While the share of mortgage files with errors that pose wire and title fraud risks is lower compared with prior quarters, the mortgage industry is still creating the same vulnerabilities, the latest FundingShield Fraud Analytics Report found.
Total issues found during the first quarter were down to 43.7% for the three-month period, the best since
In the fourth quarter, 46.1% of files were found to have at least one issue, while
This data follows the release earlier this month of the
Real estate losses, a separate category in the report, topped $275 million in 2025, up from $174 million one year prior.
What FundingShield found from mortgage file reviews
FundingShield's first quarter review of a portfolio of $106.7 billion of residential, commercial and non-qualified mortgages, as well as securitized collateral, found an average of 2.2 issues per transaction. This is an improvement
By far, the leading category for fraud vulnerabilities was in
These defects were primarily found in borrower data, vesting information, titleholder details and property identifiers.
Wire instruction defects appeared in 6.92% of the files. Transaction participant licensing irregularities totaled 2.37%, driven by credential mismatches, expired licenses, and inconsistent insurance records, FundingShield said.
Trends spotted during fraud file reviews
Ike Suri, CEO of FundingShield, stated in a blog post that the growing differences between lender and title datasets emphasize the necessity for independently verified source-level data. This verified data is critical for confirming identity, authority, and permissions throughout title issuance, payoff processing, wiring, and settlement activities.
FundingShield clients conducted deeper engagement in remediation, workflow refinement and curative processes as part of strengthened collaboration with title companies. This led to a 14% improvement in remediation efficiency plus a measurable reduction in issues per loan by lenders embedding verification earlier in the lifecycle, Suri said.
During the first quarter, federal directives increased pressure on mortgage lenders to strengthen their data accuracy and vendor oversight, which are the core drivers of wire and title fraud.
"The administration's
Causes of fraud issues in non-conforming mortgages
Meanwhile, activity in the non-conforming, non-government, mortgage market remained strong. Those products typically have a fragmented vendor ecosystem, with lenders showing greater variability in the level of operational controls, which FundingShield said leads to them have higher rates of wire, title and documentation in its reviews.
"The combination of heightened supervisory expectations, increased cyberthreat activity, and operational inconsistency across these lending channels reinforced the need for clean, source level data and independently validated information, pressures reflected in Q1's elevated defect and fraud risk metrics," the blog said.
Events affecting the first quarter
Among the material cyber fraud events still affecting the first quarter's activity was the SitusAMC November 2025 data breach. SitusAMC completed its data reviews and customer notifications by March 17.
The Trump Administration's decision to enter
"Iranian groups also continued leveraging ransomware‑style extortion and collaboration with criminal affiliates, increasing risks to financial services, personally identifiable information and wiring‑related data," Suri said.
"These incidents/events mirror the defects FundingShield continues to observe in closing workflows — particularly around wiring instructions, CPL validation, and settlement agent oversight — and reinforce the need for independent, transaction level controls."
