federal Bureau of Investigation (FBI) released its annual Internet Crime Report.

(Read it here:

The annual report which catalogues data on various cyber crimes estimates that in 2021 overall losses were nearly $7 billion dollars, noting that “America experienced an unprecedented increase in cyber attacks and malicious cyber activity.”

On March 21st, the Biden Administration issued a further warning to all consumers and business owners to expect the possibility of even further cyber attacks originating from Russia and Eastern Europe. (Read the White House Statement here:

Mortgage lenders have far too often been prime victims of cyber fraud due to the relative ease which many criminals have had in impersonating parties to a mortgage transaction and intercepting proceeds and payoffs in the closing process. While many participants in the mortgage lending process have heard about cyber fraud and some companies have taken measures to educate, warn and seek to prevent losses, the fact remains that wire fraud in particular has had catastrophic effects on the finances of lenders, borrowers, attorney and title agents.

Recently while attending the Lender’s One Conference in Arizona, our staff had occasion to speak to many lenders, including warehouse banks. From these meetings a misconception arose. Lenders sometimes avoid managing closing table and wire fraud risk because they assume their warehouse bank is managing the risk for them. However warehouse banks are not doing that at all, rather they are protecting their limited risk of loss of funds and in no way are indemnifying or permitting a risk of loss by a lender or consumer to be shifted to them. This misconception leaves many lenders fully exposed to the risks of cyber fraud and closing table fraud generally.

Another interesting development which we learned at the L1 Conference is that insurers are beginning to request that lenders prove they have a robust wire fraud and closing fraud program in place at the time of a renewal of commercial errors and omissions policies. Relying on your warehouse bank is not proof of the required fraud deterrent and prevention measures.

Anyone with more than a decade of experience in the mortgage industry knows that when the market falls, as it has with the increase in interest rates and gradual slide towards a recession, that criminal fraud rises. Lenders experiencing the pain of reduced volume and increased expenses to originate loans need to be fully prepared to weather the storm of the likely explosion in fraud attacks. One bad closing can put an unprepared lender out of business.

As always if you do not have a solution to address wire and closing fraud, or if you are unhappy with your current solution, call us for a demo. With over 100 satisfied lender clients nationwide, and over 17 million closings without one cyber or other closing table loss, our solution is what you need for peace of mind.

I Can Close That Loan In 30 Minutes?

The mortgage industry has been embracing the concept of speed as a marketing feature in the past several years. The idea that a mortgage loan can transition from application to closing in a flash is something that loan officers and business owners have become convinced will make them more attractive to clients. Hey who doesn’t want to apply for a loan while making their morning coffee and get approved before they have finished their bowl of cereal right? Maybe not.

About twenty years ago, the typical mortgage loan took 45-60 days to close. It was a deliberate process, intensive on paper collection and review, and devoid of many current digital tools that make credit analysis and document collection much more efficient today. Over time the process has become more dependent on technology as lenders have worked to reduce time through automation and operational efficiencies. Ten year ago lenders were touting closings in as little as fifteen days. In the past few years the number has dropped to seven days, then 72 hours and now even a 30 minute mortgage is being promoted. Is the need for speed a good idea? Does it enhance operational risk management as well as the bottom line (loans closed faster means more loan overall). Do consumers even care?

There have been many surveys taken of potential borrowers to determine the top things on their wish list. The key issues on the minds of most borrowers are (a) interest rate, (b) fees and costs, and (c) the complexity of the process (i.e. how hard to I have to work?). The speed from application to closing is not at the top of the list.

The danger of course with speed is that it can be terribly inefficient in the long run, because lending is supposed to be a deliberative process. Besides credit worthiness and collateral value, the lending process is governed by rules which are designed to prevent arbitrary and potential harmful practices that violate HMDA, Fair Lending, RESPA, TILA, and CFPB rules protecting consumers from discrimination and negligent underwriting practices. In addition lenders are much more likely to experience fraud losses, loan defects, repurchases and indemnity situations when they rush a process without ensuring that quality control and risk management are a major focus of their business.

In a mortgage market seeing volume drop 60-70% below this same time two years ago, and 40% less than last year, their is justifiable panic in some quarters. Yet the prize belongs to those who keep a cool head, plan for the long term, and do not change their business model to weaken operations, thereby taking their eyes off of the goal of quality loan production.

Rather than rushing to close the next loan, it might be better to evaluate your current operations and determine if layoffs and downsizing has not forced you to abandon sensible lending practices and operational controls critical to your financial survival.

At Secure Insight we were founded and are operated by mortgage industry insiders. We understand the pressures and stresses of operating in a down market. Ask us how we can help ensure your operations will not be impacted by wire fraud and closing fraud, two areas of great concern today. If you have a need for speed, we can promise you instant reports to provide current risk data so that your closings will never be delayed trying to determine whether a wire should be sent to an unknown party.

Let’s be careful out there folks!

Why Mortgage Lenders Should Not DIY Fraud Prevention

By Andrew Liput, Founder & CEO of Secure Insight

Lenders need to prevent mortgage fraud, but this complex issue has the potential to distract from their primary business focus: making loans. Mortgage fraud prevention has many moving parts. Using a dedicated solution like Secure Insight’s mortgage fraud prevention platform helps lenders stay focused on their core business.

What does it look like for lenders to handle fraud prevention themselves? Here are things you’ll need to do: subscribe to various online services, develop an internal process to review and evaluate the data, and train people to understand how this process works and what does—and doesn’t—create a risk. After you’ve got all that in place, you need to do constant monitoring.

The Main Stumbling Blocks in Mortgage Fraud Prevention

While a lot of companies might be able to put in place a process to do an initial check, regulators require ongoing review and monitoring because they recognize that relationships change over time. But ongoing monitoring is difficult because new cases keep on coming, so there’s little time to continue vetting everything properly if you’re trying to focus on running a business.

Another big hindrance is the quality of the data. Lenders get information when loan processors and underwriters enter it into their loan origination system (LOS). But it’s very easy for the data not to match up for simple reasons. If one processor enters “John Doe and Company,” another puts in “John Doe,” and another puts in “JD & Company,” there’s an obvious problem. Lenders need to be able to ensure that all the data they’re dealing with is unified, which means taking the time to verify it all.

How To Make Fraud Prevention Easier

Fraud risk rises when the monitoring system has inefficiencies and mistakes, and there are a lot of analytics that businesses are not trained to do properly. Unless a lender is able to hire 15 former attorneys to build out an internal fraud-prevention system, chances are that doing this in-house is going to be too difficult. The average mortgage lender making 2,500 to 5,000 loans a month does not have the resources, trained staff, or tools to manage fraud prevention efficiently.

If you have your own process in place, remember that regulators expect that you test yourself. It’s not enough for you to say, “We have a process.” Who’s testing your process to make sure you’re getting it right?

One of Secure Insight’s strengths is giving you this assurance. We can check every 10th transaction, or 20% of your closed loan files, so that if an auditor comes in you can say that you test your work against a verified database.

Why Mortgage Lenders May Shirk Fraud Prevention Efforts

The mortgage industry is kind of like the Wild West, as compared to banking, which lenders generally perceive to be buttoned-up and traditional. Mortgage lenders think of bankers as all wearing identical three-piece suits while mortgage lenders are apt to do things their own way.

Many mortgage lending companies are owned and managed by salespeople who became successful and decided to give lending a try. They have a sales mentality, looking for ways to close as many loans as possible as profitably as possible. Many of these folks are skeptical of voluntarily instituting anything that’s going to slow down the process. And they’ll be inclined to do whatever’s necessary themselves instead of hiring someone if they can save money that way.

Some may even proactively decide to take the risk of being audited. They save money until they get audited, at which point they turn to a different process.

Under the Obama Administration, the Consumer Financial Protection Bureau (CFPB) was very aggressive with consent orders and audits and investigations, in part because they were orchestrating their efforts with state regulators. Back then, people had more of an incentive not to take risks because they saw big fines and penalties. Some lenders may think that the Trump administration has taken its foot off the accelerator a little bit. But the CFPB recently announced a huge investigation of Rocket Mortgage, a company of Quicken Loans, for potential violations of the Real Estate Settlement Procedures Act (RESPA).

Mortgage lenders should take that as a sign that they need to be vigilant, even now. And at Secure Insight, we know that in order for you to take on this level of oversight, you need to feel that the solution is easy, inexpensive, meets the regulatory demands, and is not going to muck up your process.

Working with Secure Insight checks all of those boxes.

Quicken Real Estate Affiliate Under CFPB Investigation for Possible RESPA Violations

Just when you thought it was safe to swim in the mortgage industry regulatory waters, and it seemed that the CFPB’s teeth had been ground down by legal challenges and political winds, news emerges that the risk of aggressive oversight remains a concern for many.

In May the Consumer Financial Protection Bureau (CFPB) issued an investigative demand letter to Rocket Homes, the real estate brokerage affiliate of Quicken Loans (of “Rocket Mortgage” fame).  Industry news outlets are reporting the focus of this investigation will be on potential RESPA violations seemingly connected to the cozy relationship between the realtor side and the mortgage lending side of the Quicken business model.

While there is no reason to believe that Quicken and its affiliates violated any laws or regulations, the fact that they have fallen under scrutiny shows that the CFPB is not averse to scrutinizing affiliate relationships nor are they concerned about taking on large lenders with high profiles.  Recall that Quicken recently took steps to launch an IPO and become a publicly traded company.  Whether that placed the company in the cross hairs of the regulatory giant or  not is not known, however the CFPB has been historically shown to pay close attention to very large lenders and the business operations that made them a national success.

The key takeaway to this news is that the CFPB is alive and well and willing to send you an investigative demand letter.  Regulatory and compliance issues especially related to affiliates and vendor management remain important and deserve your continued focus, no matter the size and footprint of your lending business. In addition, if you are allowing an affiliate to act as a vendor, you have an even greater obligation to establish an independent oversight and vendor management process to assure regulators that these relationships are as secure and proper from a consumer viewpoint as your relationship with non-affiliates.

For more information check out The American Banker and Housing Wire for full coverage.

Supreme Court Ruling on CFPB Constitutionally is no Reprieve for Lenders

Today the United States Supreme Court, in a 5-4 decision, declared that the structure of the directorship of the Consumer Financial Protection Bureau (CFPB) is unconstitutional.  The decision addressed the “only for cause” removal provision created by Congress which had effectively made its single-directorship above checks and balances because it prevented the Executive Branch, namely the President, the ability to remove the CFPB director at will.

The majority decided that there was an unconstitutional violation of separation of powers in a structure that concentrated enormous power in a single person who could not be removed except in extreme circumstances.  Although the issue has been brewing for years, having been raised early on during civil litigation proceedings by lenders who were subject to significant fines and penalties following a  CFPB audit or investigation, the matter became more significant when Presidential Donald Trump attempted to replace the agency head with his own pick, Nick Mulvaney, without alleging the “for cause” basis but as a matter of right.

Lenders seeing today’s headline might be rejoicing in a false interpretation of the ruling should they believe this means the death of the agency itself.  It does not. The Supreme Court separated the issue of the directorship removal clause from the balance of the provisions creating the agency, leaving it fully functional and intact.

Accordingly no lender should expect that any ruling or directive previously issued by the CFPB governing their operations will now suddenly become moot.  Compliance officers can rest easy, as they are still a valuable asset to lenders in interpreting and managing CFPB regulatory and compliance expectations and rules governing mortgage and banking operations.