When John Vong, CMB, CMT, founded ComplianceEase in 2001, he did so on the heels of 20+ years in the mortgage banking industry, where he became accustomed to operating in a highly regulated environment. Doing so inspired his interest in managing regulatory risk — and managing it with greater ease.
Today, ComplianceEase offers risk management tools that are more valuable than ever, as government regulations grow ever stricter. “At the end of the day, a decision or action is either compliant or it’s not,” Vong says. “However, making the right decision is only part of what regulators are looking for. Agencies like the Consumer Financial Protection Bureau (CFPB) are also assessing the steps that have been taken to assure compliance, including evaluating the compliance management systems (CMS) that institutions have in place.”
Vong says these CMS should combine policies, procedures, software and documentation. “Regulators are looking for a culture of compliance,” he adds. That means accurate evaluation through the loan origination process and using a system that is comprehensive enough to audit federal, state, and local regulations based on lenders’ license types.”
“There is the balancing act of profitability versus risk,” Vong says, which may cause some lenders to “stay well back from the edges” of the Qualified Mortgage and Ability to Repay (QM/ATR) rule, even at the risk of encountering fair lending issues.
Thus, it’s important to find an automated compliance partner who can take a holistic view of potential compliance risk with continuous monitoring for clients’ protection.
As Vong has often said, “The devil is in the details.” He adds, “Today lenders, investors and vendors not only have to ‘do the right thing’ consistently when it comes to compliance, but they also have to be able to demonstrate the steps they followed to arrive at their decision to assure institutional compliance. So everything, both large and small, counts.”
When lenders have to justify and document every decision, it really raises the bar for compliance. Those that are still trying to handle compliance manually or by using multiple, disparate systems as a work-around are going to find it difficult to meet new requirements. The CFPB’s new TILA-RESPA Integrated Disclosure (TRID) rule will only exacerbate this situation, according to Vong.
“Using an automated compliance system is really the only practical way for lenders to deal with the plethora of new regulations at the federal, state and local levels,” Vong says, adding that lenders need to choose “well-designed and vetted systems” that capture and analyze data at every step in the origination cycle and across the entire enterprise. They have to be able to demonstrate compliance in the event of an examination or consumer complaint.
While there are a growing number of companies, including document providers and loan origination systems (LOSs), that offer some aspect of compliance, automated compliance is the only thing ComplianceEase does. “We are unique in that our clients include lenders, investors and industry regulators,” Vong notes. “This means we are intimately familiar with the rules, or the ‘details,’ if you will.”
ComplianceEase’s technology and data standards are, in fact, being used by many regulators. “This has enabled us to build end-to-end solutions that help prevent clients from triggering regulatory compliance issues that could result in penalties or put-back demands from secondary investors,” Vong explains, pointing out that his company offers solutions that can seamlessly integrate into more than 30 leading LOSs and other systems.
Vong emphasizes that lenders need both a compliance solution as well as a document preparation provider to be in compliance with TRID. “Each performs a different function and brings something different to the table,” Vong says. While both document providers and automated compliance vendors address compliance issues — using technology to help lenders avoid missteps — a document provider is focusing on the legality and compliance of language used within forms and disclosures. A document provider isn’t going to track all of the rules and regulations that apply to the origination process based on the lender’s license type.
Meanwhile, an automated compliance vendor offering the best protection for lenders will focus on a holistic approach to compliance with all federal, state, and local regulations. Through automated testing, the compliance vendor will make a determination of which laws apply on a loan-by-loan basis, breaking out each license type, as state laws vary depending on the originating license type.
Document systems do not necessarily track the lender’s license type and loan terms back to the start of origination. According to Vong, an automated compliance system should be able to determine which laws apply based on a given license type to enable lenders to audit loan terms at all points in the loan process starting after application.
This is where ComplianceEase steps in. “Our complete suite of solutions starts with our flagship product ComplianceAnalyzer, which offers comprehensive reviews of multi-jurisdictional audits including tests for QM eligibility, federal HOEPA and HCM, state and municipal high-cost regulations based on license type, LO compensation restrictions, secondary market investors’ and GSEs’ compliance guidelines and lenders’ internal compliance policies,” Vong explains.
Both in-house and external legal teams maintain ComplianceAnalyzer’s regulatory library and tests, using them to test loans against data standards set by state banking and mortgage regulators and examiners.
With implementation of TRID only five months away, Vong urges lenders to get on the compliance solutions bandwagon: “Don’t wait until the last minute to decide on your compliance partner because you’ll still have a great deal of internal work and training to do in order to be compliant.”
He says selecting the right TRID solution is a very critical decision, but it’s not the only one. Lenders will also have to entirely revamp much of their current workflow to operationalize TRID.
That will require a collaborative effort among lenders, vendors and settlement agents to coordinate the necessary system-to-system communication and workflow changes. “Make sure your automated compliance system provider has direct control of changes and releases,” Vong advises. “If your vendor does not have a holistic approach to compliance, this challenge will be multiplied.”
Vong sees a paradigm shift for closing procedures. “It is essential to offer education and training to both external agents, like real estate and settlement agents, as well as internal parties to yield a successful implementation,” he says.
Large lenders will do closing themselves because they can afford to simplify implementation of TRID, but smaller institutions may not be able to afford it.
Vong says ComplianceEase’s TRID solution will integrate seamlessly with all of the different players on the origination spectrum: LOSs, document preparation companies, vendors, and title and closing agents. Launched in a testing environment late last year, it’s now being used by lenders and mortgage technology vendors to build integrated TRID compliance controls into their systems.
Vong says he thinks most lenders are greeting TRID compliance challenges with optimism. “Maybe it’s because we’ve all lived through the last set of RESPA 2010 changes and the scary, Y2K-like predictions for QM/ATR,” he says, “but for the most part, I think the industry has taken the TRID challenge very seriously.”
He says ComplianceEase’s clients, including some major ones, are engaging in organizational “mapping” and enterprise training that will be necessary for full implementation of the new rules and new ways of working that TRID will usher in.
“So, with five months to go, I’m still optimistic,” Vong remarks. “Very busy. But optimistic!"