The HMDA 2018 rule changes have been lying in wait since the Dodd-Frank Act’s enactment. In the years since, lenders have continued submitting the required data fields for the required products. As a result, lenders do not have the processes or systems in place to gather or submit the new expanded field and product requirements.
This is a big deal for more reasons than one. Tech, timing, the volume of data required, and the addition of HELOCs as a required product pose a number of threats to the success of HMDA submissions and exams for lenders. While it sounds dire, there are ways to manage and minimize the risk of potential challenges.
Wrong time, wrong place.
As you may already know, the same individuals tasked with 2017 data submissions by March 1, 2018 must also collect HMDA data for credit decisions that occur after January 1, 2018. What this group may not consider is that during the last few months of each calendar year, IT departments freeze new requests and functionality additions to exclusively focus resources on properly producing and exporting 2017 data.
“IT departments effectively run banks, especially when it comes to operational capabilities.” – Carl Pry, Managing Director, Treliant Risk Advisors
“IT departments effectively run banks, especially when it comes to operational capabilities,” says Carl. “And they’re not normally going to make exceptions, especially for a compliance matter.”
HELOCs and mortgages typically close on different loan origination systems (LOS). For 2018, HELOC systems will need to be reconfigured to produce the data required for submission. Once the HELOC system and LOS are up-to-date, lenders will need to merge outputs from both systems to produce a single, comprehensive submission.
“The modified HELOC system and the combined output process are going to need extra testing,” stresses Carl. “It will be difficult to get both systems to submit properly since the functions aren’t what they’re used to.”
Testing new components on a technical system leads to a whole new set of unexpected bugs. Processing new data fields in the LOS for the first time will naturally lead to initial hiccups and technical failures. The majority of engineering and IT teams may be largely unavailable to address any bug reports beginning after Thanksgiving until after March 1.
Nonbanks are less equipped to integrate this new process because they have fewer resources with which to address regulatory changes of this scale, having only recently come under the purview of major regulators. As a result, they may have insufficient information and incompatible technology to start testing. If they do have the data, the process to check for errors will be less thorough because they lack the first, second, and third lines of defense employed by large banks with more structured compliance teams.
The challenge: Beginning after Thanksgiving through March 1, 2018, many loan and compliance officers will go through months of system testing with the understanding that any bugs identified during that freeze period will not be addressed by IT departments until after.
What you can do now: Use this time to run water through the pipes and test every new element, like credit scores and DTI, to ensure that they flow properly. The earlier testing begins, the more time will be available to find gaps and fix them in increments prior to the freeze.
More data, more problems.
The expanded definition of loan types required naturally leads to an increase in the number of submission errors and omissions. Distinguishing between these is notably important:
- An error is an entry on the HMDA LAR that is reported, but does not belong;
- An omission is an application that is not reported, but does in fact belong.
Many banks may include or exclude certain loan types and data points incorrectly as a result of the overwhelming magnitude in rule changes and additions.
The challenge: Expanded data and product requirements, such as HELOCs, and a new CFPB portal that requires 100% accuracy before allowing submissions present pain points for data integrity.
What you can do now: The CFPB will be looking for good-faith efforts. The better organized an institution’s preparation and efforts to comply, the more favorable the exam.
“Data integrity will be key to mitigating increased compliance risks.”
“Data integrity will be key to mitigating increased compliance risks, and we know from the CFPB’s enforcement actions that they are focused on it,” explains Carl. One way to show good-faith is to employ an effective compliance management system (CMS). “Having a CMS that incorporates handling these changes demonstrates that you have the capabilities to manage what’s coming down the road.”