For years now the mortgage and real estate closing process has been largely viewed by some banks and settlement professionals as nothing more than a glorified signing party. Concerns about fraud, infidelity and negligence on the part of those handling mortgage proceeds and bank documents and the other professionals who play a part setting a transaction have been largely ignored. This has been true despite the fact that the concept of wiring funds to a closing agent who is largely unknown and allowing strangers to handle mortgage documents and disbursements without uniform standards seems counter to prudent business practices.
Today title underwriters, who have been primarily self-insured, have seen claims rise, profits dwindle, and lawsuits by lenders and consumers stack up at courthouses around the Country. Billions of dollars in damages from mortgage fraud have created a firestorm that the title industry simply cannot extinguish. Consequently, any notion that title underwriters can continue to allow agents to bind them for acts of negligence and infidelity by closing agents requires radical readjustments and new thinking. Likewise mortgage lenders and consumers cannot continue to rely upon the closing protection letter as a form of insurance against losses from mortgage fraud when it is not an insurance product and offers very limited coverage for losses.
While fraud can take place in any part of the loan process, lenders are most at risk at the closing. Settlement agents, who are responsible to disburse the lender’s money, to supervise the execution and delivery of the deed, note and mortgage instruments, are traditionally subject to little or no scrutiny. If they are scrutinized at all, it is typically entity focused and conducted intermittently with virtually no ongoing monitoring.
Licensing, while important as a bar to entry into a profession, is not risk management. Anyway there is no one license that covers all of the various actors who can handle funds and documents at a closing, which depending upon the state or region includes lawyers, escrow agents, title agents, mobile notaries, closers and realtors. The little vetting that does occur, by title underwriters and some banks, is primarily static and not ongoing, is not uniform, is generally focused on entities, and involves no sharing of data. In addition one need only review the FBI fraud statistics, as well as the latest entries in the Mortgage Fraud Blog to realize that whatever is being done now, is not working.
Agents are still stealing funds, aiding fraud at closing and looking the other way. Common recent incidents reported publicly have included instances when an agent documented non-existent buyer cash to close, permitted same day property flips, and when funds were accepted or disbursed to or from third parties not identified to the lender as formally connected to the transaction.
Theft of funds and outright fraud are a serious problem, but there are other ways that unsupervised agents can cause havoc. Settlement agents can also act negligently, by failing to obtain the properly signed note, or to record the mortgage, thereby creating significant liability for lenders. Since settlement agents, including lawyers, are not uniformly required to carry liability insurance or fidelity bonds, and there is no standardized process in place to verify insurance coverage when a party to the closing does require it, lenders and consumers can have no faith they will recover their losses resulting from negligence or bad acts by settlement agents at closings. In the past lenders have taken the risk associated with the unregulated and unsupervised nature of the closing process because losses from fraud at closing had historically been a small percentage of overall mortgage fraud damages. That is why most lenders focused whatever spending they could allocate to fraud deterrence on front end fraud software, such as social security number verification, automated appraisal reviews and similar products. According to the National Mortgage Bankers Association, lenders spent approximately $1 Billion on fraud deterrent software to use in the origination and underwriting process in 2013. The amount reported to address fraud and negligence at closing is not even on anyone’s radar.
Today there is also a renewed focus on the nature of the information delivered by banks and lenders to a settlement agent due to the concern over data privacy and security.
The Consumer Financial protection Bureau (CFPB) now has rule writing authority and enforcement authority over financial institutions, with respect to the Graham-Leach-Bliley Act (GLBA), the major federal consumer information privacy and data security laws.
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance –to safeguard sensitive data. Mortgage lenders, mortgage brokers, credit unions and banks collect personal information from their customers including names, addresses, and phone numbers; bank and credit card account numbers; income and credit histories; assets and their location, as well as social security numbers. The name of minor children, marital status, birth dates and more are also found throughout a typical loan file. GLBA thus requires all lenders to ensure the security and confidentiality of this type of information. As part of its implementation of the GLB Act, the Federal Trade Commission (FTC) issued the Safeguards Rule, which requires financial institutions under FTC jurisdiction to have measures in place to keep customer information secure.
Settlement agents receive a complete loan package, including the very detailed Form 1003 final loan application. This document contains a borrower’s complete personal financial history and in the wrong hands can cause serious consumer harm.
According to the Safeguards Rule, financial institutions must develop a written information security plan that describes their program to protect customer information. All programs must be appropriate to the financial institution's size and complexity, the nature and scope of its activities, and the sensitivity of the customer information at issue. Covered financial institutions must: (a) designate the employee or employees to coordinate the safeguards; (b) identify and assess the risks to customer information in each relevant area of the company's operation, and evaluate the effectiveness of current safeguards for controlling these risks; (c) design a safeguards program, and detail the plans to monitor it; and (d) select appropriate service providers and require them (by contract) to implement the safeguards
As the recent electronic data breaches suffered by Target, Ebay and industry LOS system provider Ellie Mae demonstrate, when we live in a world where private information is shared, that information is a serious temptation for criminals. Mortgage lenders and banks, who have access to so much personal and financial information of a borrower, must take significant measures to safeguard that data and manage who has access to it.