REQUIRED READING: In April 2012, the Consumer Financial Protection Bureau (CFPB) issued Bulletin 2012-03, which said in regard to violations of consumer financial protection law, ‘legal responsibility may lie with the supervised bank or nonbank as well as the supervised service provider.’ This could mean that lenders will be held accountable for the actions or omissions of title agents, underwriters, appraisers or anyone performing services on their behalf during the course of a mortgage transaction. The potential liability, of course, is enormous.
Already, many lenders are either consolidating their service partnerships within the industry and/or bulking up their internal procedures. But while it is easy to say that lenders should consider strengthening their vetting and auditing procedures, this could be done in a variety of ways.Â
For lenders choosing to entrust the vetting and oversight process of service providers to a single third party or a small number of third parties, the selection of that third party will require its own rigorous examination. When choosing a partner, lenders should ask a number of questions.Â
Among the points that need to be raised are the following: What is the service provider's track record? Does it have a history of legal and compliance violations or consumer complaints? How formal and thorough is the partner's own process for vetting and auditing? Is that partner's process transparent?Â
On-site visits, interviews, referrals and extensive auditing should be pursued. After all, the lender that chooses a single or small number of service partners to manage its service relationships is, in essence, entrusting a huge portion of its liability to an outside business.
How's that again?
CFPB Bulletin 2012-03 purported to spell out the bureau's expectations. Unfortunately, the language was fairly broad.
For example, the CFPB definition of ‘service provider’ covers ‘any person that provides a material service to a covered person in connection with the offering or provision by such covered person of a consumer financial product or service.’ Without further definition, this could conceivably cover almost every third party in a mortgage transaction acting on behalf of the lender. Unfortunately, lenders will need to prepare accordingly – and on a wide scale.
The bulletin goes on to explain the criteria that the bureau will use in determining whether a lender will be held accountable for the actions of a service provider. Again, the standards are fairly wide-ranging.Â
The first is based upon due diligence. Namely, a lender must prove that it has done enough to ensure that its service provider understands and is capable of complying with consumer financial protection law. Â Â Â Â Â Â Â Â Â
Second, the bulletin suggests that a lender should provide proof that it has conducted a review of the service provider's policies, procedures, internal controls and training materials. The lender should have further proof that it has looked into that provider's training and oversight programs.Â
Third, the bulletin mandates that a lender express clear expectations in its contract with the service provider regarding compliance, including clear, enforceable consequences should the service provider run afoul of consumer financial law. The bulletin further requires that lenders demonstrate they have established ongoing controls for monitoring, as well as oversight of the service provider.Â
Finally, if a lender has become aware of a misstep by a service provider, it should be ready to demonstrate that it has taken prompt action – up to and including termination of the relationship – to address the problem.
This entails what?
Some of the bulletin's mandates are fairly self-explanatory. However, many of them are somewhat vague. With no case law or real-life examples to suggest where (if anywhere) the bright lines will fall, there are several things lenders can do now to steer the safest course in the way of selecting, managing and controlling the actions of their service partners.
First and foremost, any lender that does not document all elements of the service relationship is taking a serious gamble. In many cases, technology is available to alleviate some of that burden. But it is clear that the CFPB will be putting the onus on the lender to prove it has established clear procedures to vet and manage its service partners. Documentation will be of the utmost importance in that regard.
Second, the vetting process – both for lenders choosing a third party to manage other providers and for that third party in selecting and overseeing other partners – will need to be thorough. A fair example of the way this already works in the market is the process used by leading title underwriters to select and review their service partners.Â
To be approved by a national underwriter, an independent title agent and closing company will generally need to provide detailed referrals, extensive financials and background checks. Those agents must further provide escrow reconciliation statements, proof of licensing, articles of incorporation and by-laws (or articles of organization for limited liability companies). In many cases, on-site interviews with multiple managers, including walk-throughs, are the norm.
The selection process, of course, is just the beginning. How a lender audits and manages its service providers – and how its third-party providers oversee additional partners – will likely be part of the process as well. It seems clear that the areas of consumer contact will be of the most concern to the CFPB, so audit procedures and controls should clearly demonstrate that coverage.Â Â Â Â
How is the complaint process handled? Are there many complaints, and are there trends within the complaints? Live and on-site audits, including a review of the provider at work, as well as financial statements, could be strong means to demonstrate the lender's commitment to overseeing the process.
Finally, a review of a significant sample of files and key documents will probably be necessary to ensure a service provider is living up to the CFPB standards.
The CFPB's bulletin will probably ensure dramatic change in the way a lender manages its service providers. Using centralized providers with strong methodologies in place will probably be the strongest plan of attack, even for lenders with already robust vetting and management procedures.
However a lender chooses to go about compliance, one thing is clear: Simply doing nothing will not be an option.
Ravi Bapodra is vice president and managing director of TitleNet, a Santa Barbara, Calif.-based division of WFG National Title Insurance Co. He can be reached at firstname.lastname@example.org.
(Photo courtesy New England Underground Film Festival)