Articles Posted in OCC: THIRD PARTY VENDOR MANAGEMENT BULLETIN

The Consumer Financial Protection Bureau “CFPB” announced another Consent Order with NewDay Financial, LLC on February 10, 2015 where they agreed to settle allegations that NewDay engaged in deceptive acts or practices by failing to disclose payments to a veteran’s organization that endorsed NewDay for reasons other than for NewDay’s consumer service. The CFPB also said NewDay made payments to third parties in connection with the marketing of home loans that constituted illegal payments for referrals of mortgage origination business under section 1053 and 1055 of the Consumer Financial Protection Act of 2010 (CFPA).

This CFPB Consent Order opens up new compliance territory with respect to consumer disclosure involving agreements between settlement service providers because it expands UDAAP into RESPA for the first time. However, this consent order is not the model of clarity that we were hoping for because it raises a number of new compliance issues outside of this particular arrangement.

The CFPB alleged that NewDay contracted with a third party marketing and lead generation company (i.e. “broker company”) whose business services included licensing the use of a Veterans’ Organization mailing list, logo, and other proprietary marks and managed the relationship between NewDay and the Veteran’s Organization. The members of the Veterans’ Organization learned about NewDay because of its contractual relationship with the marketing and lead generation company and Veterans’ Organization. NewDay purchased the Veterans’ Organization mailing list via the broker company and sent advertisements to the members of the Veterans’ Organization who in turn contacted NewDay for mortgage products.

NewDay according to the Consent Order is a mortgage lender who is in the business of originating refinance home loans through a program where the VA guarantees a portion of home loans taken out by service members, veterans, and eligible surviving spouses. NewDay also originated government insured reverse mortgage products to seniors.

The CFPB said NewDay advertised its mortgage products to consumers primarily through direct mail campaigns. NewDay sent over 50 million solicitations by postal and electronic mail to consumers offering reverse and forward mortgages. These advertising communications were typically sent to a pre-screened list of consumers, generally veterans and older Americans, selected due to various characteristics that NewDay believed made them more likely to be potential customers for NewDay’s offerings. Consumer members who were interested in learning more were invited by these mailings to call NewDay’s call center, during which calls NewDay’s Account Executives would answer questions, provide information, and take applications.

NewDay’s relationship with the Veterans’ Organization was arranged and coordinated by marketing and lead generation company, which contracted directly with NewDay on behalf of Veterans’ Organization and which paid Veterans’ Organization a portion of the fees it received from NewDay. Pursuant to agreements and understandings between and among NewDay, Veterans’ Organization, and the marketing and lead generation company, NewDay was designated as the exclusive lender of Veterans’ Organization, and NewDay drafted and sent advertising communications by postal and electronic mail to Veterans’ Organization members, with Veterans’ Organization’s approval, that were identified as being from Veterans’ Organization. These advertising communications promoted the relationship between NewDay and Veterans’ Organization, and encouraged and recommended the use of NewDay’s mortgage products to Veterans’ Organization members.

The fees paid pursuant to agreements and understandings between and among NewDay, Veterans’ Organization, and the marketing and lead generation company included:
(1) NewDay paid marketing and lead generation company a monthly “licensing fee” of $15,000;
(2) For each referred consumer member who contacted NewDay to inquire about a reverse mortgage and who completed mandatory counseling, NewDay paid Veterans’ Organization $75 as a “lead generation fee” and NewDay paid the marketing and lead generation company $100 as a “lead generation fee.”
(3) For each referred consumer member who contacted NewDay to inquire about a 100% loan-to-value (LTV) mortgage refinancing and had his/her credit report pulled, NewDay paid Veterans’ Organization $15 as a “lead generation fee” and NewDay paid the marketing and lead generation company $20 as a “lead generation fee.”

The CFPB stated that at no point were the Veterans’ Organization members made aware of the payments by NewDay to Veterans’ Organization and the marketing and lead generation company nor has this information been available publically.

Section 1036(a)(1)(B) of the CFPA prohibits “unfair, deceptive, or abusive” acts or practices. 12 U.S.C. § 5536(a)(1)(B). A practice is “deceptive” when there is a representation or omission of information that is likely to mislead consumers acting reasonably under the circumstances, and that information is material to consumers.

“NewDay mailed advertising communications to Veterans’ Organization members, with Veterans’ Organization’s approval and that were identified as being from Veterans’ Organization, endorsing NewDay’s products. These advertising communications articulated reasons why Veterans’ Organization selected NewDay as its lender-of-choice. NewDay also made similar statements to Veterans’ Organization members during phone conversations. The affirmative reasons offered to members created the impression that there were no other connections between NewDay and Veteran’s Organization, when, in fact, NewDay was making regular undisclosed payments, both directly and indirectly, for these endorsements.”

The paid endorsements included language such as:

1. “Veterans’ Organization chose NewDay to be our exclusive Reverse Mortgage provider after spending significant time with the company’s management team and watching its loan professionals in action.”

2. “NewDay USA is [Veterans’ Organization’s] exclusive provider of home loan programs based on their high standards for service and the excellent value of their programs. If you need money, we recommend you give them a call at 1-800-995-4193. Even easier, click here and find out more!”

3. “NewDay is the EXCLUSIVE lender for [Veterans’ Organization]. We earned this because of our focus on helping veteran’s [sic] payoff their debt, lower their interest rates and payments, or get additional cash out as well.”

The CFPB consent order state the failure to disclose material connections between NewDay and Veterans’ Organization while making affirmative statements concerning a substantive basis for the endorsements likely would have been material to consumers evaluating the weight or credibility of Veterans’ Organization’s endorsement and whether to obtain a mortgage loan from NewDay, and likely would have been misleading to reasonable consumers. Thus, these communications constitute deceptive acts or practices in violation of sections 1031(a) and 1036(a)(1)(B) of the CFPA, 12 U.S.C. §§ 5531(a), 5536(a)(1)(B).

The Bureau alleged that the paid endorsements or recommendations violated the Real Estate Settlement Procedures Act “RESPA”, 12 USC. 2607(a) which provides that no person shall give and no person shall accept any fee, kickback, or thing of value pursuant to any agreements and understandings, oral or otherwise, that business incident to or a part of a real estate settlement service involving a federally related mortgage loan shall be referred to any person.
The CFPB said there was an agreement and understanding between and among NewDay, Veterans’ Organization, and the marketing and lead generation company, NewDay mailed advertising communications to individual members of Veterans’ Organization, with Veterans’ Organization’s approval, that were identified as being from Veterans’ Organization which was in violation of RESPA. These communications typically were sent to pre-screened members of Veterans’ Organization and referred recipients to NewDay by encouraging and recommending that members use NewDay for mortgage lending services.

The consent order say the agreements and understandings between and among NewDay, Veterans’ Organization, and the marketing and lead generation company, consumer members who called Veterans’ Organization’s call center for information on mortgage products were referred to NewDay. The CFPB also pointed out that the marketing and lead generation company (i.e. the “Broker Company”) maintained a website for Veterans’ Organization members (the marketing and lead generation website) which were linked to from the Veterans’ Organization website and that was identified as being part of the Veterans’ Organization website. Consumer Members who visited the marketing and lead generation website were referred to NewDay by text “recommend[ing]” NewDay as a source for home loans, along with hyperlinks to NewDay’s website and the phone number for the Veterans’ Organization’s call center.

The Consumer Financial Protection Bureau stated they found more than 3,900 payments to the Veterans’ Organization and the marketing and lead generation company (in the form of both monthly payments and “lead generation fees”) for these referral activities. The referral mechanism set up resulted in close to 400 loans being originated.

The CFPB’s consent order prohibits NewDay from engaging any payment schemes where part of the compensation is for an endorsement. The CFPB also ordered NewDay to cease entering into any business relationship that would involve third party endorsements which might be inconsistent with the Federal Trade Commission’s guidance on endorsements which can be found in 16 C.F.R. part 255. NewDay is also prohibited from violating any aspect of Section 8 of RESPA and must submit a Compliance Plan to the CFPB.

NewDay was fined $2,000,000.00 for participating in this arrangement.
Continue reading

The TILA-RESPA Integrated Disclosure Rule’s implementation date is beginning to cause heightened concern and worry for those involved in the residential lending industry. One reason is the emerging news that a number of the 3rd party vendors engaged to write the loan originator system “LOS” software may not be able to do so until April, May, June, or even worse that some of the LOS systems that are rolled out may not be in compliance when the residential lender implements the LOS into their system. One reason for the delay by these vendors is that they were busy designing and creating other software to address the Qualified Mortgage “QM” rule that went into effect on Jan. 1, 2014 and only now are the turning to the TILA-RESPA integration.

Kate Larson, Regulatory Counsel, with the Consumer Bankers Association wrote an article for InformationWeek on the “2015 Banking Regulatory Outlook” on Jan. 7, 2015 in which she stated “Despite their diligent efforts, many of our members are concerned their systems will not be ready by the August 2015 deadline because of the limited number of vendors in the market.”

The downstream impact of a delayed LOS system integration is causing many banks and mortgage bankers to have to reassess their risks associated with their third party vendor management compliance obligations with respect to the TILA-RESPA Rule. Many banks and mortgage bankers to whom we have spoken will only be utilizing one title vendor because they are concerned about the integration timeline and do not want to be left shut down in whole or in part on or after August 1st, 2015 as a result of spreading their compliance across to many vendors.

There are simply to many lenders, banks, credit unions, mortgage brokers, and others who are relying on the limited number of mortgage software companies to integrate the new TILA-RESPA LOS system. Several of the TILA-RESPA disclosure task force groups we serve on are sensing real concern by the various trade associations.

On the title side of the business, many of the title software companies have finished or are finalizing their software systems to address the compliance of their title vendors. However, finalization of these systems depend on the mortgage LOS systems integration, testing that integration, and educating the employees of both the lenders and title vendors.

The CFPB has been adamant that they will not delay the implementation date of this rule and even if by some miracle the CFPB suspends enforcement for 6 months (similar to what HUD did with the 2010 RESPA Reform Rule) this will not provide sufficient safeguards because the secondary market may not purchase loans that are not in compliance with new TILA-RESPA Rule. In sum, if something is out of compliance then the lenders face claims by investors that they have violated the reps. and warrants under their repurchase agreements, thus leaving them exposed to future mortgage buy-back claims.

We are hearing that a few of the biggest banks will be completely ready by the end of Feb. 2015 as they went in-house and designed their LOS systems due to concerns about meeting the implementation rule deadline. However, let’s hope the 3rd party LOS software companies can get their systems in place, integrated & tested with their title vendor(s), and all the staff trained well in advance of August 1st, 2015.
Continue reading

The Consumer Financial Protection Bureau “CFPB” and Federal Trade Commission “FTC” filed suit against the Sprint Corporation in the United States District Court Southern District of New York on December 17, 2014 alleging that Sprint illegally charged its wireless customers millions of dollars in unauthorized third-party text message fees from 2004 to December of 2013. The lawsuit Consumer Financial Protection Bureau v. Sprint Corporation can be viewed here.

Third party vendor management oversight and the Unfair Deceptive or Abusive Acts or Practices Act “UDAAP” are critical issues in this lawsuit which merit attention by any and all companies subject to the jurisdiction of the CFPB.

The CFPB/FTC complaint alleges that Sprint “unfairly charged its customers by creating a billing and payment-processing system that gave third parties virtually unfettered access to its customers’ accounts. This access allowed third parties to ‘cram’ unauthorized charges onto wireless bills.”

The lawsuits states that Sprint automatically enrolled its wireless customers in its third party billing system without the consumers knowledge or consent and in many cases the consumers were unaware of the unauthorized charges. “Sprint continued to operate its flawed system despite numerous red flags, such as high refund rates and complaints from customers, law-enforcement agencies, and consumer groups.”

The Bureau and FTC said that Sprint profited from this system because it shifted risks to its customers, who had to pay third-party charges under the company’s Terms and Conditions of Service (“Terms & Conditions”). Sprints customers suffered losses but Sprint retained 40% of the gross revenue it collected for third-party charges which totaled hundreds of millions of dollars.

The CFPB said that because Sprint extends credit to, and processes payments for, consumers in connection with goods and services that Sprint does not directly sell or that consumers do not directly purchase from Sprint that Sprint meets the definition of a “covered person” under the CFPA.

Some of the major takeaways from this lawsuit are the importance of third party vendor management oversight and UDAAP:
1. “Outsourcing compliance and billing functions to billing aggregators without adequate oversight.”
2. Sprint’s consumer complaint resolution process was unresponsive.
3. All consumer charges must be authorized by the consumer.
4. Third parties should not have access to Sprints customers and billing systems without implementing adequate compliance controls.
5. Companies should actively monitor its third parties from engaging in deceptive practices.
6. Companies should actively monitor third party advertisements and marketing techniques involving consumers.
7. Companies should have agreements in place with third parties that contain consumer protection provisions.
8. Companies must have a consumer complaint tracking management system in place.
9. The CFPB once again utilized statistical data (in this case consumer refund rates) when analyzing UDAAP and other violations.
10. Companies should not outsource their compliance or fraud-prevention functions.
Continue reading

Wells Fargo announced that effective August 1, 2015 it will control the generation and delivery of the borrower’s Closing Disclosure form in anticipation of the TILA-RESPA Integrated Disclosure Rule. The new Closing Disclosure is a mix of the existing Truth-in-Lending (TIL) disclosure and the Settlement Statement (HUD-1). Wells Fargo stated in the Wells Fargo Settlement Agent Communications newsletter on September 24, 2014 they will be taking over this process in order to meet internal compliance and governmental regulator compliance expectations on the bank.

Wells Fargo said the reason they will be delivering the Closing Disclosure Form is because they want to maintain evidence the borrower received the disclosure at least three days prior to the closing since this is a critical compliance requirement they must meet. The bank disclosed that having readily accessible data for internal and external compliance audits was another major reason for this decision.

Wells Fargo disclosed that their view under the new rules is “…that the settlement agent continues to be responsible for the Seller’s information and will prepare and deliver the Seller’s Closing Disclosure. A copy must be provided [by the Settlement Agent] to Wells Fargo for our loan file in order to comply with the final rules.”

The Consumer Financial Protection Bureau often provides subtle clues as to where they may be headed on the enforcement front and on November 6, 2013 they addressed the topic on their website about online Lead Generation and consumer safety involving payday loans. The topic “Is applying for a payday loan online safe?

The CFPB stated that anytime a consumer gives out sensitive personal and financial information on the Internet there are risks involved to the consumer. They warned consumers that if a consumer applies online for a payday loan online, the consumer could be increasing their risk significantly. The CFPB stated the reason for this is because many websites that advertise payday loans are not lenders. They are businesses known as “lead generators” which make money primarily by finding customers for lenders.

The Bureau expressed concern that the online application or form that consumers filled out could be sold to a lender who offers to make the consumer a loan. The Bureau also indicated they have concerns as well that multiple lenders or other service providers could pay for this information causing the them to contact or email the consumer.

The United States District Court for the District of Maryland, Northern Division certified a Real Estate Settlement Procedures Act “RESPA” class action lawsuit on Tuesday, Jan. 28, 2014 involving marketing agreements between a “Team” of real estate agents “and Lakeview Title Company, Inc. The Creig Northrop Team, PC (a/k/a The Northrop Team) is a team of independent contractor real estate agents who work for Long & Foster Real Estate, Inc.. The class action lawsuit arises out of an alleged scheme for a team of real estate agents to receive over half million dollars in illegal kickbacks from a title insurance company for referrals over a period of 13 years.

Patrick Baehr, et al., v. The Creig Northrop Team, P.C., et al. (Civil No: 1:2013cv00933). Judge William D. Quarles is the presiding judge in this case.

The allegations specifically state that the defendants “used a ‘sham employment arrangement and a sham marketing agreement’ ‘to generate unearned fees and kickbacks.'” The employment agreement allegation involves Carla Northrop who was a full-time employee of the Northrop Team but secretly received payments from Lakeview Title under an employment agreement, even though Ms. Northrop allegedly did not perform any services or actual work for Lakeview Title nor was she provided an office, telephone number, or email address showing she was working for Lakeview Title. The employment agreement was not disclosed to the plaintiffs in this case. These allegations if proven would likely violate 12 U.S.C. §2607 of RESPA which is the prohibition against kickbacks and unearned fees section.

The Dodd-Frank Update and The Legal Description legal publications at October Research, LLC have teamed up to host a 90-minute federal regulatory outlook webinar for mortgage, title insurance and settlement services professionals. This in-depth training features two top compliance attorneys who will educate participants on significant regulations impacting the industry in 2014. The webinar will be held on Tuesday, December 10, 2013 from 2:00-3:30 PM EST.

Speakers Mitch Kider, of Weiner Brodsky Kider PC, and Marx Sterbcow, of The Sterbcow Law Group, will define significant regulations, what companies should be doing now to prepare and what the regulatory landscape will look like as we move into yet another year of complying with thousands of pages of new and existing regulations. Topics will include:

•CFPB enforcement actions: Who’s at risk and what to expect;

On October 30, 2013, the Office of the Comptroller of the Currency “OCC” issued a bulletin on “Risk Management Guidance” which will have wide ranging implications for all vendors of national banks and federal savings associations. The bulletin provides new guidance for assessing and managing compliance risks associated with third-party relationships. A 3rd party relationship is any business arrangement between a banks and another entity, by contract or otherwise.

3rd party relationships include activities that involve outsourced products and services, use of independent consultants, networking arrangements, merchant payment processing services, services provided by affiliates and subsidiaries, joint ventures, and other business arrangements where the bank has an ongoing relationship or may have responsibility for the associated records. Affiliate relationships are also subject to sections 23A and 23B of the Federal Reserve Act (12 USC 371c and 12 USC 371c-1) as implemented in Regulation W (12 CFR 223). Third-party relationships generally do not include customer relationships.

The OCC stated that it “expects a bank to practice effective risk management regardless of whether the bank performs the activity internally or through a third party. A bank’s use of 3rd parties does not diminish the responsibility of its board of directors and senior management to ensure that the activity is performed in a safe and sound manner and in compliance with applicable laws.”

The OCC released the bulletin in response to the on-going concern that banks were continuing to increase the number and complexity of third party relationships with both foreign and domestic 3rd parties. Specifically they highlighted:
(1) outsourcing entire bank functions to third parties, such as tax, legal, audit, or information technology operations;
(2) outsourcing lines of business or products;
(3) relying on a single third party to perform multiple activities, often to such an extent that the third party becomes an integral component of the bank’s operations;
(4) working with third parties that engage directly with customers;
(5) contracting with third parties that subcontract activities to other foreign and domestic providers;
(6) contracting with third parties whose employees, facilities, and subcontractors may be geographically concentrated; and (7) working with a third party to address deficiencies in bank operations or compliance with laws or regulations.

The OCC is concerned that the quality of risk management over third-party relationships may not be keeping pace with the level of risk and complexity of these relationships. The OCC has identified instances in which bank management has:
(1) failed to properly assess and understand the risks and direct and indirect costs involved in third-party relationships.
(2) failed to perform adequate due diligence and ongoing monitoring of third-party relationships.
(3) entered into contracts without assessing the adequacy of a third party’s risk management practices.
(4) entered into contracts that incentivize a third party to take risks that are detrimental to the bank or its customers, in order to maximize the third party’s revenues.
(5) engaged in informal third-party relationships without contracts in place.

These examples represent trends whose associated risks reinforce the need for banks to maintain effective risk management practices over third-party relationships.
Continue reading

Contact Information