On October 9, the CFPB (or Bureau) announced it had assessed civil money penalties totaling $459,000 against two financial institutions—one bank and one nonbank—after examinations identified significant data errors in mortgage loans reported pursuant to the Home Mortgage Disclosure Act (HMDA). The Bureau simultaneously issued a HMDA bulletin to all mortgage lenders regarding the elements of an effective HMDA compliance management system, resubmission thresholds, and factors the Bureau may consider when evaluating whether to pursue a public HMDA enforcement action and related civil money penalties.
According to the consent orders (available here and here), both financial institutions maintained inadequate HMDA compliance systems that resulted in the reporting of “severely compromised mortgage lending data.” The nonbank, which reported 21,015 applications in its 2011 HMDA Loan Application Register (LAR), agreed to pay a penalty of $425,000. The consent order notes previous violations identified by the state regulator and states that the Bureau sampled 32 loans and concluded that the sample error rate unreasonably exceeded the Bureau’s resubmission threshold, although the error rate was not disclosed. The investigation of the nonbank was conducted in cooperation with the Massachusetts Division of Banks, which announced its own consent order imposing a $50,000 administrative fine at the same time that the CFPB announced its order. The bank, which reported 5,785 applications in its 2011 HMDA LAR, agreed to pay a penalty of $34,000. The consent order against the bank states that the bank’s sample error rate was 38 percent but does not disclose the size of the sample. Both institutions will be required to correct and resubmit their 2011 HMDA data and develop and implement an effective HMDA compliance management system to prevent future violations. Neither of the orders reveals the specific deficiencies in the institutions’ HMDA compliance programs.
As noted above, the Bureau also issued a bulletin regarding HMDA compliance along with HMDA resubmission guidelines. The bulletin discusses the components of an effective HMDA compliance management system, including: (i) comprehensive policies, procedures, and internal controls; (ii) comprehensive and regular internal, pre-submission HMDA audits; (iii) a process for reviewing regulatory changes; (iv) reporting systems commensurate with lending volume; (v) one or more individuals responsible for oversight, data entry, and data updates, including timely and accurate reporting; (vi) appropriate, sufficient, and periodic employee training on HMDA, Regulation C, and reporting requirements; (vii) a process for effective corrective action in response to deficiencies identified; and (viii) appropriate board and management oversight.
In addition, the bulletin announces the Bureau’s new HMDA Resubmission Schedule and Guidelines, which sets forth thresholds that will apply when determining whether resubmission is required when errors are discovered in a HMDA data integrity examination. The new resubmission schedule creates a two-tier system in which resubmission thresholds are lower for institutions reporting fewer than 100,000 entries on the HMDA LAR. Under the guidance, institutions that report 100,000 or more entries on their LAR should correct and resubmit their entire HMDA LAR if the error rate exceeds four percent of the total sample (or two percent in any individual data field), while institutions with fewer than 100,000 entries on their LAR should correct and resubmit their LAR if the error rate exceeds ten percent in the total sample (or five percent in any individual data field). The guidance states that resubmission for error rates below the applicable thresholds may be called for if “the errors prevent an accurate analysis of the institution’s lending.” Under the Bureau’s current standards, institutions, regardless of size, must resubmit a corrected LAR if any “key fields” have an error rate of five percent, or if at least ten percent of the institution’s records have an error in at least one of the key fields. The new resubmission schedule and guidelines will apply to all HMDA data integrity reviews initiated on or after January 18, 2014.
Finally, the bulletin provides a non-exclusive list of factors the Bureau may consider when evaluating whether to pursue a public HMDA enforcement action, including: (i) size of the institution’s HMDA LAR and observed error rates; (ii) whether errors were self-identified and independently corrected outside of an examination; and (iii) history of previous HMDA errors that exceed the permissible threshold. In addition, the guidance states that the Bureau may seek civil money penalties for HMDA violations depending on such factors as (i) size of financial resources and good faith effort of compliance by the institution; (ii) gravity of the violations or failure to pay; (iii) severity of harm to consumers; (iv) history of previous violations; and (v) such other matters as justice may require.
These recent CFPB announcements reinforce BuckleySandler’s experience to date that the CFPB is stepping up scrutiny of HMDA practices both at banks and nonbanks. These examination and enforcement initiatives dovetail with the CFPB’s other recent HMDA-related activities. The CFPB recently launched new tools to allow the public—including consumer and housing advocates—to leverage HMDA data to attempt to identify lending patterns. The CFPB also has started internally drafting a proposed rule to implement changes to HMDA data collection requirements, as required by the Dodd-Frank Act. Though a final rule is a distant prospect, once finalized the CFPB may require institutions to report, among other things: (i) ages of loan applicants and mortgagors; (ii) the difference between the annual percentage rate associated with the loan and benchmark rates for all loans; (iii) the term of any prepayment penalty; (iv) the term of the loan and of any introductory interest rate for the loan; (v) the origination channel; and (vi) the credit scores of applicants and mortgagors.
All of these developments suggest bank and nonbank mortgage originators should review their HMDA practices and processes to ensure they are reporting data that are accurate or at least within the CFPB’s revised tolerances.