It did not take long after the Silicon Valley Bank failure for politicians in Washington to rush to the next available microphone and lament the “loosening of bank regulations”. Instinctively the finger pointing began, and in many quarters ended up in the direction of the prior administration’s policy to generally roll back stringent business regulations and allow free market decisions to govern various industries. Chief among the complainants (no pun intended) was Sen Elizabeth Warren, who emerged out of the 2008 crisis as an architect and advocate for the Wall Street Reform Act and the creation of the vaunted Consumer Financial Protection Bureau ( CFPB), which she briefly directed. Just yesterday in DC’s The Hill publication, Sen Warren was reported as blaming the the collapse of Silicon Valley Bank on Republicans in Congress, which in 2018 helped pass a law to ease bank regulations put in place following the 2008 financial crisis. “No one should be mistaken about what unfolded over the past few days in the U.S. banking system: These recent bank failures are the direct result of leaders in Washington weakening the financial rules,” Warren is quoted as saying. According to The Hill piece, Warren, who voted against the 2018 bank deregulation bill, said that the crises would have been avoided if the banks were required to hold more liquid assets because the bill exempted banks with less than $250 billion in assets from rigorous Fed stress tests. Warren and other Democrats say the old rules could have caught the issues at SVB sooner. Given that politicians generally “never let a crisis go to waste,” many now suspect that the banking industry is about to be slammed with heightened regulatory scrutiny, tighter operational rules, more audits and exams, and larger and very public fines, penalties and consent orders. What does this mean for independent mortgage bankers (IMBs)? It means that they have to get back to the compliance mindset they were frightened into adopting between 2008 and 2018, and before the bottoming out of interest rates led everyone to believe that easy money was here to stay and that self-regulation meant hiring more loan officers. Keep those risk management officers and compliance directors close by folks, we are all in for a bumpy ride on the regulatory

Increasing regulatory pressures on banks and lenders to adopt greater risk management systems and processes are aimed at establishing a more uniform approach to quality control industry-wide.  At the same time these pressures seek to protect consumers from the type of non-managed business decisions that were at the root of the financial industry collapse several years ago. Consequently federal regulators and the GSEs are requiring mortgage makers to demonstrate that they have adequate policies addressing full enterprise risk management, stem to stern, and that these policies are more than just window dressing.  Audits are requiring that proof be provided that such policies are being used, adapted and modified as needed in response to threats and actual loss events.

At SSI we call this broad-based approach to total risk management the Mortgage Risk Operations Model, or MROM.  An MROM implies that banks and lenders have conducted an internal audit and analysis of all of their procedures and operating systems throughout the mortgage manufacturing cycle.  Lenders have then identified key touch points where regulatory, compliance, quality control and risk management issues arise. Once these touch points are establish, then appropriate controls were developed for each issue, backed by guidelines, overlays, training, technology, ongoing monitoring and management oversight.  Testing, revisions and enhancements are conducted regularly in response to perceived and actual threats.  An MROM committee or team meets weekly or monthly (depending upon an organizations size) to review issues and ensure the MROM is operating properly. Records and reports are maintained in the event of an audit to demonstrate commitment to managing enterprise risk.

The key touch points in developing an MROM will likely involve the following stages of the mortgage cycle: loan origination, processing, underwriting, pre-funding QC, closing, post-closing, 3^rd party post funding QC, and ongoing QC/QA training. At these stages the evaluation may address such things as employment screening, best practices, employee performance valuations, quality control plans, automated fraud tools, third party service provider risk and company-wide training. It will also necessarily require ensuring a culture of accountability, self-evaluation, risk reporting, and adequate response.

At SSI of course  is on third part service provider risk management.  We partner with banks, lenders and credit unions to provide an outsourced solution to evaluating risk, monitoring it on an ongoing basis, and issuing reports.  Our services typically assist these entities in their MROM at the processing, underwriting, and closing stages of the manufacturing cycle.  Quality service provider risk management at these touch points ensures that in the event of an audit a bank may demonstrate that their approach is Independent, comprehensive, includes ongoing monitoring, provides a method to respond to high risk individuals and events, and engages the proper technology to assure data security, data privacy and uniform regular reporting.

Adopting an MROM fulfills the expectations of regulators that mortgage makers have an appropriate strategy to manage risk and changes in a volatile business environment, integrating a uniform but flexible approach to maximizing business success through quality production.  Such an approach also fulfills expectations that internal company cultures will embrace accountability and consumer protection.

What’s in your MROM?  Within the next calendar year you and our staff will need to have an appropriate answer to this question.