It did not take long after the Silicon Valley Bank failure for politicians in Washington to rush to the next available microphone and lament the “loosening of bank regulations”. Instinctively the finger pointing began, and in many quarters ended up in the direction of the prior administration’s policy to generally roll back stringent business regulations and allow free market decisions to govern various industries. Chief among the complainants (no pun intended) was Sen Elizabeth Warren, who emerged out of the 2008 crisis as an architect and advocate for the Wall Street Reform Act and the creation of the vaunted Consumer Financial Protection Bureau ( CFPB), which she briefly directed. Just yesterday in DC’s The Hill publication, Sen Warren was reported as blaming the the collapse of Silicon Valley Bank on Republicans in Congress, which in 2018 helped pass a law to ease bank regulations put in place following the 2008 financial crisis. “No one should be mistaken about what unfolded over the past few days in the U.S. banking system: These recent bank failures are the direct result of leaders in Washington weakening the financial rules,” Warren is quoted as saying. According to The Hill piece, Warren, who voted against the 2018 bank deregulation bill, said that the crises would have been avoided if the banks were required to hold more liquid assets because the bill exempted banks with less than $250 billion in assets from rigorous Fed stress tests. Warren and other Democrats say the old rules could have caught the issues at SVB sooner. Given that politicians generally “never let a crisis go to waste,” many now suspect that the banking industry is about to be slammed with heightened regulatory scrutiny, tighter operational rules, more audits and exams, and larger and very public fines, penalties and consent orders. What does this mean for independent mortgage bankers (IMBs)? It means that they have to get back to the compliance mindset they were frightened into adopting between 2008 and 2018, and before the bottoming out of interest rates led everyone to believe that easy money was here to stay and that self-regulation meant hiring more loan officers. Keep those risk management officers and compliance directors close by folks, we are all in for a bumpy ride on the regulatory

A recent article in Bloomberg Business Week chronicled the SIX YEAR plight of a reporter who was a victim of identity theft.  The cost mentally, physically, financially and to his reputation was severe and life changing.  Consumers are paralyzed without good credit, and the theft of identity can  launch a nightmare scenario involving significant personal losses and restricted access to much needed credit.

Mortgage lenders are obligated through compliance rules as well as state laws to protect consumer non-public information typically collected in the course of the mortgage application, loan approval and closing process so that it does not fall into the wrong hands.  Few truly understand the magnitude of diligence and supervision that is required to effectively protect this sensitive data.  Banks routinely collect nearly all personal and financial data that defines a consumer’s identity and existence while evaluating a mortgage loan application.  This data is handled by many people internally and externally in the course of normal business operations.

To the extent that a lender can manage and control its staff they can effectively, with rules and proper management, prevent losses.  However when lenders deliver some or all of the consumer data to vendors outside their sphere of influence and control the risk rises to a high alert levels.  Does the vendor itself have internal controls?  Are their employees who have access to the data screened and monitored?  How is data stored and protected from intrusion and theft? Does the vendor have sufficient insurance coverage (errors and omissions, crimes and cyber) to offset any potential losses?  These are only some of the critical questions that must be addressed when considering the responsibility a lender has when sharing consumer data.

One of the most serious gaps in managing the risk of consumer data privacy and protection takes place at the closing table. In most instances lenders are sending their money as well as consumer non-public financial and personal information into the hands of people with whom they have a very temporary and superficial relationship. A lender’s ability to assess risk from these transaction partners is too often hampered by the volume of business, lack of trained staff, conflicts where the partners may also be referral sources, and insufficient time to be thorough and analytical in evaluating the level of appropriate risk.

Outsourcing vendor management can be an effective solution provided the vendor assessment company has the tools, technology, process and credibility to assess risk, report on risk and flag issues without causing delays to the loan process or the closing.

Seeking and purchasing insurance is helpful however it is not a deterrent or preventative solution, only a concession that in the event a loss occurs there is a policy limit to offload the financial harm.  By then consumers are outraged, reputations are damaged, and, like the Bloomberg article author it may be years to set things straight.

To learn more about what Secure Insight offers to help manage closing table risk, please visit our website at www.secureinsightsales.com.