NCUA issued a Regulatory Alert (21-RA-11) with the 2022 annual adjustments for three exemption thresholds under the Truth in Lending Act (TILA or Regulation Z) and the Consumer Leasing Act (CLA or Regulation M). The thresholds exempt loans from special appraisal requirements for higher-priced mortgage loans and determine exempt consumer credit and lease transactions under Regulation Z and Regulation M.

The 2022 thresholds, effective on Jan. 1, 2022, are an increase from the 2021 thresholds.

The CFPB also issued an annual adjustment to the maximum amount credit bureaus may charge consumers for making a file disclosure to a consumer under the Fair Credit Reporting Act (FCRA or Regulation V). The 2022 ceiling, effective on Jan. 1, will increase from the 2021 ceiling.

1 ) The appraisals for higher-priced mortgage loans exemption threshold for 2022 will increase to $28,500 from $27,200 based on the annual increase in the Consumer Price Index for Urban Wage Earners and Clerical Workers (CPI-W) in effect as of June 1, 2021.

2) The consumer credit and consumer lease exemption threshold for 2022 will increase to $61,000 from $58,300 based on the annual percentage increase in the CPI-W in effect as of June 1, 2021.

3) The credit bureau consumer report fee maximum allowable charges for 2022 will increase to $13.50 from $13.00, based proportionally on changes in the Consumer Price Index for all urban consumers. The ceiling does not affect the amount a credit union may charge its members or potential members, directly or indirectly, for obtaining a credit report in the normal course of business. Such cost is expected to be accurately represented in all advertising, disclosures, or agreements, whether presented orally or in written form.

Source:https://news.cuna.org/articles/120322-compliance-2022-thresholds-for-regulations-z-m-v

This regular publication by DLA Piper lawyers focuses on helping clients navigate the ever-changing consumer finance regulatory landscape.

Enforcement actions

Federal

CFPB files complaint against debt buyers for debt-placement practices. The Consumer Financial Protection Bureau (CFPB) filed a complaint in the US District Court for the Western District of New York against a group of New York-based companies and their principals for unfair, deceptive or abusive acts or practices (UDAAP) and Fair Debt Collection Practices Act (FDCPA) violations in connection with buying and placing debts with third-party debt collectors. The CFPB alleged that the companies, which collectively managed more than $8 billion in debt, (i) intentionally disregarded red flags from compliance staff that their third-party collectors were engaged in deceptive and abusive debt-collection practices, such as making false threats of arrest, jail time or lawsuits if consumers did not pay and (ii) intentionally increased the amount of business with such companies.

CFPB announces inquiry into “buy now, pay later” credit providers. The CFPB has issued a series of orders to five companies offering “buy now, pay later” (BNPL) credit in an effort to gather information on the risks and benefits of this type of lending. The CFPB expressed concern that (i) this type of lending could lead to the accumulation of large amounts of debt by unqualified consumers with subprime credit histories, (ii) BNPL lenders may not be adequately applying consumer protection laws and (iii) it needed to better understand BNPL lenders’ data collection, behavioral targeting and data monetization practices. A sample copy of the CFPB’s order to BNPL lenders is available here.

FTC announces $675,000 settlement and permanent ban against merchant cash advance provider for deceptive marketing and abusive collection practices. The FTC announced a stipulated order with a New York-based merchant cash advance lender for alleged unfair and deceptive acts and practices (UDAP) and Gramm-Leach Bliley Act (GLBA) violations. The FTC alleged that the lender misrepresented the terms of loans issued to small businesses, made unauthorized withdrawals from customer accounts and engaged in unlawful collection practices, including the illegal use of confessions of judgment and threatening customers with physical violence.

FTC announces settlement with mortgage analytics firm for data security violations. The FTC announced a settlement with a Texas-based mortgage analytics firm for alleged violations of the GLBA Safeguards Rule. The FTC alleged that the firm hired an outside vendor to perform text recognition scanning on mortgage documents, most of which included sensitive consumer data. The vendor stored these documents on an unsecure server without any protections to block unauthorized access. The server was allegedly accessed in an unauthorized manner dozens of times. The settlement will require the firm to bolster its data security protections and oversight of vendors to ensure compliance with the Safeguards Rule.

FTC announces $12 million settlement and permanent ban against debt collectors for phantom debt collection. The FTC announced a settlement with several South Carolina-based debt collection companies and their principal for alleged Fair Debt Collection Practices Act (FDCPA) violations. The FTC alleged that the defendants used threats of imminent legal action to collect payments for consumer debts that were not real or that the companies had no right to collect. In addition to the monetary judgment, which is partially suspended due to inability to pay, the defendants are required to surrender numerous assets, including bank accounts, investment accounts and real estate owned by the companies or their principal.

FTC announces $500,000 settlement with payment processor for assisting in fraudulent student loan relief scheme. The FTC announced a stipulated order with a Washington-based payment processor for alleged violations of the Telemarketing Sales Rule (TSR). The FTC alleged that the payment processor knowingly processed approximately $31 million in payments for a student loan debt relief company that was charging illegal upfront fees from borrowers, during which the payment processor ignored multiple red flags including high return rates and multiple company name changes. The order also permanently bans the payment processor from processing any future payments relating to “Debt Relief Services,” including, but not limited to, the student loan-related debts.

State

California DFPI announces settlement with auto lender for loan marketing and servicing violations. The California DFPI announced a consent order with an auto lender for alleged violations of the California Fair Access to Credit Act’s interest rate cap of approximately 36 percent. The DFPI alleged that the lender was unlawfully partnering with an out-of-state bank in order to circumvent the interest rate cap. The consent order (i) prohibits the lender from marketing or servicing automobile title loans worth less than $10,000 with interest rates greater than 36 percent in the State of California over the next 21 months and (ii) prohibits the lender from making any loans available through a state-chartered bank partner until September 2023, unless there is an intervening change in the law or regulation that would otherwise permit it to do so.

Source: https://www.lexology.com/library/detail.aspx?g=43821fc9-dfb0-4a37-9ec3-4eaa61595327

KEY POINTS

1) The average rate on the popular 30-year fixed loan will rise to 4%, according to the Mortgage Bankers Association’s forecast.

2) Refinance originations will drop 62% in 2022 to $860 billion.

3) However, mortgage originations for the purpose of buying a home are forecast to rise 9% to a record of $1.73 trillion in 2022.

Rising interest rates will result in a sharp drop in refinance demand in 2022, meaning a lot less business for mortgage bankers, according to the Mortgage Bankers Association’s just-released annual forecast. It predicts total origination volume will drop 33% to $2.59 trillion.

The average rate on the popular 30-year fixed loan will rise to 4%, a full percentage point higher than it is now, MBA economists say.

That will result in a 62% drop in refinance originations to just $860 billion. It deepens the anticipated 14% decline in 2021 to $2.26 trillion

“The economy and labor market rebounded in 2021, but overall growth fell short of expectations because of stubborn supply chain issues that fueled faster inflation, slowed consumer spending, and presented challenges in filling the record number of job openings available,” said Michael Fratantoni, chief economist at the MBA. “With inflation elevated and the unemployment rate dropping fast, the Federal Reserve will begin to taper its asset purchases by the end of this year and will raise short-term rates by the end of 2022.”

Originations for the purpose of buying a home, however, are forecast to rise 9% to a record of $1.73 trillion in 2022.

Overall, this will mark a change from the record-high production profits of 2020, when interest rates fell to record lows and homebuyer demand soared due to the coronavirus pandemic. The drop will likely result in increased competition among lenders.

“Many lenders will rely more heavily on their servicing business to achieve financial goals,” said Marina Walsh, vice president of industry analysis at the MBA. “The servicing outlook is more complicated today, with the expiration of many COVID-19-related forbearances and the need to place borrowers into post-forbearance workouts.”

Walsh added that servicing costs may rise as servicers work to meet the needs and requirements of borrowers, investors and regulators.

Source: https://www.cnbc.com/amp/2021/10/18/real-estate-mortgage-originations-will-drop-33percent-in-2022-as-interest-rates-rise.html

WASHINGTON, D.C. – The Consumer Financial Protection Bureau (CFPB) today announced that two final rules issued under the Fair Debt Collection Practices Act (FDCPA) will take effect as planned, on November 30, 2021. The CFPB issued a proposal in April 2021 that, if finalized, would have extended the effective dates to January 29, 2022. The CFPB has now determined that such an extension is unnecessary. Following this announcement, the CFPB will publish a formal notice in the Federal Register withdrawing the April 2021 proposal.

The CFPB proposed extending the final rules’ effective date by 60 days to allow stakeholders affected by the COVID-19 pandemic additional time to review and implement the rules. The public comments generally did not support an extension. Most industry commenters stated that they would be prepared to comply with the final rules by November 30, 2021. Although consumer advocate commenters generally supported extending the effective date, they did not focus on whether additional time is needed to implement the rules. The alternative basis for an extension that many commenters urged, a reconsideration of the rules, was beyond the scope of the NPRM and could raise concerns under the Administrative Procedure Act. Nothing in this decision precludes the CFPB from reconsidering the debt collection rules at a later date.

Two final rules under the FDCPA will take effect in November. The first rule, issued in October 2020, focuses on debt collection communications and clarifies the FDCPA’s prohibitions on harassment and abuse, false or misleading representations, and unfair practices by debt collectors when collecting consumer debt. The second rule, issued in December 2020, clarifies disclosures debt collectors must provide to consumers at the beginning of collection communications. The second rule also prohibits debt collectors from suing or threatening to sue consumers on time-barred debt. Additionally, the second rule requires debt collectors to take specific steps to disclose the existence of a debt to consumers before reporting information about the debt to a consumer reporting agency.

The CFPB is committed to informing consumers about their rights and protections under the rules and assisting debt collectors in implementing them. Consumer education materials on debt collection and resources to help debt collectors understand, implement, and comply with the rules are available through consumerfinance.gov.

The CFPB will consider additional guidance for debt collectors, including those that service mortgage loans, as necessary. The CFPB recognizes that mortgage servicers are expected to receive a potentially historically high number of loss mitigation inquiries in the fall as large numbers of borrowers exit forbearance and that, as a result, mortgage servicers in particular may face capacity constraints. The CFPB will continue to work with all market participants to ensure a smooth and successful implementation.

The Consumer Financial Protection Bureau (CFPB) is a 21st century agency that helps consumer finance markets work by making rules more effective, by consistently and fairly enforcing those rules, and by empowering consumers to take more control over their economic lives. For more information, visit www.consumerfinance.gov.

Source: https://www.consumerfinance.gov/about-us/newsroom/cfpb-confirms-effective-date-for-debt-collection-final-rules/

A former executive at Loan Depot dropped a bombshell on the mortgage industry late Wednesday, alleging in a lawsuit that the California-based nonbank lender, in a ploy to drum up money during the refi boom and in preparation for its initial public offering, closed thousands of loans without proper documentation.

The suit, filed by Tammy Richards, former chief operations officer, accuses loan Depot’s CEO, Anthony Hsieh, of ordering the sales team to “trust [their] borrowers” and close loans, disregarding proper underwriting etiquette. 

Richards claims that this demand was announced during a production meeting in August 2020, where Hsieh allegedly screamed, “I am Mello Clear, and we must immediately close loans regardless of documentation.” Top executives at Loan Depot allegedly didn’t bat an eye at Hsieh’s tactics.

After two months, the same point was made to Ms. Richards, with Hsieh allegedly announcing that the sales team needs to “close all loans…close without credit reports…close without documentation…close all loans.”

Closing loans without documentation violates federal laws, including the Dodd-Frank Act, which requires mortgage originators to follow minimum standards for all mortgage products. The landmark legislation also prohibits lenders from making loans unless they reasonably determine that the borrower can repay based on documentation that proves credit history, and current and expected income.

Officials from the Consumer Financial Protection Bureau, the Federal Housing Finance Agency and Fannie Mae and Freddie Mac did not immediately respond to requests for comment by HousingWire. 

Richards’ suit, filed in California Superior Court in Orange County, claims that her refusal to comply with Hsieh’s demands, specifically with closing loans without credit reports, resulted in her demotion in November.

Richards claims that after her demotion, executives at Loan Depot hatched a strategy dubbed “Project Alpha” in which Hsieh allegedly personally identified over 8,000 loans that were closed without proper documentation. Two-hundred processors were put in charge of closing these loans in exchange for extra bonuses at the end of the year, the lawsuit claims.

Richards accuses the CEO, who founded Loan Depot in 2009, of directing the company’s Chief Credit Officer, Brian Rugg, to refrain from auditing the 8,000 loans.

Richards, who at one point oversaw 4,000 employees, said she was eventually forced out of her job for refusing to break the rules. After a stint on medical leave, she resigned in March 2021.

The lawsuit filed by Richards also includes multiple allegations that male company executives created and enforced a “misogynistic frat house culture” that routinely led to women being harassed and demeaned. 

The nonbank mortgage lender disputed the claims made by Richards, who worked in senior roles at Wells Fargo, Bank of America, Caliber Home Loans and Countrywide Financial (one of the bad actors in the subprime loan crisis) before joining Loan Depot. 

“Loan Depot is committed to operating at all times according to ethical, responsible and compliant business practices,” a statement from the company read.

“The claims in the lawsuit, which we take very seriously, were previously thoroughly investigated by independent third parties and found to be without merit,” Loan Depot said, without providing further information about who conducted these investigations and when they occurred. “We intend to defend ourselves vigorously against these outlandish allegations…”

Loan Depot, the nation’s second-largest nonbank retail mortgage lender, went public in February, selling 3.85 million shares at $14 and raising $54 million. The company filed reports that showed its revenues increased from $1.3 billion in 2019 to $4.3 billion in 2020, according to Securities and Exchange Commission filings. The company originated about $100.7 billion in loans in 2020.

Hsieh has been the biggest beneficiary of the IPO – as the largest shareholder, last year he took advantage of a one-time discretionary performance bonus of $42.5 million.

In recent months, the nonbank lender moved to appoint new faces to their board of directors, including Pamela Hughes Patenaude, a former deputy secretary of the U.S. Department of Housing and Urban Development and Mike Linton, marketing expert who currently serves as chief revenue officer at genomics firm Ancestry.

The company was trading at $6.98 late Thursday afternoon, with a valuation of $2.1 billion.

Source: https://www.housingwire.com/articles/ex-loandepot-coo-tony-hsieh-cut-corners-to-boos

The Consumer Financial Protection Bureau is back — with a vengeance

As summer begins, while things may look relatively quiet on the CFPB mortgage servicing enforcement front, those of us who remember the CFPB’s early days following the 2008 foreclosure crisis have a different view: What we are seeing now has all the hallmarks of the calm before a huge storm.

President Joe Biden’s nomination of progressive firebrand Rohit Chopra to lead the bureau was the first hint, but the surprise move has been the very meaningful tenure of Dave Uejio as acting director. Despite his centrist credentials, Biden has skewed dramatically to the left with several key appointments and initiatives, and both he and Uejio have made racial equity an administration, and bureau, mantra. Uejio, further, is a wild card who has moved quickly to establish himself in his brief but substantive tenure as acting director.

In a video released June 2,[1] Uejio again committed the bureau to racial justice, speaking in personal terms as a Japanese-American being the “target of hatred and violence on the basis of my race.”

“Rest assured,” he concluded, the CFPB will take action against institutions and individuals whose policies and practices prevent fair and equitable access to credit, or take advantage of poor, underserved and disadvantaged communities.”

On the mortgage front, the CFPB enforcement actions we see today are primarily the product of investigations commenced before the new administration. And while the CFPB has proposed rules[2] to clarify technical aspects of COVID-19 relief implementation in loss mitigation, along with a temporary pause on foreclosures, we have yet to see the regulatory avalanche some anticipated.

But the dynamic has plainly changed, and the bureau has launched several warning volleys. On March 31, the CFPB issued Bulletin No. 2021-02,[3] aptly named “Supervision and Enforcement Priorities Regarding Housing Insecurity,” warning servicers to:

[D]edicate sufficient resources and staff to ensure they can communicate clearly with borrowers, effectively manage borrower requests for assistance, promote loss mitigation, and ultimately reduce avoidable foreclosures and foreclosure-related costs.

Further, at a recent mortgage bankers conference, Uejio warned that servicers may be entitled merely to equitable foreclosure recoveries.

Housing security is likewise a focus of CFPB research. At the bureau’s fifth research conference in early May,[4] researchers presented reports focused both on mortgage credit and housing security, “given that mortgage balances make up the largest component of household debt and housing equity accounts for the majority of wealth for the median homeowner.”

Likewise, on May 27, the bureau issued a report on manufactured house financing,[5] decrying the high interest rates and credit barriers that the bureau claims afflict that industry.

Finally, the CFPB has joined other regulators in expressing interest and seeking information about artificial intelligence.[6] Such scrutiny might adversely affect not just automated underwriting, but also the way mortgage servicers systemically deal with borrowers in distress.

This is a critical time for the CFPB, and we expect its regulatory and enforcement actions in the mortgage space to effect a sea change by 2022.

These early signals are just the beginning of what is likely to be a rocky ride for mortgage servicers. As disruptive as the past foreclosure moratoria and new loss mitigation requirements were, the result was to dramatically slow and, for long periods of time, outright stop the volume of foreclosures needing to be processed.

This period will likely be far more chaotic as servicers continue to implement the new programs and restrictions while at the same time returning to foreclosure and eviction volumes rivaling 2010. This will occur as the CFPB gears up for an intense few years of activity by ramping up staff with new hires.[7]

Consider as well that, to date, the above has been occurring against the backdrop of rapid recovery of the job market and historically low mortgage interest rates. What will happen without a full recovery, and in an environment of rising interest rates associated with inflationary pressures?

Will this become an existential moment for the CFPB? We doubt it. But, if the public, and the politicians who answer to it, come to view the CFPB as having failed in this critical moment, structural reform — toward or away from either end of the ideological spectrum — would not be a surprising future outcome after the next presidential elections.

This likely will lead to splash headlines and major enforcement efforts from the CFPB directed at mortgage servicers, and a natural political target in times of stress. Resolving a now yearslong foreclosure backlog will likely give regulators a target-rich environment in which to work.

Source:https://www.law360.com/articles/1390766/mortgage-servicers-should-prepare-to-be-in-cfpb-crosshairs

Somehow, the qualified mortgage (QM) rules have become even more complicated. Our Financial Services & Products Group parses how the death of the QM Patch will affect creditors seeking to originate residential mortgage loans under Fannie Mae, Freddie Mac, or Consumer Financial Protection Bureau regulations.

1) QM Patch loans are no longer eligible for purchase or guarantee by Fannie or Freddie

2) 5 options for creditors originating QM loans

3) What are the revised QM loan rules?

Whether they realize it or not, absent a last-minute intervention from the Federal Housing Finance Agency (FHFA), effective July 1, 2021, creditors will no longer be able to originate qualified mortgage loans using the “QM Patch.” The reason for this dramatic event is that on April 8, 2021, Fannie Mae and Freddie Mac announced in separate pronouncements that effective for loans with application dates after June 30, 2021 (for Fannie Mae; for Freddie Mac, applications received on or after July 1, 2021), the loans must conform with the revised qualified mortgage (QM) loan rules—and cannot be QM Patch loans. Stated another way, since the FHFA is terminating the QM Patch, loans underwritten to the QM Patch after July 1, 2021 will no longer be eligible for sale to the government-sponsored enterprises (GSEs), and in effect, the QM Patch disappears after that date. This development contradicts the Consumer Financial Protection Bureau’s (CFPB) final rulemaking delaying the mandatory effective date of the revised QM rules until October 1, 2022. Under that CFPB rulemaking, during the period between March 1, 2021 and October 1, 2022, the CFPB intends for creditors to have the option of originating QM loans either under the legacy QM rules, including the QM Patch, or the revised QM rules.

Background

On December 10, 2020, former CFPB director Kathy Kraninger issued the revised QM rules that replaced Appendix Q and strict 43% debt-to-income ratio (DTI) underwriting threshold with a priced-based QM loan definition. The revised QM rules also terminated the QM Patch, under which certain loans eligible for purchase by Fannie Mae and Freddie Mac do not have to be underwritten to Appendix Q or satisfy the capped 43% DTI requirement. The rule was to take effect on March 1, 2021, but compliance would not be mandatory until July 1, 2021. Under the rulemaking, the QM Patch would have expired on the earlier of July 1, 2021 or the date that the GSEs exit conservatorship.

On April 27, 2021, the CFPB promulgated a final rule delaying the mandatory compliance date of the revised QM rule from July 1, 2021 to October 1, 2022. Notably, under this rule, the QM Patch is extended to October 2022, which gives creditors the option of originating QM rules under either the legacy QM rules or the revised QM rules between March 1, 2021 and October 1, 2022.

This “optionality” has been partially negated by the GSEs’ April 2021 pronouncements in which they announced that they, in effect, will adhere to the mandatory effective date of the revised QM rules as originally promulgated by Kraninger in December 2020. In particular, in Fannie Mae Lender Letter 2021-09, Fannie Mae indicated it will no longer acquire loans that are QM Patch loans that do not meet the revised QM rules.

To be eligible for purchase by Fannie Mae, QM Patch loans must:

1) have application dates on or before June 30, 2021, and

2) be purchased as whole loans on or before Aug. 31, 2021, or in MBS pools with an issue date on or before Aug. 1, 2021.

Similarly, in Freddie Mac Bulletin 2021-13, Freddie Mac noted that it will no longer purchase QMs under the QM Patch effective for mortgages with “Application Received Dates” on or after July 1, 2021 and all mortgages with “Settlement Dates” after August 31, 2021.

On May 26, 2021, Fannie Mae and Freddie Mac issued additional guidance reiterating that QM Patch loans that do not meet the revised QM rule must have application dates on or before June 30, 2021. This GSE guidance indicates that single-closing construction-to-permanent loans with application dates before July 1, 2021 that meet the QM Patch (and do not meet the revised QM rules) can be purchased or securitized on or before February 28, 2022.

Under the relevant CFPB regulations governing the QM Patch, a loan must, among other things, be eligible to be “purchased or guaranteed” by Fannie Mae or Freddie Mac. Stated another way, if the loan is not eligible for purchase or guarantee by Fannie Mae or Freddie Mac, the creditor may not avail itself of the QM Patch. Therefore, the GSEs’ April 2021 pronouncements indicating that effective July 1, 2021, QM Patch loans would no longer be eligible for sale to Fannie Mae and Freddie Mac sounds the death knell for the QM Patch notwithstanding the CFPB’s intention to extend it to October 2021.

The Takeaway

1) Commencing March 1, 2021, creditors may underwrite to the revised QM rules.

2) At this juncture, for non-agency loans, the revised QM rules become mandatory on October 1, 2022.

3) For Fannie Mae and Freddie Mac, however, the revised QM rules become mandatory on July 1, 2021, meaning that the QM Patch effectively terminates on July 1, 2021—and that all loans sold to Fannie and Freddie must comply with the revised QM rules, effective July 1, 2021.

4) From March 1, 2021 until October 1, 2022, creditors not selling loans to Fannie and Freddie may continue to underwrite to the legacy QM rules; however, commencing July 1, 2021, legacy QM loans must be underwritten to Appendix Q and NOT to the QM Patch. Stated another way, since the FHFA is terminating the QM Patch, loans underwritten to the QM Patch after July 1 will no longer be eligible for sale to the GSEs, and in effect, the QM Patch disappears after that date, notwithstanding the CFPB’s intent for it to continue until October 1, 2022.

5) Hence, for non-agency loans, from July 1, 2021 until October 1, 2022, legacy QM loans must be underwritten in accordance with Appendix Q.

Source: https://www.jdsupra.com/legalnews/the-qm-patch-is-down-for-the-count-8740196/

It has been a week of staggering home prices increase news which has seen the median existing home price surge to a record $350,000

while today we learned that the median new home price surged 18%, also to a record $374,400 (the average selling price was also a record $430,600)

Remarkably summing up what’s going on in the housing market, veteran housing analyst Ivy Zelman said she was seeing “hyperinflation” in the US housing “ecosystem” fraught with labor and materials bottlenecks.

Zelman’s warning comes as investors are closely watching whether a broad surge in inflation as the economy recovers from pandemic lockdowns will prove to be transitory. At least it validates one part of a recent Bank of America warning which said that the US is facing “hyperinflation” if transitory. Well we now have the hyperinflation part; for the sake of the dollar and cilivization, one can only hope that BofA is also right about the transitory part.

Speaking in a Wednesday webcast with Walker & Dunlop Chief Executive Officer Willy Walker, CEO of real estate research firm Zelman & Associates cited a truck-driver shortage along with shipping constraints and soaring costs as among the biggest problems homebuilders are facing. She underscored difficulty in moving shingles from Canada to the U.S. in particular, along with kinks in the supply chain for other staple building materials including drywall and insulation.

And, confirming the sudden drop in new transactions, Zelman also warned that home buyers are stretched.

“At some point the consumer cries uncle,” she said, quoted by Bloomberg.

She also warned that surging prices today could lead to tumbling prices tomorrow, cautioning about the impact of higher interest rates on home prices and the prospects the Fed may start to taper asset purchases. While more supply is set to come on the market eventually, Zelman sees homebuilder stocks as expensive, and she envisions a tough second half. Her cautious stance would accelerate if rates were to rise.

Perhaps in response to her warning, or today’s huge miss in new home sales, homebuilder stocks fell with the S&P homebuilding index closing down 1.2% on Wednesday after paring a drop of as much as 2.5%. Lennar Corp., M/I Homes Inc., PulteGroup Inc. and D.R. Horton Inc. were among worst performers. The index has dropped more than 13% from its all-time high in May.

Zelman’s “hyperinflation” warning echoes a recent analysis from Bank of America in which the bank’s chief economist Michelle Meyer said that the US economy “is facing an imbalance: a burst in demand has been met with constrained supply. Economics 101 tells us that when the demand curve shifts more than the supply curve, prices will rise, which continues until the balance is restored from a combination of slowing demand and greater supply.”

This narrative, Meyer said, describes the US housing market. Demand for housing climbed higher in the months following the onset of the pandemic, leaving existing home sales to reach a peak of 6.7 million saar in October, the highest since 2006. This has left builders to scramble to respond, sending building permits to a high of 1.9 million saar in January. The result: home prices and building costs have surged higher.

And while prices are soaring, the long journey to restore the equilibrium has at least started as existing home sales have come off the highs and housing starts have increased. For what it’s worth, Bank of America thinks existing home sales will continue to moderate while starts run at a high 1.6 million pace through this year and next until supply has returned to the historical average between 5-6 months, eventually allowing home price appreciation to cool. But, as Meye warns, “this will not be resolved overnight – it will be a long journey to balance the housing market.”

So yes, hyperinflation now… and utopia at some indefinite point in the future.

For those curious, BofA has summarized the recent housing trends in charts covering four key themes:

Signs from the recent data: Mortgage purchase applications and existing homes sales have been declining this year and are expected to slip further. In contrast, we see upside for new home sales and housing starts but with speed bumps due to high costs.

Surveys show discouraged buyers: As shown above, buyer sentiment has fallen to the lowest since 1982, reportedly due to high prices. But yet paradoxically homebuilder sentiment is holding close to record highs given exceptionally low inventory. This can only end in tears.

Builders are facing incredible cost pressure: All else equal, the rise in the price in lumber and related products has added over $34K to the price of a new home over the past year. The sharp gains in builder costs are starting to hold back production.

Double-digit home price gains are not sustainable: Home prices have soared over the year. The trajectory is unsustainable and price appreciation should cool next year but only slowly given the extreme imbalance between supply and demand.

Source: https://www.zerohedge.com/markets/industry-icon-sees-housing-hyperinflation

As housing professionals navigate regulatory changes and accelerated tech adoption, wire and title fraud risk factors in mortgage and real estate closings increased almost 90% in the last quarter. According to an analysis by MISMO-certified wire and title fraud prevention Fintech FundingShield, wire and title fraud risk factors in mortgage and real estate closings saw an increase of 87.79% overall across all transaction types in Q1 2021. These risk factors increased from 19.02% in Q4 2020 to 35.75% in Q1 2021.

FundingShield noted that a variety of risk factors could be contributing to these numbers – for example, compliance issues and an increase in transaction data errors. In fact, the report found that 58% of loans that had at least one issue contained multiple errors per transaction.

Other risk factors included problems such as invalid representations by closing agents, invalid/expired licensing, invalid/unregistered title documents, transactions not booked in title insurers’ systems and unauthorized practice of law (UPL violation risk). Wiring and bank account issues such as wire fraud attempts, altered wire account information, compromised bank accounts, and merged and/or closed or otherwise inactive bank accounts also played a part in the increased risk to wire fraud and funding control issues.

Regulatory changes and challenges

Contributing to the risk of wire and title fraud were significant challenges in the regulatory and risk areas for lenders during the first quarter of the year. Updated regulations and an eye toward tighter enforcement have raised new potential for compliance issues – and changes can also provide opportunities for bad actors to insert themselves into the process.

On March 1, 2021, the use of the new Uniform Residential Loan Application (URLA) became mandatory, per Fannie Mae and Freddie Mac, after the impact of the coronavirus delayed last year’s planned implementation. Lenders could begin using the new URLA form, which includes 48 new data points, on Jan. 1, 2021, but it became mandatory after March 1.

In order to use the updated URLA as mandated, lenders needed to ensure that the new form was supported by their tech stack. Otherwise, implementation could potentially disrupt the origination process and lead to errors contributing to fraud risk. These workflow changes required resources from lenders to ensure compliance, which could potentially have taken resources from other risk management areas.

The first quarter of 2021 also saw a changeover in leadership as the Biden administration entered the White House. President Biden appointed FTC Commissioner Rohit Chopra to lead the Consumer Financial Protection Bureau, signaling for many that the administration could be preparing to return the CFPB to a more stringent watchdog status.

A more active approach to enforcement means lenders are likely preparing to work even harder to ensure compliance, while keeping an eye out for any regulatory changes. FundingShield has cited numerous lenders reaching out to discuss closing agent compliance strategies, given indications that third-party service provider oversight as well as the impacts of wire fraud on the industry are top of mind for regulators.

Lingering effects of COVID-19

COVID-19 has continued to have an impact on fraud risks as well, necessitating an extremely accelerated adoption of technology. While this has enabled business continuity, the disruption in normal workflows could have caused errors or created opportunities for fraudsters to step in.

Additionally, ongoing forbearance concerns and CARES Act impacts have created an environment in which criminals may take advantage of confused or concerned borrowers to commit fraud, such as identity theft, intercepting payments and email compromise.

eClosing complications

The increased acceptance and use of eClosing platforms have also contributed to the growth of wire and title fraud risk, FundingShield states in its report. According to an American Land Title Association survey of major vendors working in the remote online notarization space, the adoption of RON skyrocketed 547% in 2020 alone, in part due to more states passing permanent RON legislation as well as the need for virtual closings during the pandemic.

While eClosings have proven invaluable for health and safety and enable a faster closing cycle, these platforms and their integrated partners do not always prioritize wire and title fraud risk management and prevention. Additionally, increased closing cycle speed can create vulnerabilities in the process if data is not being actively verified on a real-time basis, providing live information to help lenders mitigate fraud.

“Third-party oversight of wire and title fraud risk is currently lacking in eClosing workflows, and until they integrate with wire and title fraud prevention fintech solutions, these risks will continue to grow,” FundingShield CEO Ike Suri said. “We are swamped with integration exercises with eClosing partners seeking to protect and secure the journey.”

Conclusion

Given the above challenges as well as the continued stress placed on insurance and risk markets due to COVID-19, it’s evident that preventative solutions for wire and title fraud are necessary. Lenders should work not only to educate and inform borrowers about the risks of fraud but should ensure that their technology helps prevent and manage those risks as well.

To read FundingShield’s full Wire and Title Fraud Index for Q1 2021, click here. For historical quarterly reports or further information reach info@fundingshield.com.

Source: https://www.housingwire.com/articles/fraud-risk-factors-at-closing-increased-almost-90-last-quarter/

State Notifications Deemed to Trigger DFS Reporting of Non-material Breaches

Two successive Consent Orders have demonstrated the seriousness of non-compliance with New York’s Department of Financial Services financial regulations.  While not surprising given the relatively egregious facts of the two cases, DFS’s unprecedented interpretation of the ‘other’ reporting prong of DFS Part 500.17(a) – any notice to another regulatory authority even if the incident is not material – creates a potential hidden standard for the timing of reporting such incidents.

In March 2021, the New York State Department of Financial Services (“DFS”) entered into a consent order with Residential Mortgage Services (“Residential”), a mortgage loan service company based in Maine, which required Residential to pay a $1.5 million penalty for violating DFS’s cybersecurity regulation, as well as undertake certain remedial measures.

Residential’s cybersecurity event, defined by the regulation as “any act or attempt, successful or unsuccessful, to gain unauthorized access to, disrupt or misuse an Information System”, occurred when an employee responded to a phishing email with the false appearance of a signature of a business partner.  Although this act compromised the employee’s credentials, Residential also required a multi-factor authentication process, which typically acts as a safety net in security protocols.  Unfortunately for Residential, the employee then compounded the initial compromise by subsequently successively authenticating four fraudulent multi-factor authentication requests, after business hours, simply by tapping her phone.  On the following day, prompted by yet another fraudulent attempted authentication request, the employee notified Residential’s IT department of the compromise.  In response however, after it determined that the compromise was limited to the employee’s email, Residential did not undertake any further investigation, despite the employee’s access and use of sensitive personal identifiable financial information of Residential’s customers.  Further, Residential did not report the compromise to individuals whose personal data was potentially compromised by the hacker’s access to the email account.

Months later, Residential Mortgage Services’ Chief Information Security Officer (“CISO”) certified to DFS that Residential was in compliance with DFS cyber-security regulations.  It is not clear whether the CISO was aware of the incident, or conducted any due diligence within Residential before making the certification.  As part of a routine audit, DFS discovered certain compliance issues, undertook a more in-depth review of Residential, and ultimately uncovered the incident.

The compliance breakdowns within Residential in connection with the incident were many, presumably leading to the significant penalty to which Residential agreed:

1) Inadequate training of employees on standard security protocols;

2) Failure to implement an incident response process;

3) Failure to investigate the likely compromise of personal financial information;

4) Failure to report the likely compromise of personal financial information under state notification statutes;

5) Failure to report the incident to NYDFS (which DFS implicitly asserted is required even if the incident was not ‘material’ under DFS regulations, so long as another supervisory authority was or should have been notified); and

6) Failure to undertake appropriate due diligence before certifying compliance with DFS requirements.

Particularly worthy of note is the position by DFS that even if there was no “reasonable likelihood of materially harming any material part of the normal operation(s) of the covered entity” notice to DFS nevertheless was required because notice was required to be given “to any government body, self-regulatory agency or any other supervisory body”, specifically via state breach notification laws.

In another Consent Order entered just a few days later involving National Securities Corporation (NSC), DFS imposed a penalty of $3 million, for violations similar to those found in Residential, including improper certification of compliance notwithstanding knowledge of security shortcoming evidenced by breaches, further complicated by NSC’s failure even to implement adequate security measures, including full Multi-Factor Authentication (MFA).

As with Residential, DFS asserted that any notifications by NSC that would have been required to state authorities automatically required notifications to DFS, again implying that the materiality standard otherwise required to trigger reporting to DFS is no longer relevant.  Particularly noteworthy in the NSC order is the express reference to the 72-hour notification deadline, which DFS seemed to assert was triggered as soon as NSC became aware that state regulatory authorities had to be notified under state breach notification laws, essentially eliminating any requirement of materiality.

The potential consequences of the DFS interpretation could be quite significant for those entities regulated by DFS that experience an incident reportable to any state regulatory authority (which is required by a majority of the state breach notification laws, with varying triggering thresholds), or potentially the FDIC.  While virtually no state  requires notification sooner than “reasonably practicable”, and a few states require notification within 30 days (other than Vermont under certain circumstances, which demands 14 days), the interpretation advanced by DFS in the Residential and NSC Consent Orders, if applied in similar circumstances to other DFS-regulated entities experiencing breaches that would not otherwise be characterized as material by DFS, could have the perverse effect of substituting the DFS 72 hour deadline as the de facto default standard for all states that require notification to state authorities.¹

Companies subject to the new DFS regulations or in related industries should pay particular attention to these developments for several reasons.  This enforcement was a matter of first impression and demonstrates the potential consequences of overlooking parallel notifications to DFS whenever state regulators are notified, and that incorrect DFS certifications by CISOs will be sanctioned severely.  Further, the regulation has served as a model for other regulators who are interested in a more prescriptive approach.  Following the enactment of DFS’s regulations, both the U.S. Federal Trade Commission and National Association of Insurance Commissioners have looked to the regulation as model for their own regulations, and that others are likely to follow.

---

¹ Notice to DFS may be submitted confidentially; under 23 NYCRR 500.18, information provided is subject to exemptions from disclosure under Baking law, insurance law, financial services law, public officers law and other applicable law.  Nevertheless, a data controller subject to DFS could find itself in the unenviable position of having to file a protective notice to DFS within 72 hours of discovering a breach that could be reportable to any state regulatory authority under state law, but before having the opportunity to investigate the incident to assess its full consequences, or perhaps even its ultimate reportability if it is determined that there is no likely risk of harm to the data subject.  There are likely to be other significant derivative consequences if such protective notifications are deemed required, that any impacted entity will also have to take into account.

Source: https://www.jdsupra.com/legalnews/new-york-department-of-financial-3317217/