Contact Us

While it is impossible to foresee the future with complete precision, we wanted to share the steps we have taken and will continue to take to ensure the continuity of our services, while remaining committed to providing a safe and healthy environment for our employees.

Based on our existing Business Continuity Plan and some additional steps we have taken to respond to the unique threats posed by COVID-19, we are confident in our ability to provide our products and services to you without interruption.  It is important to note the fluidity of the COVID-19 threat. And, as such, Asurity is actively monitoring the guidance provided by the CDC, the WHO, government agencies, and other trusted information sources. Below is a summary of the steps being taken to address this very real and evolving threat:

Overall, our actions and policies will not change how we work with you or our ability to provide services. We will adjust as necessary to help keep everyone safe and healthy. 


Quarterly Submission

RiskExec has been updated to support clients who are now required to file their 2020 HMDA LAR on a quarterly basis.  When a user clicks “Submit LAR” within the HMDA module and begins the process of creating submission files, the user will now have the option to create an Annual, 1st Quarter, 2nd Quarter, 3rd Quarter, 1st and 2nd Quarter, or 1st, 2nd, and 3rd Quarter submission file. 

Select your HMDA submission file type

Under the current guidance of the CFPB, when a user files 2nd Quarter data they will have to decide whether to submit the 2nd Quarter only or a combined 1st Quarter and 2nd Quarter dataset.  Then RiskExec will internally use an Action Date filter to appropriately select the records based on the option selected above.

As of today, the CFPB submission portal is not ready for testing quarterly files, hence the RiskExec team does not have any way to confirm the validity of such files.  As soon as the CFPB makes the site available, RiskExec will work with our clients to verify quarterly files if requested. Please note, verification by a RiskExec team member of a submission file is not required prior to submission.  

Additionally, RiskExec has updated its Export options to allow users to export quarterly HMDA submission files. The logic for these exports mirrors the logic used in the submission files discussed above. 

For more regulatory information on quarterly HMDA submissions, please refer to the CFPB’s Supplemental Guide for Quarterly Files.  

HMDA Application Detail

RiskExec has made updates to the HMDA Application Detail page which allows a user to select NA or Exempt (for files marked exempt) as a value in the dropdown option for those fields where NA or Exempt is a valid value for submission.

NA Option - HMDA Application Detail

RiskExec has added a new filter capability that will allow users to compare two numeric or two date fields.

Comparison Filter
HMDA Application List when Comparison Filter is applied



RiskExec has added a new theme called the Tract Distressed/Underserved theme.  This theme highlights distressed or underserved nonmetropolitan middle-income geographies designated by the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency.  This theme is based on:

Tract Distressed/Underserved Theme
County Label

When a user applies the County Layer on a map, the word “County” has now been removed in an effort to show more county labels on a map.

Maps - County Theme

Assessment Areas

Assessment Set Types

RiskExec now provides the option to create three types of Assessment Areas: 

Zip Codes

Geographic assessment areas using 2019 and greater census data can now use zip codes as units.  Please note, because demographic data is only available at the tract level, the zip code units are built at the tract level, using the HUD Crosswalk File.  If a tract is listed in the Crosswalk File as having any part of it within the selected zip code, then the entire tract will be included in the assessment area unit.  This means that the zip code units will often have a larger population than the comparable Census ZCTA.

Assessment Area - Zip Code Units


RiskExec has added three additional export options: 

Soft Geocoding Export


In addition to All Loan Purpose, Home Purchase, Home Improvement, and Refinance, RiskExec has added “Other” as an option for the HMDA Compliance - Disparity Indices report.


Due to the feedback from our clients on the redesign of the RiskExec platform, RiskExec has updated its font to improve overall visibility and readability. 

Maps 2.0

This release includes the new Maps 2.0 accessible within the HMDA, CRA, Fair Lending, Redlining Analysis, Assessment Areas and Batch Geocoding Modules. These maps can be accessed by clicking the “Maps 2.0” button from an individual file under the existing “View Map” option. The current maps will continue to be available for some time and will replaced by Maps 2.0 at a future date. We will notify our users before the current maps are decommissioned.

We will be hosting a training webinar on the features of Maps 2.0 this Wednesday, September 12 at 3:00pm ET. If you have not yet registered for this training and wish to attend, please visit to reserve your spot. If you are unable to attend, please submit a registration and we’ll send you the recording.

Goal Setting Module

This first phase of our new module allows users to set customized goals for their HMDA and/or CRA files. These reports can be used to monitor performance in customized categories across specified ranges in time and can evaluate current lending activities as compared to individual targets.

We will continue to enhance this new module in the coming weeks. A demonstration webinar of the full capabilities of this new module will be held following our next release in October.

To receive access to this module, please have your institution’s primary user send a request to asking for permission to the Goal Setting module for specified users.

Fair Lending & Redlining

Conversion to P-Values

Within the RiskExec Fair Lending and Redlining Analysis modules there are certain tests designed to identify and measure statistical significance. This release includes modifications to use p-values when indicating areas that exceed a 95% significance threshold.

Segmented Analyses

Users can now select segmentation variables for 2-Factor Proportions Tests and Difference of Means Tests. Users can also set a minimum segment count below which the test will not be run. Segmenting these tests will result in the generation of multiple analyses housed in the Analysis Test Results tab so that significance can be measured for subsets of data divided according to user selection.

For example, if a user creates a Denial Disparity test segmented by Loan Type, the analysis will contain individual segments for Conventional, FHA, VA, etc with specific p-values for the protected class categories within the one specific type of loan. An unsegmented Denial Disparity test would provide p-values for protected class categories for all loans combined.

HMDA Filing Instructions Guide (FIG) Updates

Version 3.5 Updates

V651 and V655 were modified to exclude purchased transactions.

Version 3.6 Updates – Incorporating changes for Exempt Institutions

Last week the Bureau of Consumer Financial Protection released an updated FIG to support the implementation of changes made to HMDA by the Economic Growth, Regulatory Relief and Consumer Protection Act signed in May by the President. This update allows new exemption values for institutions that are subject to exemption from portions of the expanded HMDA data requirements. The update also adds and modifies certain edit checks to account for the new value options.

The RiskExec Team is currently reviewing these updates and determining the best ways to implement the changes within our HMDA module. Should your institution be included under the exemption options, please be aware we will communicate additional updates to accommodate these changes.


Colorado House Bill 18-1128

“Biometric data” means unique biometric data generated from measurements or analysis of human body characteristics for the purpose of authenticating the individual when he or she accesses an online account.

“Covered entity” means a person (defined as an individual, corporation, business trust, estate, trust, partnership, unincorporated association, or two or more thereof having a joint or common interest, or any other legal or commercial entity) that maintains, owns, or licenses personal identifying information in the course of the person’s business vocation, or occupation.  “Covered entity” does not include a person acting as a third-party service provider.

“Determination that a security breach occurred” means the point in time at which there is sufficient evidence to conclude that a security breach has taken place.

“Encrypted” means rendered unusable, unreadable, or indecipherable to an unauthorized person through a security technology or methodology generally accepted in the field of information security.

“Notice” means:

“Personal information” means:

Personal information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records or widely distributed media.

“Security breach” means the unauthorized acquisition of unencrypted computerized data that compromises the security, confidentiality, or integrity of personal information maintained by a covered entity.  Good faith acquisition of personal information by an employee or agent of a covered entity for the covered entity’s business purposes is not a security breach if the personal information is not used for a purpose unrelated to the lawful operation of the business or is not subject to further unauthorized disclosure.

“Third-party service provider” means an entity that has been contracted to maintain, store, or process personal identifying information on behalf of a covered entity.

Each covered entity in Colorado that maintains paper or electronic documents during the course of business that contain personal identifying information must develop a written policy for the destruction or proper disposal of those paper and electronic documents containing personal identifying information.  Unless otherwise required by state or federal law or regulation, the written policy must require that, when such paper or electronic documents are no longer needed, the covered entity must destroy or arrange for the destruction of such paper and electronic documents within its custody or control that contain personal identifying information by shredding, erasing, or otherwise modifying the personal identifying information in the paper or electronic documents to make the personal identifying information unreadable or indecipherable through any means.

To protect personal identifying information from unauthorized access, use, modification, disclosure, or destruction, a covered entity that maintains, owns, or licenses personal identifying information of an individual residing in Colorado must implement and maintain reasonable security procedures and practices that are appropriate to the nature of the personal identifying information and the nature and size of the business and its operations.

Unless a covered entity agrees to provide its own security protection for the information it discloses to a third-party servicer provider, the covered entity must require that the third-party service provider implement and maintain reasonable security procedures and practices that are:

A disclosure of personal identifying information does not include disclosure of information to a third party under circumstances where the covered entity retains primary responsibility for implementing and maintaining reasonable security procedures and practices appropriate to the nature of the personal identifying information and the covered entity implements and maintains technical controls that are reasonably designed to:

A covered entity that is regulated by state or federal law and that maintains procedures for protection and disposal of personal identifying information pursuant to the laws, rules, regulations, guidances, or guidelines established by its state or federal regulator is in compliance with these provisions.

A covered entity that maintains, owns, or licenses computerized data that includes personal information about a resident of Colorado must, when it becomes aware that a security breach may have occurred, conduct in good faith a prompt investigation to determine the likelihood that personal information has been or will be misused.  The covered entity must give notice to the affected Colorado residents unless the investigation determines that the misuse of information about a Colorado resident has not occurred and is not reasonably likely to occur. Notice must be made in the most expedient time possible and without unreasonable delay, but not later than 30 days after the date of determination (previously as soon as practical) that a security breach occurred, consistent with the legitimate needs of law enforcement and consistent with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the computerized data system.

In the case of a breach of personal information, notice to affected Colorado residents must include, but need not be limited to, the following information:

Covered entities who have experienced a breach of personal information that is likely to be misused must also direct the person whose personal information was breached to change his or her password and security question or answer or take other appropriate steps.

The breach of encrypted or otherwise secured personal information must be disclosed if the confidential process, encryption key, or other means to decipher the secured information was also acquired in the security breach or was reasonably believed to have been acquired.

A covered entity that is required to provide notice to affected Colorado residents is prohibited from charging the cost of providing the notice to the affected residents.

The covered entity is not precluded from including any additional information in the notice, including any information that may be required by state or federal law.

Notice may be delayed if a law enforcement agency determines that the notice will impede a criminal investigation and the law enforcement agency has notified the covered entity that conducts business in Colorado not to send notice.  The notice must be made in good faith, in the most expedient time possible and without unreasonable delay but not later than 30 days (previously as soon as possible) after the law enforcement agency determines that notification will no longer impede the investigation and has notified the covered entity that conducts business in Colorado that it is appropriate to send the notice.

The amendments also include provisions related to the following:


Colorado House Bill 18-1254

At any time after the recording of the notice of election and demand but prior to the sale, a portion of the property may be released from the deed of trust being foreclosed pursuant to state law or as otherwise provided by order of a court of competent jurisdiction recorded in the county where the property being released is located. Upon recording of the release or court order, the holder of the evidence of debt or the attorney for the holder must pay the required fee, amend the combined notice, and, in the case of a public trustee foreclosure, amend the notice of election and demand to describe the property that continues to be secured by the deed of trust or other lien being foreclosed as of the effective date of the release or court order; except that the amended combined notice may be omitted with the prior approval of the public trustee. The public trustee must record the amended notice of election and demand upon receipt. Upon receipt of the amended combined notice, if provided by the holder or the attorney for the holder, the public trustee must republish and mail the amended combined notice as required. If the amended combined notice was omitted, upon recordation of the amended notice of election and demand, the public trustee must supply an amended combined notice and must then republish and mail the amended combined notice as required.

The public trustee may require the holder or servicer to make a deposit of up to $500 (previously $650) plus the amount of the fee permitted, at the time the notice of election and demand is filed, to be applied against the fees and costs of the public trustee.

If the holder of the evidence of debt is the highest bidder with a bid that exceeds the total amount due shown on the bid, the holder of the evidence of debt is only required to pay the excess of the amount bid over the amount due the holder of the evidence of debt, as shown on the bid submitted.

The amendments also include revisions related to:

Colorado House Bill 1174

The law requiring the licensing of mortgage loan originators was scheduled to be repealed on September 1, 2018.  This has been extended to September 1, 2029.

Each individual applicant for initial licensing as a mortgage loan originator must have satisfactorily completed:

The Board must issue or deny a license within 60 days after:

The Board will deny an application for a license, refuse to renew, or revoke the license of an applicant or licensee who has:

The Board must consist of five members appointed by the Governor of Colorado.  Of the members of the Board:


Minnesota House File 3158

All references to Nationwide Mortgage Licensing System and Registry have been changed to Nationwide Multistate Licensing System and Registry (also referred to as “NMLSR”).

In order to meet the written test requirement to be licensed as a mortgage loan originator, an individual must pass, in accordance with the standards required, a qualified written test developed by the NMLSR and designated as the NMLSR’s National Test Component with Uniform State Content for Mortgage Loan Originator Licensing and administered by a test provider approved by NMLSR based upon reasonable standards.

In order to meet the annual continuing education requirements, a licensed mortgage loan originator must complete at least eight hours of approved education that includes at least:


New Hampshire Senate Bill 314

The New Hampshire legislature recently amended its laws to exempt a mortgage banker, mortgage broker, mortgage servicer, or mortgage originator from licensing requirements if the individual is not engaged habitually and repeatedly in such activities in a commercial context.  It is a rebuttable presumption that an individual is not engaged in the business of a mortgage banker, mortgage broker, mortgage servicer, or mortgage originator if the individual is not involved in more than three loans in any consecutive 12-month period.


New Hampshire House Bill 1687

No person may engage in the business of a mortgage broker, mortgage banker, mortgage originator, or mortgage servicer without holding a valid license, or assist or aid and abet any person in the conduct of business as a mortgage broker, mortgage banker, mortgage originator, or mortgage servicer without a valid license as required.

All references to “Nationwide Mortgage Licensing System” have been replaced with “Nationwide Multistate Licensing System.”


“Asurity Technologies and First American Mortgage Solutions share a mutual goal to provide industry-leading compliance solutions as we build toward a fully digitized mortgage marketplace,” says Andy Sandler, Founder and CEO, Asurity Technologies. “We believe this joint initiative will help advance this important objective.”

Asurity Technologies provides end-to-end compliance management solutions from 100 percent compliant smart loan documents, and compliance management and analysis platforms built by an ecosystem of engineering to regulatory law experts. RiskExec is a SaaS platform that delivers the analytical tools needed to proactively manage redlining and fair lending compliance, and prepare, manage and easily submit for HMDA and CRA.

First American Mortgage Solutions, a part of the First American family of companies, provides comprehensive solutions for residential lenders and servicers covering the entire loan spectrum. The company’s PredProtect Regulatory Compliance Suite helps streamline the loan origination process by performing detailed compliance checks on every loan and instantly identifying potential violations, so corrections can be made immediately.

“We are committed to providing lenders and servicers with premier data and solutions to originate, close and service quality loans,” said Kevin Wall, president of First American Mortgage Solutions. “By teaming with Asurity, we can now provide even more comprehensive solutions to allow our customers to focus on core business objectives while mitigating risk.”

By teaming with Asurity, we can now provide even more comprehensive solutions to allow our customers to focus on core business objectives while mitigating risk. - Kevin Wall, president, First American Mortgage Solutions

For additional information about Asurity Technologies’ comprehensive compliance solutions, please visit For additional information about First American, please visit


An additional 19.9% of households were underbanked, with access to only basic financial products like checking or savings accounts, and relied on financial services outside the banking system. This translates to roughly nine million households that are unbanked and 26 million that are underbanked in the United States.

The majority of these households are low and moderate income consumers with limited or poor credit history. With banks wary of lending to them, payday lenders and other predatory loans fill these households’ credit needs. It’s an endless cycle of high-interest debt that prevents low-income consumers from building long-term wealth.

OCC Signals Change, Then Reneges

While the Office of the Comptroller of the Currency initially signaled they would greenlight banks to provide short-term, high-interest loans to compete with payday lenders, ultimately Comptroller Otting withdrew support due to its predatory nature, costs, and regulatory implications.

Alternative short-term credit services could be a conversation opener for banks providing new pathways for consumer education, credit and savings building, and improved financial positions. Creating additional access points to legitimate financial services and education fills a void in many of these communities and can help navigate away from predatory payday lenders.

If banks offered short-term lending and other services, they could enter markets that are untapped and provide economic opportunity and relief to a predominately LMI base. Banks can help these customers establish accounts, learn financial literacy and money management skills, and build wealth.

Nine million households are unbanked and 26 million are underbanked in the United States.

The Road To Financial Recovery

The big question to answer is: what should these loan products look like?

These loans are inherently high-risk with borrowers turning to payday lenders when banks turn them away. Banks need to review current product offerings and risk appetite to evaluate what products could be created and tailored to build a road to financial recovery for high-risk borrowers.

First and foremost, these products would need to meet all regulations and laws to provide borrower and bank with safe lending products. This would include conducting a risk assessment and setting minimum requirements for borrowers to qualify for credit. The products also need to be profitable in order for banks to continue offering these solutions to a larger community of high-risk borrowers. Small loans can be costly to underwrite and the profit margin might be too small to be viable.

The best potential solutions are hybrids that involve partnering with community organizations.

The best potential solutions are hybrids that involve partnering with community organizations, introducing education programs, and creating new products from the ground up.

Some ideas include:

Postal Services Meet Banking Services in High Need Areas

To address payday lending in the most underserved and underbanked areas, Senator Kirsten Gillibrand (D-NY) proposed a solution to maximize the existing infrastructure and services through the United States Postal Service (USPS). The Postal Banking Act legislation suggests making banking services available at all 30,000 USPS locations nationwide. While it may not appear a likely match at first glance, Gillibrand’s proposal would allow the USPS to provide financial products and services, including:

The Postal Banking Act legislation suggests making banking services available at all 30,000 USPS locations nationwide.

Banks could make it possible to provide these products in conjunction with the Postal Service, either in conjunction with community organizations or through their own independent programs. Could banks be persuaded to join forces? Senator Gillibrand’s proposal aims to enable access to legitimate banking services in low-income areas by leveraging the USPS’s available resources.

The Iowa legislature recently amended its laws related to mortgage releases and to shorten the period of time for redeeming real property from foreclosure and delaying sale of foreclosed property and to adjust the statute of limitations period for executing judgments on claims for rent.  All the legislation discussed in this memorandum is effective July 1, 2018.

Iowa House File 2232

When the amount due on a mortgage is paid off, the mortgagee, the mortgagee’s personal representative or assignee, or those legally acting for the mortgagee, and in case of payment of a school fund mortgage the county auditor, within thirty days (previously forty-five days) of payment in full, must acknowledge satisfaction thereof by execution of an instrument of satisfaction which is in writing, refers to the mortgage and is duly acknowledged and recorded.  If the mortgage secures a revolving line of credit, future advances, or other future obligations, the mortgagee is not required to file a satisfaction upon payment in full unless the borrower makes a written request to the mortgagee that the mortgage be released and, if such written request is made, the mortgagee must file the release within thirty days after payment in full or such written request is made whichever occurs later.

If a mortgagee, or a mortgagee’s personal representative or assignee, upon full performance of the conditions of the mortgage, fails to discharge such mortgage as required, the mortgagee is liable to the borrower and the borrower’s heirs or assigns, for all actual damages caused by such failure and a penalty of $500, plus reasonable attorney fees.

A mortgagee is not liable under the above provision if all of the following apply:

When the judgment is paid in full, the mortgagee must file with the clerk a satisfaction of judgment which releases the mortgage underlying the action.  A mortgagee who fails to file a satisfaction within thirty days of receiving a written request will be subject to reasonable damages and a penalty of $500 (previously $100) plus reasonable attorney fees incurred by the aggrieved party, to be recovered in an action for the satisfaction by the party aggrieved.

Iowa House File 2234

When a foreclosure of a mortgage on real property results from the enforcement of a due-on-sale clause, the borrower may redeem the real property at any time within eighteen months (previously three years) from the day of sale under the levy, and the borrower must, in the meantime, be entitled to the possession of the property; and for the first fifteen months (previously thirty months) thereafter such right of redemption is exclusive.  The times for redemption are extended to sixteen months (previously thirty-three months) in any case in which the borrower’s period for redemption is extended by this provision.

After the expiration of a period of ten years (previously five years) from the date of entry of judgment of a court not of record, or twenty years from the date of entry of judgment of a court of record, in an action on a claim for rent, exclusive of any time during which execution on the judgment was stayed pending a bankruptcy action or order of court, such judgment will be null and void, all liens will be extinguished, and no execution will be issued.

The borrower and the lender of real property consisting of less than ten acres in size may agree and provide in the mortgage instrument that the period of redemption after sale on foreclosure of said mortgage be reduced to six months, or reduced to three months if the property is not used for an agricultural purpose, provided in all cases that the lender waives in the foreclosure action any rights to a deficiency judgment against the borrower which might arise out of the foreclosure proceedings.  In such event, the borrower will, in the meantime, be entitled to the possession of the real property; and if such redemption period is so reduced, for the first two months (previously three) after sale such right of redemption will be exclusive to the borrower, and the time period will be reduced to three months (previously four).

If the mortgaged property is not used for an agricultural purpose, the plaintiff in an action to foreclose a real estate mortgage may include in the petition an election for foreclosure without redemption.  The election is effective only if the first page of the petition contains the following notice in capital letters of the same type or print size as the rest of the petition:



At any time prior to entry of judgment, the borrower may file a demand for delay of sale.  If the demand is filed, the sale must be held promptly after the expiration of two months from entry of judgment.  However, if the demand is filed and the mortgaged property is the residence of the borrower and is a one-family or two-family dwelling, the sale must be held promptly after the expiration of six months (previously twelve months), or three months (previously six months) if the petition includes a waiver of deficiency judgment, from entry of judgment.

Connecticut House Bill 7141

The Connecticut legislature recently amended its laws related to mortgage servicing, effective July 1, 2018.

No mortgage servicer shall, directly or indirectly:

Mortgage servicers must establish, enforce and maintain policies and procedures reasonably designed to achieve compliance with the above provisions, and qualifying individual or branch managers for such mortgage servicer must enforce such policies and procedures. No violation will be found unless the mortgage servicer, qualifying individual or branch manager's failure to establish, enforce or maintain policies and procedures resulted in conduct in violation of the above provisions or rules or regulations adopted under these provisions or any other state or federal law, including the rules and regulations thereunder, applicable to any business authorized or conducted under the mortgage servicing laws.

Florida Rules 69B-186.010

The Florida Department of Financial Services Division of Insurance Agents and Agency Services (“Department”) recently amended its rules regarding unfair methods of competition and unfair or deceptive acts or practices in the transaction of title insurance, effective May 13, 2018.

A “referrer of settlement service business” means any person who is in a position to refer title insurance business incident to or as part of a real estate transaction or an associate of such person.  A referrer of settlement service business may be a title insurance agent, title insurance agency, title insurance company, attorney, real estate broker, real estate agent, real estate licensee, broker associate, sales associate, mortgage banker, mortgage broker, lender, real estate developer, builder, property appraiser, surveyor, escrow agent, closing agent, or any other person or entity involved in a real estate transaction for which title insurance could be issued; or any employee, officer, director, or representative of such person or entity.

The lists below are intended as examples and are not exhaustive.  The rule does not prohibit inducements or rebates provided by filed or approved rates or rating manuals, advertising gifts permitted by law, or inducements and rebates otherwise expressly allowed by law.

As they relate to the transaction of title insurance, the following activities, whether performed directly or indirectly, for or by any referrer of settlement service business, are inducements for the sale, placement, or referral of title insurance business and are prohibited:

The following expenditures, however, are not considered violations:

A licensed and appointed title insurance agent is not prohibited from affixing a notice to any contract or agreement stating “The terms of this contract are agreed to, but only to the extent that they do not violate the provisions of Rule 69B-186.010, F.A.C., or paragraph 626.954(1)(h), F.S.,” or substantially similar language.

chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram