Article Details


HMDA in 2018: New Rule Shifts Focus to Process - Ellen Rose

Ellen Rose
New Coordinates
Outlook 2018

Financial services companies and their systems vendors spent a lot of time and money in 2017 preparing to comply with reporting requirements established in Regulation C of the Home Mortgage Disclosure Act (HMDA), a law requiring greater transparency about how lenders serve communities. The 797-page rule, which the Consumer Financial Protection Bureau (CFPB) issued in October 2015, took effect on January 1, 2018. At first glance, the rule seems simple—report more data—but as companies have dug deeper into the regulation, they’ve realized that operational processes play a critical role in defining the information that will reside in the reportable data points. For example, the loan amount is not necessarily the loan amount!

Gears turning old way and new way

Behind the New Processes
Many observers have written about the rule’s fundamental changes and technology requirements. But importantly, new reporting also means new processes.

For starters, the number of data elements required for 2018 has more than tripled from those previously required. Very few data points remain the same and numerous new ones have been added.

Additionally, loans that have never previously been reported must be reported. Companies need to remember to include their consumer loan departments in their preparation (ideally, they already have). Never before were home equity loans and lines of credit (HELoans and HELOCs, respectively) required in the loan application register (LAR). Nor were reverse mortgages or chattel mortgages (loans secured by manufactured homes). Even houseboats must be reported. Any loan that is secured by a dwelling must be reported.

And now, for the first time, mortgage servicing companies may need to report purchased loans. This impacts many operational processes that were previously exempt. Also covered now are consumer loan originators.

In addition to new data points, the CFPB has introduced the concept of “relied upon” for several data points, such as income, property value, debt-to-income ratio, and credit score. It takes well-defined processes to analyze values that are relied upon to determine a borrower’s ability to repay.

Process Work: New Data Points
The introduction of new data points requires new processes to enter accurate information. Policies, procedures, training, and testing are necessary to ensure accuracy and integrity. Controls are needed at various points throughout the process. The following is a good example of a data element requiring an explicit and documented process to determine the correct information for reporting.

Automated Underwriting System (AUS)
The CFPB now requires a loan originator to report the “name of the automated underwriting system used by the FI [financial institution] to evaluate the application and the result generated by that system.”1 The following questions must be answered before a company can even build its process for collecting and reporting this information:

  1. Is an automated underwriting system being used to evaluate the loan?
  2. Does the automated underwriting system fit the CFPB’s definition of an AUS in Regulation C?2
  3. If using a proprietary system, is the system considered an AUS?3
  4. What if multiple AUSs are used to evaluate the loan?
  5. What if an AUS is used for a residence purchased by a corporation?
  6. Is an AUS used to qualify assumptions?
  7. Does the proprietary AUS require changes to generate results acceptable for reporting?
Depending on the answers, there may be a hierarchy of determinations required, especially for loans evaluated with more than one AUS. The CFPB has specified the logic used to derive the information that will be reported in the data elements. Companies may report up to five AUSs and the results. Many originators today run multiple systems multiple times for loans from government-sponsored enterprises (GSEs) such as Fannie Mae and Freddie Mac. Process changes need to include clearly identifying AUSs to report.

Process Work: Modified Data Points
In addition to adding new data points, changes to the regulation require that many existing data fields be modified to encompass the broader scope of reportable loan applications. How far a loan proceeds in its life cycle directly impacts the information that should be included in a data point.

Loan Amount
Reporting of the loan amount has been modified to account for HELOCs, reverse mortgages, purchases, and assumptions. Additionally, depending on where the application stops in the process (whether approved, declined, or withdrawn) determines which information is reported. If a reporter only has one field to fill in, the process, policies, and procedures will require changes to the data element along the application’s life cycle. If the originator has a pre-approval program, determining the information to be reported becomes more complicated. Some examples follow, based on analysis of the CFPB’s HMDA “Small Entity Compliance Guide,” Section 5.8.4

  1. If the borrower withdraws the application prior to the loan being approved, the loan amount is the amount requested by the borrower;
  2. If the borrower withdraws the application after the loan is approved, the loan amount is the approved loan amount
  3. If the loan is originated as a reverse mortgage, the loan amount is the initial principal limit amount;
  4. If the originated loan is an open-end line of credit, the entire amount of available credit is the loan amount reported; and
  5. If the loan is purchased or assumed, the loan amount is the unpaid principal balance at the time of the purchase or assumption.
Improving Processes
As seen in the examples above, operational processes play a critical role in ensuring reportable data elements contain accurate information. Companies should have already changed their processes, and (ideally) improved them at the same time, in preparation for January’s deadline for implementation. Testing and continuous process improvement throughout 2018 will make it much easier to meet the CFPB’s requirement for periodic HMDA data scrubbing.

The Rest of the Story
The CFPB takes accurate reporting very seriously. The Bureau has the authority to order companies to pay substantial civil penalties for failing to report accurate data about mortgage transactions. The enhanced reporting beginning this year will serve to tell the story of an application, of a borrower, and of a company. Data integrity, supported by well-designed and strictly controlled processes, is imperative to telling an accurate and good story.

View as PDF
Treliant Risk Advisors, Compliance, Risk Management, and Strategic Advisors to the Financial Services Industry, brings to you New Coordinates, a quarterly newsletter offering insights and information regarding pertinent issues affecting the financial services industry. This article appeared in its entirety in the Outlook 2018 issue. To subscribe to our quarterly newsletter, please Contact Us.

1 Summary of Reportable HMDA Data—Version 1.0, 10/15/2015

2 Home Mortgage Disclosure (Regulation C) Version 2.0z
In order to know or reasonably believe that a system is not developed by a securitizer, federal government insurer, or federal government guarantor of closed-end mortgage loans or open-end lines of credit, a financial institution must maintain procedures reasonably adapted to make such a determination. Reasonably adapted procedures include attempting to determine with reasonable frequency, such as annually, whether the developer of the electronic tool is a securitizer, federal government insurer, or federal government guarantor of closed-end mortgage loans or open-end lines of credit. For example, in the course of renewing an annual sales agreement the developer could represent to the financial institution that the developer is not such a securitizer, federal government insurer, or federal government guarantor of closed-end mortgage loans or open-end lines of credit. Comment 4(a)(35)-7.

3 If a financial institution has developed its own proprietary system that it uses to evaluate an application and the financial institution is also a securitizer, the system may be an AUS if it also meets the other elements of the AUS definition. On the other hand, if a financial institution has developed its own proprietary system that it uses to evaluate an application but the financial institution is not a securitizer, the system is not an AUS. Comment 4(a)(35)-2.


Theme picker