The formation of the Consumer Financial Protection Bureau and the subsequent melding of responsibility for stronger consumer protections have added a greater dimension of regulatory accountability for supervised banks, nonbanks and the third-party service providers they utilize. It means keeping an eye on a few things.
Outsourcing of various functions has been around in the mortgage banking and servicing industries for many years. Operations that create and maintain symbiotic relationships with outsource providers reduce and manage costs more efficiently, allowing for greater concentration on other key functional revenue generating areas within their organization.
Though vetting outsource providers to varying degrees has always been a part of the sourcing protocol, a recent bulletin by the CFPB has added a sense of urgency and importance to both the due diligence process and maintenance of providers.
Both supervised banks and nonbank entities are now expected to routinely review the risk controls and employee training practices of outsourcers, as well as establish clear governance regarding compliance concerns.
Consumers are not able to have a voice in the outsource providers engaged; consequently, the CFPB wants to assure they are not unduly harmed by those outsourcers.
However, for providers of essential services to the mortgage banking and servicing arena, it has now become standard operating procedure to supply risk assessments and maintain appropriate controls to avoid breaches.
An outsourcer should be aware of and compliant with all federal consumer protection laws that now fall under the jurisdiction of the CFPB.
Both banks and nonbanks will routinely request reviews of policies and procedures, internal controls and training materials. Ongoing monitoring is to be expected and will be accompanied with consequences for failure to comply. These are all items that supervised banks and nonbanks are subject to in audits by the CFPB and are obligated to provide upon request.
In the past, failure to perform to service agreement standards would have ended badly with the termination of the contract between the parties. Now, with the CFPB in the picture, there is the possibility of the bureau’s direct intervention and investigation if there is a possibility of “unfair, deceptive or abusive acts or practices” towards consumers allegedly perpetrated by the provider.
Though most outsourcers have been able to provide these requirements in some form or fashion, it is now prudent to have this information as part of the initial due diligence materials when cultivating any new relationship.
As an outsourcer, anticipating and understanding the best ways to meet the regulatory and compliance needs of supervised banks and nonbanks has taken on a new importance, as we all cooperatively meet new challenges and those yet to come.
Diane Gozza is EVP, business development, Integrated Mortgage Solutions, Houston.