Posts filed under ‘Compliance’

Are Your Marketing Agreements Illegal?

When it comes to mortgage marketing agreements, be afraid, be very, very afraid. That’s my takeaway from a memo released by the CFPB yesterday.

Using less subtlety than Donald Trump at a press conference, the Bureau that Never Sleeps released a compliance bulletin stressing that it is deeply concerned about the repeated use of marketing agreements that violate RESPA’s ban on kickbacks in return for mortgage business. In the memo, it stresses that it has discovered repeated instances of marketing agreements being used to circumvent RESPA’s ban.

Anyone involved with a marketing agreement would be well advised to make sure that it is complying with the law both on paper and in practice. As the Bureau explains, “any agreement that entails exchanging a thing of value for referrals of settlement service business involving a federally related mortgage likely violates RESPA whether or not an MSA or some related arrangement is part of the transaction.” As a result, it is not enough to simply have a marketing agreement in place, you have to be able to demonstrate that it does not result in payments for work not performed or otherwise tied to the volume of business generated by the agreement.

RESPA bans the giving or accepting of any fee, kickback or thing of value in return for the referral of mortgage business. It does not, however, prohibit the payment of services actually furnished or performed.  Since its inception in 1974, its goal has been clear, but its implementation less so. Simply put, at what point are the services performed by a third party substantial enough to be considered work performed under the statute. While nothing in the statute explicitly prohibits marketing agreements, in the memo the CFPB provides examples of the type of activities that run afoul of the law.

For example, it highlighted an investigation of a title insurance company that paid fees based in part on how many referrals it received from the companies with which it was marketing. In addition, the Bureau has discovered cases where companies are paid even though they have failed to provide some or all of the services for which they were under contract. A third example involved a title company that had entered into an unwritten agreement with individual loan officers in which it paid for referrals by defraying the loan officers’ marketing expenses.

Keep in mind that ultimately the CFPB is providing these examples not simply to stress the illegality of the specific practices but to stress the type of arrangements that could result in violations of RESPA. The bottom line is this, if you have a marketing agreement for mortgage services under which the compensation you receive or give is in any way tied to the volume of referrals you receive or generate, you should strongly consider revising or ending the contract. Further, if you have a marketing agreement that is not tied to the volume of work generated, then you should be able to document what work is actually being performed and the compensation provided. This is one area where you would be well advised to seek legal advice as my blog is, of course, no substitute for such advice.

If I sound a bit paranoid this morning, it’s because I am. Over the years, RESPA has been less than rigorously enforced. The CFPB has given us fair notice that those days are over.

October 9, 2015 at 8:29 am Leave a comment

Can You Be Sued For Violating TRID? It Depends

I haven’t been able to get all that excited about legislation (HR 3192) postponing the date on which the TRID regulations would be fully enforced until February 1, 2016. The bill was passed by the house but you have a better chance of seeing Hilary Clinton become a provider of IT services than you do of seeing the bill passed in the Senate over the objection of the CFPB’s Birth Mother, Elizabeth Warren. And if the bill manages to get through the Senate the President has already announced that he would veto it.

And let’s be honest. Institutions have had close to two years to get ready for the TRID and the CFPB has done as good as any agency ever has of instructing stakeholders on how to get ready for a major new regulation. The same institutions that truly need the extra time probably will never have enough time to comply.

All this being said, the legislation underscores an important point: Dodd Frank not only increased the power of regulators to implement and enforce consumer protection regulations; it increased the scope of legal liability that lenders face; and by increasing penalties for violations it provided incentives for more consumer litigation. While it’s helpful that regulators have signaled they expect credit unions to make a good faith effort to comply with TRID in the early stages of its implementation, only legislation can shield lenders from private lawsuits and regulatory enforcement, which is what this proposal would do.

This distinction is particularly important when it comes to TRID. Dodd Frank mandated the integration of disclosure requirements under RESPA and the TILA. Specifically section 1100A(5) amended TILA to provide that ‘‘The Bureau shall publish a single, integrated disclosure for mortgage loan transactions (including real estate settlement cost statements) which includes the disclosure requirements of this title in conjunction with the disclosure requirements of the Real Estate Settlement Procedures Act of 1974 that, taken together, may apply to a transaction that is subject to both or either provisions of law.”

The tricky part is, that while RESPA has never authorized private lawsuits, TILA has. For example you could be fined by a regulator for messing up (That’s a legal term) a Good Faith Disclosure but not be sued. But in integrating these two laws Congress didn’t explain how their liability provisions would be impacted. As the CFPB further explained in the TRID preamble “the final regulations and official interpretations do not specify which provisions relate to TILA requirements and which relate to RESPA requirements,(but) the section-by-section analysis of the final rule contains a detailed discussion of the statutory authority for each of the integrated disclosure provisions.” Whether this approach provides enough guidance  is debatable and will be litigated.

Bottom-line: While regulators might be patient your friendly neighborhood attorney might not be. There is blood in the water and on this and many other Dodd Frank issues. By design the courts and not regulators will play an increasingly important role in delineating the contours of consumer protections.



October 8, 2015 at 9:45 am Leave a comment

Did You Receive A Mortgage Application?

Saturday, October 3, 2015 was the day the TRID regulations kicked in. The new integrated disclosure requirements apply to all applications received on or after that date. For many of you, nothing I’m going to say in today’s blog is surprising. But I’m going to guess there are some of you who never quite got around to reviewing the regulations as much as you wanted to. So in the coming weeks I am going to periodically review some of the basic concepts behind the regulations and provide you with some guidance as to where to look for answers as you go through the TRID process for the first time.

By the way, the CFPB has done a great job providing implementation material and all of you should be familiar with their site. In implementing the regulation, it’s the CFPB’s hope that combining and simplifying  the initial disclosures  will lead to a better informed home buyer. The Loan Estimate is replacing the erstwhile GFE and Early Truth in Lending disclosure.

One of the most important changes made by the CFPB was to redefine what an application is so that creditors have less flexibility in determining when disclosures have to be provided. In the old days, like last Friday, an application was received when you had “the borrower’s name, the borrower’s monthly income, the borrower’s social security number to obtain a credit report, the property address, an estimate of the value of the property, the mortgage loan amount sought, and any other information deemed necessary by the loan originator.” An application could be either in writing or electronically submitted, including a written record of an oral application.

As of Saturday, an application is received anytime you receive the name, the borrower’s monthly income, the borrower’s social security number to obtain a credit report, the property address, an estimate of the value of the property, and the mortgage loan amount sought. As a result, an application is now received regardless of whether or not you have traditionally  required additional information for an application to be complete. Again, this makes perfect sense if your goal is to get information in the hands of consumers as quickly as possible.

But lets’ say your credit union has never started the mortgage process without obtaining eight pieces of information. The CFPB gives you some flexibility if you know how to take advantage of it. First, you are allowed to request more than the six pieces of information that trigger the early disclosure requirements so long as you provide the Loan Estimate when you get the six pieces of information regardless of how much information you will use in underwriting the loan.

Sequence is also important. You could receive 14 pieces of information from a member; but, if that information does not include the 6 magic factoids then an application has not yet been received and your credit union does not yet have to provide an Early Disclosure.

The elimination of the “any other information” catchall makes the second part of the definition more important. Remember that an application includes a written record of an oral application. This means that your originator having a casual conversation with a potential first time home buyer just curious about the housing market may have taken an application and not even know it. This is a great example of why you need to have updated procedures in place.

Now, let’s say you have received an application.  A creditor is responsible for delivering the Loan Estimate or placing it in the mail no later than the third business day after receiving the application. (1026.19(e)(1)(iii)). Were you open on Saturday? For purposes of complying with this rule, a “business day” means a day on which the creditor’s offices are open to the public for carrying out substantially all of its business functions. See § 1026.2(a)(6). In other words, if you are not open for business on the weekends, the clock doesn’t start to run. It also  means, as explained by the commentary, that if an application is received on Monday, the creditor satisfies this requirement by either hand delivering the disclosures on or before Thursday, or placing them in the mail on or before Thursday, assuming each weekday is a business day.

You can use email so long as the member has consented to receive the disclosure electronically and you receive an acknowledgement that the email was received.

Employment Numbers Disappoint…Big Time

The employment numbers Friday were like the Yankees performance over the last seven games of the season: lousy. Once again the Fed finds itself in the unenviable position of deciding if the economy is ready for an interest rate rise or too weak to withstand the shock. On Friday, the DOL reported Total nonfarm payroll employment increased by 142,000 in September, and the unemployment rate was unchanged at 5.1 percent. Are the numbers scary enough for the Fed to push back an increase? My guess is no but it makes next month’s numbers that much more important.





October 5, 2015 at 10:41 am Leave a comment

Why EMV Shift Is Too Little, Too Late

Are your members safer today than they were yesterday? The reason why I’m asking that question is that today is the day Visa and Mastercard shift liability for unauthorized Point of Sale transactions involving debit and credit cards from card issuers who use EMV chip cards to merchants who don’t have terminals that can process these chip based transactions.

This shift is arriving with more of a whimper than a bang. Estimates vary widely, but in March the Payments Security Task Force, a consortium of eight financial institutions, representing approximately 50 percent of the total U.S. payment card volume, estimated that 63 percent of their credit and debit cards will contain EMV chips by the end of this year, expanding to 98 percent by the end of 2017. Merchant terminal conversion is estimated to be as low as 50%.

To me the EMV conversion process contains an important lesson: if this country wants a truly robust system to guard against data theft we need more government involvement, not less.

First, the good news. All consumers will ultimately benefit from a world in which the magnetic strip becomes a Smithsonian exhibit. America desperately needed this push. Despite being in use for more than two decades the U.S. has stubbornly resisted the adoption of chip based technology. This technology makes point of sale transactions much safer by making it much more difficult to steal card information. In Europe EMV brought about a sharp decline in POS theft.

Then there is the convenience factor. We live in an integrated world and the continued use of the magnetic strip really isn’t all that different from continuing to use floppy discs while everyone else is downloading programs from the cloud. Talk to anyone who has traveled overseas. if you don’t have a chip based card everything from paying for tolls to getting on a subway is a hassle. The great American credit card is as antiquated as a black and white T.V. It’s not a coincidence that the United Nations FCU has been a leading advocate of the liability switch.

So why am I so underwhelmed by the liability shift? Most importantly, it is too little too late. EMV chips are already old technology. There are even reports that hackers have figured out how to break into them.

Second, what we are witnessing is another split between the behemoths and small lenders. Given the expense of EMV cards-I’ve seen estimates that a chip based card is five times more expensive than a magnetic strip-it makes perfect sense for a credit union to look at its fraud numbers and conclude that the value of the liability shift is outweighed by the cost of conversion.   Similarly, it makes perfect sense for the small business merchant with the corner store to decide to risk higher fraud costs than upgrade his payment terminal.   My assumption  is that what we have this morning is a patchwork of consumer protection depending on where a consumer does her banking, her shopping and how often she uses plastic.

Then there is the continuing finger-pointing. Merchants say that security is best achieved when chip technology is coupled with a requirement that the consumer enter a PIN number,  In contrast the early numbers suggest that chip and signature has been the more commonly adopted approach. These type of tangents ultimately benefit no one.

One of my favorite economic\security metaphors is of a lighthouse. On the one hand all ships benefit from its existence; on the other hand since there is no way to provide light only to ships that contribute to its maintenance it’s always going to be in the economic best interest of some ship owners not to contribute. To me the EMV adoption process has suffered from the same dilemma. It shows, why, when it comes to developing a robust data protection system, government has to take the lead and impose baseline mandates.

October 1, 2015 at 10:03 am Leave a comment

Do We Have A Student Loan Or College Quality Crisis?

Student lending is having an increasingly large impact on your credit union whether or not it provides private student loans.  First,   With student debt now surpassing $1 trillion it is one of the factors explaining why millennials haven’t helped prime   the economy by buying that first home.   And, Of course, if your credit union is one of the increasing numbers of institutions    that has jumped into the private student loan market in recent years, you know firsthand about the opportunities and challenges posed by this market.  A report recently issued by the Brookings Institute has both operational implications for those of you making these loans and provides further evidence for those of us who believe that the cost of college is one of the key policy issues facing this nation. To be clear the research dealt with government guaranteed student loans but I’m assuming that many of its conclusions are applicable to the private student loan market.

So what did these researchers find? That increasing student loan default and delinquency “are largely due to increases in” the number of borrowers taking out loans to attend for-profit colleges and two-year community colleges.   These nontraditional borrowers “were disproportionately older, independent of their parents, from lower-income families, and living in more disadvantaged areas.”   Why do these conclusions matter? From an operational standpoint they underscore just how important it is to take the quality of the institutions your members are attending into account when establishing student loan policies.  On a policy level, it’s possible that we have as much of a college quality crisis as we do a student loan problem

For those of you who provide private student loans this research should be kept  in the same file as the Supervisory Guidance on Private Student Loans that NCUA posted in December of 2013.( Supervisory Letter No.: 13-13.)  This is a guidance that I am embarrassed to admit I haven’t highlighted in a previous post.  In it NCUA explains its expectations for sound underwriting practices involving student loans.  It explains, for example, that   “the performance of PSLs can vary significantly by cohort (e.g., field of study and degree, school attended, and graduation year relative to the economic cycle) as a result credit unions are expected to fully evaluate the credit risk of their PSLs by conducting a risk analysis for the different cohorts.”  This research shows that not all those factors have an equal impact on delinquency-the quality of the school may matter the most.

The tricky part is that too inflexible approach to student lending is going to lose you potential members. Providing a helping hand to someone striving to get ahead is one of the reasons we have credit unions in the first place.

In addition Student lending, particularly if done on a large enough scale, also raises potential fair lending issues via the Equal Credit Opportunity Act.  For example, let’s assume you receive applications from members planning to attend both four-year colleges and for-profit institutions. According to the  researchers “ attending a for-profit or 2-year institution is correlated with living in a more disadvantaged area, being lower income, and having worse labor market outcomes,”  As a result, it’s quite possible that a facially sound  underwriting policy may result in a disproportionate number of your rejected loan applicants being from protected classes.      In fact, in its guidance NCUA reminds credit unions that PSL loans are subject to the Equal Credit Opportunity Act.

Here is a link to the research:


A Quick Political Note-

The big winner in last night’s Republican debate was former HP CEO Carly Fiorina   She showed its possible be a political outsider, have a firm grasp of policy and politics (Sorry Ben Carson and Donald T), and be both aggressive and passionate   without being an obnoxious name calling loud-mouth (Sorry Donald).  For those of you looking for an outsider at any cost she is the one for you.

September 17, 2015 at 9:42 am 1 comment

MBL Proposal Will Only Be as Good as Its Guidance

The blog is going on its summer hiatus. I could say that I am using the upcoming week to help get the kids ready for school, but the truth is that with two fantasy football drafts to prepare for I need to take a break from analyzing credit union news and regulations to ponder really important questions like: Who will Green Bay’s primary receiver be this year? Are there any running backs worth drafting in the first round? And just how many weeks will Tom Brady miss?

But before I get started I wanted to remind you of NCUA’s proposed MBL amendments and why they are even more important than they appear to be.

In case you missed it, NCUA is proposing to give credit unions greater flexibility in making MBL loans. It is moving to what it describes as a principles-based approach under which the existing detailed mandates will be replaced with a requirement that credit unions actively engaged in making MBL loans, or that are over $200 million in assets, design and implement a broad range of policies and procedures addressing MBL lending. For example, the existing requirement that a credit union have at least one person with two years of experience underwriting its MBL loans would be replaced with a requirement that staff have experience directly related to the specific types of commercial lending in which the credit union is engaged. This is including, but not limited to, demonstrated experience in conducting commercial credit analysis and evaluating the risk of a borrowing relationship using a credit risk rating system.

Credit unions will be evaluated on the basis of “supervisory guidance to examiners, which would be shared with credit unions, to provide more extensive discussion of expectations in relation to the revised rule.” Which brings me to why this proposal is even more important than meets the eye: it will give both credit unions and the NCUA the opportunity to hash out once and for all the difference between supervisory guidance and regulations. Based on my reading of the case law-and keeping in mind this is my opinion- from a compliance standpoint there is no practical distinction between an agency’s interpretation of its regulation and a regulation itself.

For example, earlier this year the Supreme Court upheld the right of the DOL to issue an interpretation making mortgage originators nonexempt employees eligible for overtime. (Perez v. Mortgage Bankers Ass’n, 135 S. Ct. 1199, 1212, 191 L. Ed. 2d 186 (2015). The mortgage bankers argued that this “interpretation” was an amendment to a rule which could only be changed after notice and comment. The Supreme Court said that a regulation is only amended when language is changed. As Justice Scalia commented in a concurring opinion “[a]gencies may now use these rules not just to advise the public, but also to bind them. After all, if an interpretive rule gets deference, the people are bound to obey it on pain of sanction, no less surely than they are bound to obey substantive rules, which are accorded similar deference. Interpretive rules that command deference do have the force of law.”

Also remember that even when an agency interpretation is intended to give a credit union greater flexibility that same guidance gives examiners greater flexibility to determine if a credit union is acting properly.

Now don’t get me wrong. I’m not saying that NCUA isn’t genuinely interested in giving CUs greater flexibility. It is, and it deserves a tremendous pat on the back for its willingness to do so. But because the new MBL framework will only be as useful as NCUA’s guidance and examiner oversight, an ongoing dialogue with the agency is crucial. Everyone needs to be on the same page.

That’s why industry stakeholders, including the New York Credit Union Association, are urging NCUA to submit its MBL guidance to a formal notice and comment period. Doing so will help everyone understand just how much additional flexibility they have to make MBL loans. In addition, everyone has to understand that there will be bumps along the road. Adults have to be willing to sit around a table and talk out their differences.

On that note – see you next Tuesday as the blog marks its fourth anniversary.

August 27, 2015 at 9:08 am Leave a comment

What Can You Do About Those Late Credit Card Payments?

I am a firm believer in not making the same mistake twice; I prefer to make new ones instead.  In that vein, please do me a favor and double-check the way your credit union handles delinquent credit card accounts.

Late last week, a federal district court in Massachusetts ruled that American Airlines Federal Credit Union violated both the Truth in Lending Act and a similarly worded Massachusetts state law by seizing funds in the member’s account after she became delinquent on credit card payments due to the credit union.  A recurring question that the Association’s Compliance Department fields is just what steps credit unions can take to “offset” member funds when they fall behind on credit card payments.  The case provides a great opportunity for everyone to remember the basic rules and double-check their procedures.  (See Martino v. Am. Airlines Fed. Credit Union, No. 14-10310-DPW, 2015 WL 4920015, at *4 (D. Mass. Aug. 18, 2015)).

The most important thing to keep in mind is that the Truth in Lending Act extends added protections to credit card holders.  Consequently, if you want the option of claiming funds to recover delinquent credit card payments, there are several steps you must take ahead of time.  Fortunately, this is one area where the regulations are self-explanatory.

The best place to go is 12 CFR 1026.12(d)(2) and its official staff interpretation conveniently provided for us on the CFPB’s excellent website.  Most importantly, a credit card holder must affirmatively agree to a card issuer having a security interest to pay off delinquent credit card debts.  A technical but critical distinction is that the agreement must create a security interest, which defines with specificity the funds that can be accessed to pay off delinquencies.  For this security interest to be valid, the consumer must be aware that he is granting it.

There are three basic indicia to be reviewed in determining whether a consumer has been given adequate notice:

  1. Separate signature or initials on the agreement indicating that a security interest is being given.
  2. Placement of the security agreement on a separate page, or otherwise separating the security interest provisions from other contract and disclosure provisions.
  3. Reference to a specific amount of deposited funds or to a specific deposit account number.

Of these three indicia, perhaps the most challenging to implement involves referencing a specific amount of deposited funds.  In the American Airlines case, the court noted that courts are split as to how specific the reference language must be. In this case, the court held that reference to accessing “all” accounts is insufficient.  Instead, the credit union should have referred to a specific account number, or highlighted the full amount that could be taken in the event the security interest was executed.

So ends your compliance lesson for the day.  I hope you enjoyed your weekend.



August 24, 2015 at 9:03 am Leave a comment

Older Posts

Authored By:

Henry Meier, Esq., Associate General Counsel, New York Credit Union Association

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 375 other followers



Get every new post delivered to your Inbox.

Join 375 other followers