It did not take long after the Silicon Valley Bank failure for politicians in Washington to rush to the next available microphone and lament the “loosening of bank regulations”. Instinctively the finger pointing began, and in many quarters ended up in the direction of the prior administration’s policy to generally roll back stringent business regulations and allow free market decisions to govern various industries. Chief among the complainants (no pun intended) was Sen Elizabeth Warren, who emerged out of the 2008 crisis as an architect and advocate for the Wall Street Reform Act and the creation of the vaunted Consumer Financial Protection Bureau ( CFPB), which she briefly directed. Just yesterday in DC’s The Hill publication, Sen Warren was reported as blaming the the collapse of Silicon Valley Bank on Republicans in Congress, which in 2018 helped pass a law to ease bank regulations put in place following the 2008 financial crisis. “No one should be mistaken about what unfolded over the past few days in the U.S. banking system: These recent bank failures are the direct result of leaders in Washington weakening the financial rules,” Warren is quoted as saying. According to The Hill piece, Warren, who voted against the 2018 bank deregulation bill, said that the crises would have been avoided if the banks were required to hold more liquid assets because the bill exempted banks with less than $250 billion in assets from rigorous Fed stress tests. Warren and other Democrats say the old rules could have caught the issues at SVB sooner. Given that politicians generally “never let a crisis go to waste,” many now suspect that the banking industry is about to be slammed with heightened regulatory scrutiny, tighter operational rules, more audits and exams, and larger and very public fines, penalties and consent orders. What does this mean for independent mortgage bankers (IMBs)? It means that they have to get back to the compliance mindset they were frightened into adopting between 2008 and 2018, and before the bottoming out of interest rates led everyone to believe that easy money was here to stay and that self-regulation meant hiring more loan officers. Keep those risk management officers and compliance directors close by folks, we are all in for a bumpy ride on the regulatory

When the CFPB issued Bulletin 2102-3, forever changing the way that banks and lenders nationwide look at third party relationships, they offered only a bare outline of detail regarding what that risk management should include.  The general directive included: risk evaluation, ongoing monitoring, and verification of internal controls. Since then lenders have tended to interpret these requirements in ways that reflect their own risk appetite and compliance culture.  Some seek to merely “check the box,” while others are intent on crossing every “t” and dotting every “i.”

Clearly not all vendors are alike, and while there has not been any written guidance on the matter, comments from the CFPB seem to imply that a company should address the risk of a third party vendor in relation to the level of potential harm they might cause to a consumer.  Therefore it is logical to assume that there is a qualitative measurement of risk that a lender can perform and thereby place third parties in different risk buckets, applying different risk management standards to each bucket in relation to the risk level associated with the activity.  For example a vendor who has no access to a lender’s consumer data and records should obviously be evaluated differently than one who did.

The highest risks are generally third parties who have access to consumer data as well as those who interact directly with consumers in the loan process.  This group should include IT consultants, appraisers, mortgage brokers, and settlement agents, among others.  The lowest risks should include very large, well-capitalized and highly managed entities such as investors, national title underwriters, and large accounting firms.   Space does not permit me to expound further and discuss all the different risk levels and groups however it is worth noting that our research makes it clear to us that settlement agents are the highest risk third party vendor a lender will encounter.  The reasons for this are logical and easy to enumerate.

Settlement professionals, including attorneys, escrow agents, title closers, notaries and others who handle funds disbursement and documents at a closing, have access to more sensitive data and documents than anyone else, while also having access to the mortgage proceeds. This places them in perhaps the most critical, and therefor the highest risk area in the loan process.  The fact that most lenders have fraud technology which helps them identify bad actors and other risk factors at the front end of the manufacturing process (origination, processing and underwriting) and rarely any type of tool at the back end (closing and post-closing) makes the vetting and monitoring of settlement agents perhaps the highest priority for any lender today.

Need more proof?  An independent study conducted by FinCEN, the Financial Crimes Enforcement Network, which is the official repository for industry SARS filings, found that over the past five years escrow and settlement services are the largest and fastest growing areas of mortgage fraud.  Given the fact that the industry has embraced complex and effective front end fraud deterrence and prevention tools for years but is only now beginning to embrace closing and settlement fraud programs, the report is not surprising.  However the good news remains the continued progression towards widespread settlement agent vetting, monitoring and reporting that is currently transforming the settlement industry.  It is weeding out bad actors, encouraging best practices, and providing lenders with critical data to help them make better choices for closing services. Everyone wins in the end: lenders, agents and consumers.