Mastering Regulatory Examination Preparation for Mortgage Businesses

When faced with a regulatory examination, many mortgage businesses simply freeze up and ignore what’s coming, often because they’re not sure what to do. But a regulatory compliance audit is not the time to bury your head in the sand. Rather, it’s an opportunity to demonstrate your mortgage business’s commitment to its customers and to regulatory compliance as a whole.

Let's start with a few basics about CFPB regulatory examination preparation for mortgage businesses and what you need to do get ready.

Non-Depository Institution Examinations

The Consumer Financial Protection Bureau (CFPB) identifies non-depository institutions for examination based on asset size, consumer financial transaction volume, and rigorousness of state oversight and state regulators.

Depository Institution Examinations

The CFPB identifies large institutions for examination based on its assessment of consumer risk and consistency with statutory guidelines on coordination of examinations.

What Does a CFPB Examination Look for?

The CFPB searches for evidence of unfair, deceptive, or abusive acts or practices, discrimination, and other legal violations.

• Examiners review compliance procedures and policies that keep an organization in line with statutory and regulatory policies.
• Examiners decide whether to take formal enforcement actions or informal corrective actions.
• Examiners issue a draft compliance report that they share with the organization under review.
• CFPB encourages self-correction, but more egregious violations will require formal enforcement action.

What is a Targeted Review?

There are times when the CFPB becomes aware of violations through citizens’ complaints of certain problems at a single organization. In this instance, the CFPB will conduct a review of that single organization, focusing on the problems that gave rise to the consumer complaints.

What is a Horizontal Review?

Horizontal reviews examine multiple organizations within the industry to investigate certain practices or even products that violate consumer protections and to decide whether formal enforcement is appropriate.

What Does CFPB Enforcement Mean?

The CFPB may enforce legal actions or civil actions in a Federal district court. The CFPB may seek equitable relief, such as:

• Rescission/reformation of contracts
• Refund of money or real property
• Restitution, disgorgement, or unjust enrichment relief
• Monetary damages
• Public Notices issued about violations
• Limitations on activities and job functions against the person to whom the CFPB brings an action
• Civil penalties earmarked for victim compensation or education

The CFPB cannot bring criminal enforcement charges. If the CFPB finds evidence of criminal activity, or evidence of discrimination, the law requires that the agency turn over the evidence to the Department of Justice. If the agency finds evidence of tax law violations, the law requires it turn over such information to the IRS. Examples of criminal activity include false data, conducting business with a foreign country with active US sanctions, bank deposits in such sanctioned countries, and false information on applications.

What Can I do to Prepare for a CFPB Audit?

As intimidating as the examination process may sound, there are things you can do to make the process go smoothly.

• Prepare yourself. The CFPB will send a letter outlining what they intend to review. The CFPB website is full of information on enforcement, recent enforcement actions, and examination guidelines and objectives.
  
  
• Consider pre-examination in-house mock reviews. These practice sessions can help prepare the team's response to audit questions as well as help identify and focus on issues that the legal team should review.
  
  
• Appoint a single person responsible for contact with CFPB examiners. This is the "go-to" person for all examination contact, including setting up meetings, advising stakeholders/legal department of the focus of the audit, gathering the materials for review, and setting up the protocols for handling the examination itself.
  
  
• Give the examiners room (preferably a conference room) with the equipment and tools they need to do their job. Place them close to the legal department or compliance people. Present the documents the audit letter said they require in labeled file folders, all neat and tidy on the conference table. You will appear organized, and they won't go on a fishing expedition for documents.
  
  
• Start engaged, stay engaged. Make a good first impression. Provide background information for examiners on your business model and your enforcement policies. Invite the right people to the meetings.
  
  
• Impress examiners with your information organization skills. Set up websites that contain the examination information you received from the CFPB.
  
  
• Consult with the legal department before self-identifying compliance issues.
  
  
• Don't underestimate the amount of time required to spend with the auditors. It behooves an organization to open the primary contact person's schedule so he or she is free to answer all questions from the examiners. Some examiners are less experienced with your industry. The audit is a great teaching moment for you to leave less experienced examiners with a positive impression of your organization and a great understanding of your industry.
  
  
• Non-bank lender audits differ from depository institution audits. If you service loans, they will review your service processes. If you have affiliates, the CFPB will look at those, too. Remember that the CFPB will do its homework on your company from the past several years (including reviews of any state audits), so you should adequately prepare to answer their questions.

While the process may cause stress, remember that the auditors are not on an expedition against your organization. Throughout the examination, stay hospitable. Examiners often travel to your business from out of town. Let them know where they can find places to eat or to take a nice walk after lunch.

Access Business Technologies is a certified SSAE 16 Type II cloud solution provider (CSP) to over 500 mortgage financial institutions (banks, credit unions, and mortgage companies). Our suite of mortgage-specific cloud solutions enables your organization to move through the audit process with ease. To talk more about CFPB regulations or other mortgage compliance issues, please contact us. We look forward to helping you grow your mortgage business.