REQUEST A DEMO
venminder_eBook_resources_Mini_Vendor_Management_Handbook
New Call-to-action
New Call-to-action
Post-Hero.jpg

Venminder Blog

Subscribe--Bg.jpg

Subscribe to the Venminder Blog

Due Diligence

Mortgage Subservicer Vendor Oversight Best Practices

Feb 6, 2018 by Steve Greenfield

Mortgage subservicers offer a unique challenge to third party risk management. Unlike many fulfilment services engaged in the origination process, a subservicer interacts with the consumer for essentially the life of the loan or at least until run off occurs, be in from a home sale or a refinance transaction. 

Reminder, we’re talking about the vendors that service the loan, not the generic terminology for fourth parties.

Subservicers in Third Party Risk Management

There is motivation for the subservicer to retain the borrower since the act of servicing a mortgage account can generate upwards of 50% of the total income for the owner of the asset.

At the very basic level, a sub-servicer may be classified as a third or fourth party vendor.  The fourth party vendor classification is triggered if the subservicer is retained to manage a portfolio by a master servicer. We know that both the CFPB and OCC have made it quite clear regarding oversight responsibilities.

Because of the extensive amount of interaction that a subservicer may have with a consumer, there is in equal weight a tremendous amount of regulatory compliance requirements attached to this vendor type.

Focus on the Basics, Then Dig in Deeper to Mechanics of Subservicing

The oversight of a subservicer will require collaboration across multiple business channels. Because of the complexity of this vendor type, relying on a check box mentality of some basic questions which may seem reasonable for other vendor types will not make the grade.

If your vendor oversight department doesn’t have specific experience in this vendor category, then caution should be taken. The next steps you take could define if you have adequately performed the required oversight by both regulators and the GSE’s.

6 Subservice Vendor Oversight Best Practices

  1. Monthly Ongoing Monitoring: Consumers make their payments monthly; therefore, it makes sense that performance oversight reflects this practice. Set up a monthly call to review loan onboarding processes: Were there any hiccups or consumer complaints submitted either to the sub-servicer or the lender directly?

    These responsibilities will typically fall under the line of business but a regular monthly recap meeting between the internal servicing department, compliance, risk and vendor oversight will result in a very healthy and productive ongoing monitoring program. In addition to the monthly practices, I also recommend having a quarterly recap. This report should be submitted to the board so that all parties are aware that this highly regulated and most critical vendor is performing within SLA requirements.

  2. Annual Oversight: You should do annual assessments, an internal effort which can be assisted by the outsourced function. Subservicers are extremely experienced in holding annual assessments for their clients.

    The level of due diligence may vary based on the maturity of the internal oversight program or by the performance, or lack of, by the subservicer. Either way, sending an oversight team which lacks the servicing knowledge and regulatory compliance requirements will not garner much beneficial oversight other than perhaps the advantage that the lender went onsite. 

    Best practices here would be to build a multi-faceted team of different experience specific to the vendor type. Key players should include senior management employees who have extensive servicing knowledge along with compliance personnel and representation from third party risk. 

  3. Appropriate Items Covered in a Review. There is a lot of prep work involved in reviews. Prior to visiting the vendor onsite, you should request copies of policy and procedures (P&P). If your organization has agreed with the service provider on 'Agreed Upon Policies' as part of your contract negotiations, then you should review all this material in advance and then test against it when onsite.

  4. Know Physical Security. You have reviewed the P&P; now is the time to test. Review security and confirm if onsite data storage areas have increased levels of security. Video cameras are typically in servicing organizations but be mindful of where they are focused.

    If the subservicer receives checks as opposed to electronic payments, take a look if this area is monitored. Visitor and guest policy application should be tested by tailgating.  Most firms will have a clear desk and clear screen policy, however, take a walk on the floor and do a visual inspection. You may be in for a surprise of what you will find.

  5. Stay Up to Date on Regulatory Compliance. The CFPB has extensive guidelines regarding servicing operations with the utmost attention aimed at protecting the consumer.

    Areas such as escrow analysis, periodic statements, single point of contact and force placed insurance are all areas which need to be reviewed. This is not an extensive list by any means, so take the time to map out each regulatory compliance requirement and link it to the associated operational procedure.

    The task is then to review documentation which proves the vendor is complying. Much of this type of oversight review can be performed offsite since even with a two day schedule, the time can go by quickly.

  6. Don’t forget the basics:
  • Perform a financial analysis, is the servicer financially stable?
  • Business continuity
  • Disaster recovery
  • Hours of service. Can the servicer support a nationwide customer base?
  • Expertise with certain loan types, slow pay, non-performing assets
  • Location, if offshore - what level of oversight is performed on offshore operations
  • Retention model - ease of use
  • Internal vendor management framework.

The oversight of subservicer isn’t strictly limited to the regulatory or investor requirement. The servicer is an extension of your operation. Selecting the right subservicing operation can have an immediate impact on how your reputation is perceived. When a consumer calls into their loan servicer, the consumer will relate this experience to the lender they originated the loan with. Reputational risk, therefore, does present itself as a valid area of concern.

For more information on subservicing oversight, please review the following links:


Download our guide
to help manage your fourth parties.

DOWNLOAD NOW

Steve Greenfield

Written by Steve Greenfield

Steve Greenfield, CMB, is Director of Third Party Risk at Venminder. He's an experienced vendor risk executive with more than 20 years of management experience in the financial services industry. Steve has expertise in the full spectrum of mortgage lending with an emphasis on risk oversight and consumer lending regulatory compliance as well as advising lenders on vendor software integrations to boost operational efficiencies and vendor consolidation opportunities. Steve joined Venminder from loanDepot, LLC where he held the position of Director of Vendor Oversight at their retail division, Mortgage Master. In this position, Steve led the implementation of a Vendor Risk Oversight Program that followed CFPB, OCC Third Party Oversight Requirements and managed the firm's Vendor Oversight Audit function.

Follow Steve Greenfield