By William M. LeRoy, PHOENIX Consulting, L.L.C. & The PHOENIX Group, L.L.C.

If you pay attention to the phrases used to describe recent or up-coming mortgage conference events you will see headline descriptions like; “There’s light at the end of the tunnel,” etc., repeated over and over again.  When you examine the materials setting forth the subject matter offerings that purport to bring the “Light,”  you will generally see nothing beyond a well-constructed re-hash of old ideas and approaches being offered as something different or “new.”

There is nothing new about old ideas and approaches, beyond the attempts at clever re-wording, re-worked settings and animated re-delivery.  Instead of offering a true roadmap to success, they inspire folks to ask questions like; “How many board member s (i.e. industry leaders), does it take to screw in a light bulb.” What is far worse is the dulling effect these empty promises have upon the open, curious minds that are still seeking real answers to real problems, and the perpetuating of the public policy perception that the majority of the leaders within the mortgage industry “do not get it” or simply “do not care”.

The inexorable fact is that to experience real change, we need a true Paradigm Shift; not just new lipstick on the proverbial pig. A paradigm shift (or revolutionary science) is, according to Thomas Kuhn, a change in the basic assumptions. It is not as we have seen within many segments of the mortgage industry, a series of adjustments (no matter how severe or sweeping) made within the context of existing models.

In its simplest form, there are 3 basic components that comprise the Mortgage Banking Industry. They are; 1) Investment entities / Investors (foreign & domestic), 2) Mortgage Companies (originators and loan servicing, including sub., special and component servicers), and; 3) Third-party vendors.

In this article, I will address one specific aspect of the “thinking” of regulators, financial institutions and third-party vendors. In particular,  the assessment of mortgage banking attorneys within the context of the areas of risk outlined in OCC Bulletin 2011-29 & OCC Bulletin 2001-47. I will then attempt to share some brief thoughts regarding why we need some real structural changes to our historical models and basic assumptions, if we are to ever experience true change (Paradigm Shift) for the better. I will conclude with some thoughts as to how to get there.

Background

It is abundantly clear that OCC intends to ensure that all mortgage servicers under its supervision adhere to “appropriate” foreclosure management standards. In response, most mortgage servicers have taken steps to try and ensure that all actions taken by employees or third party law firms engaged to provide legal services, remain in full compliance with all applicable foreclosure laws, safe and sound foreclosure processing methodologies, and ensure responsible business practices that provide transparency, accountability and the appropriate treatment of borrowers at each stage of the foreclosure process.

With specific regard to Third Party Vendor Management, the OCC sets forth the following areas of risk associated with the selection and management of third-party vendors, including outside law firms assisting in the foreclosure process:

Strategic risk:

Strategic risk can arise when a financial institution’s management fails to perform due diligence reviews or to implement the appropriate risk management infrastructure to oversee the activities of third-party vendors. Strategic risk also arises if a financial institution’s management does not possess adequate expertise and experience to properly oversee the activities of the third party.

Reputational risk:

Reputational risk can arise when the third party’s employees interact directly with a financial institution customer. Also, publicity about adverse events surrounding the third parties will increase the financial institution’s reputation risk.

Compliance risk:

Compliance risk can arise from violations of laws, rules, or regulations, or from nonconformance with internal policies and procedures or ethical standards. Compliance risk increases when privacy of consumer and customer records is not adequately protected, when conflicts of interest between the financial institution and affiliated third parties are not appropriately managed, and when a financial institution or its service providers have not implemented the appropriate information security programs.

Transaction risk:

Transaction risk can arise from problems with service delivered by the third-party. A third party’s inability to deliver services, whether arising from fraud, error, inadequate capacity, or technology failure, can expose a financial institution to transaction risk.

Credit risk:

Credit risk can arise from a third-party obligor’s failure to meet the terms of any contract with the financial institution or otherwise to perform as agreed.  The OCC has stressed the importance of conducting assessments of the financial strength of all third party vendors, both at the outset of the relationship and periodically thereafter, and the importance of having a contingency plan in the event the third party is unable to perform.

In general, the OCC requires that a financial institution’s management policies and procedures effectively address each of the above-referenced areas of risk. They expect that a financial institution’s management will carefully conduct and prudently manage relationships with third-party vendors, including outside law firms assisting in the foreclosure process.  They expect that a financial institution’s management policies and procedures ensure that third-party vendors, including outside law firms assisting in the foreclosure process, have the skills necessary to perform each of their respective assigned functions, that roles and responsibilities are clearly defined and that individual law firm performance is monitored daily, in a real-time environment; weekly and monthly by utilizing regular reports; and annually with audit reviews.

Specifically, and in summary, the OCC expects that financial institutions employ stringent risk management processes that include:

1) Regular and ongoing risk assessments to identify the financial institutions needs and requirements.

2) Proper due diligence to identify and select a third-party provider.

3) Written retainer agreements that outline the duties, obligations, and responsibilities of the parties involved.

4) Ongoing oversight of the third parties and third-party activities.

These express concerns, coupled with the dictums expressed as a result of the Attorneys General Settlement and the corresponding out-flow of new legislative efforts, comprise the foundation of our industry’s new “reality”.

The Mortgage Industry’s Response

On the financial services side, our industry’s response, with few exceptions, has been to audit third party vendors. The audit methodologies employed have been, in some cases, so different from one another that the logic of the contents has baffled the most logical minds. Over the past year, these audits have been frequent and relentless. Some have been accompanied by on-site inspections and some have not. The most recent protagonist to enter the audit fray is the Consumer Finance Protection Bureau or the “cfpb”. (They have their abbreviation un-capitalized). The letter “c” contains what appears to be a flashlight shining on the remaining 3 letters.  (My reason for mentioning this image will become clear shortly.)  The cfpb has been visiting financial institutions lately for periods of up to 2 weeks, with as many as 16 individuals on the premises at one time. If this new development portends anything at all, it is a clear forecast of what is to come.  If some recent discussions concerning Reg AB are any indication of what we can expect going forward, then third party vendors are the next set of targets for the emergent cfpb audits.

One would think that with all these audits; the questions, examinations and inspections taking place that our industry, and in particular, the criterion associated with the selection and management of third party vendors, would have been completely perfected by now, right? The answer (from my vantage point) is emphatically; “Wrong”. In my view, the central driving force behind all the behaviors that have led to the historical issues we have observed in the past year or so; (i.e. robo-signing),  attorneys having non-legal staff members sign their names to affidavits, notaries public saying they did something, when they have not, attorneys massaging files and not being completely honest with their clients, and so forth, has been completely un-appreciated and entirely overlooked by the audits.

The key driver in my view, is the third party vendors “Culture”.

(Make sure to read the next update of the NACTT Academy for the conclusion of this article.)

About William M. LeRoy, PHOENIX Consulting, L.L.C. & The PHOENIX Group, L.L.C.

An accomplished leader & seasoned legal & mortgage banking professional, Mr. LeRoy is the Founder & Principal of PHOENIX Consulting, L.L.C. and The PHOENIX Group, L.L.C. PHOENIX Consulting, L.L.C., can help to ensure that all Third Party Vendor Management Policies, Procedures, Controls and Audit Processes are in alignment with the most recent regulatory requirements.  The PHOENIX Group, L.L.C., is an emerging group of full service boutique law firms who are restoring credibility to the legal community one law firm at a time.