Friday, November 27, 2020

Who owns the loan?

We came under an audit by our regulator a few months ago. Today we received their report.

The report shows a few issues that we’ll need to resolve. One of them involves the Notice of Loan Ownership. We were cited for failing to disclose the Transfer of Loan Ownership. 

Since we are now redrafting our policies and procedures, we want to know about the responsibility to issue this disclosure. 

Who is responsible for this disclosure, the company transferring the loan or the company receiving the loan?


Sometimes an action that seems intuitively correct is wrong as it relates to the law, Best Practices, and regulatory requirements. If I were to put your question to a large group of people, many of them would say that the transferring company is responsible, and many will say that the receiving company is responsible.

Section 131(g) of the Helping Families Save Their Homes Act, which was enacted in 2009, amended the Truth-in-Lending Act (TILA) to require a “creditor” who acquires a mortgage loan to disclose that fact to the borrower not more than 30 days after the date on which the loan is sold or otherwise transferred or assigned to a third party. In my view, the statute abuses the term “creditor” because TILA ascribes a specific meaning to that word. TILA defines “creditor” to mean a person who regularly extends consumer credit that is subject to a finance charge or is payable by a written agreement in more than four installments (not including a down payment) and to whom the obligation is initially payable, either on the face of the note or contract or by agreement if there is no note or contract.

The situation contemplated by § 131(g), to wit, the acquisition of a mortgage loan, attempts to impose a disclosure obligation on someone to whom the obligation is not initially payable, that is, on someone who subsequently acquires an already originated loan and does not meet TILA’s definition of creditor.

Regulation Z, implementing § 131(g), does not make the same mistake. It specifically provides, in Comment 39(a)(1)-1, that “the fact that a person purchases or acquires mortgage loans and provides the disclosures under this section does not by itself make that person a ‘creditor’ as defined in the regulation.” Indeed, the Federal Reserve Board (FRB), and later, the CFPB, concluded that Congress did not intend the word “creditor” to have the same meaning as “creditor” under TILA and Regulation Z. I know; a bit confusing!

To give effect to the legislative purpose, the agencies construed it to refer to the owner of the debt following the sale, transfer, or assignment, without regard to whether that party would be a “creditor” for other purposes under TILA or Regulation Z; hence, the regulation uses the term “covered person” instead of “creditor” in its provision implementing TILA § 131(g).

Although § 131(g) became effective immediately upon enactment, the FRB chose to adopt interim regulations to implement the section, so parties subject to the TILA disclosure requirement would have prompt guidance on how to interpret and comply with the statutory requirements already in effect. To allow time for operational changes, the FRB made compliance with the Regulation Z change optional until January 19, 2010. That did not mean noncompliance with the statutory requirement would necessarily go unpunished until January 19, 2010, although perhaps one could argue that the FRB’s delayed compliance date was an exercise of its authority under TILA to provide for adjustments to the statutory requirements.

In any event, the delayed compliance date meant that noncompliance with any requirement in the regulation that extended beyond the minimum required by the statute could not be punished unless it occurred on or after January 19, 2010.

This requirement must not be confused with the requirements of the Real Estate Settlement Procedures Act (RESPA) regarding mortgage servicing transfers. Under Regulation X, the implementing regulation of RESPA, consumers must be notified when their mortgage loan servicer has changed. In contrast, § 131(g) was intended to provide consumers with information about the identities of the owners of their mortgage loans, partly so they know whom they may contact if they want to exercise a right to rescind the loan. The provision was not intended to require a notice when a transaction does not involve a change in the ownership of the physical note, such as when the note holder issues mortgage-backed securities but does not transfer legal title to the loan.

In reviewing recent court decisions as they relate to the scope of TILA § 131(g) and its implementing provisions in Regulation Z § 1026.39, certain observations can be construed. One case provides insight into the treatment of TILA § 131(g).

The illustrative case is Kornea v. Fannie Mae,[i] in which a federal district court in Pennsylvania considered a consumer’s complaint that Fannie Mae had failed to disclose information about the ownership of his mortgage loan, in violation of § 131(g).

Kornea alleged that in June 2012 he received a letter from Chase, his loan servicer, explaining that his loan had been “sold into a public security managed by Fannie Mae” and that Chase was “authorized by the security to handle any related concerns” on its behalf. The letter provided the investor’s address, but not its name.

About seven years later, in May 2019, Kornea called Fannie Mae, seeking the loan holder’s identity. He was told the information could not be given to him over the phone. He then sent a registered letter to Fannie Mae requesting the owner’s name, address, and phone number. Fannie Mae did not respond. He sent a second letter, and again Fannie Mae did not answer. He sent a letter to Chase asking for the same information, to which Chase responded that Kornea’s loan could “be transferred between investors over its life, but its current investor [wa]s Fannie Mae.”

In October 2019, Kornea sued Fannie Mae under § 131(g)[ii]; however, the state court dismissed the claim as time-barred, though it allowed Kornea to file an amended complaint, in which he added Chase as a defendant. Chase removed the case to federal court.

The federal district court also dismissed the claim against Fannie Mae as time-barred, holding that claims under § 131(g) are subject to a 1-year limitation on actions. Because Kornea learned about the sale of his loan into a Fannie Mae security on June 19, 2012, his claim against Fannie Mae expired a year later, in 2013.

The court then turned to another TILA subsection, § 131(f)(2), because Kornea’s complaint included a claim against Chase under that subsection. That section requires a servicer, upon written request by a consumer obligor, to provide the obligor with the name, address, and telephone number of the owner of the obligation or the master servicer of the obligation.

TILA has a civil liability section[iii] that addresses a consumer’s right to sue for TILA violations. The section specifies that “any creditor who fails to comply with any requirement imposed under this part, including any requirement under § 125, subsection (f) or (g) of § 131, or part D or E of this subchapter” is liable. Accordingly, the creditor, not the servicer – unless, of course, the servicer also is the creditor or an assignee of the creditor – might be liable for violations of this requirement.

Kornea alleged only that Chase was the servicer of his loan, not that Chase was a “servicer-assignee.” As a result, according to the court, Kornea had not alleged “enough facts to show that Chase had any obligation to provide the information Section [131(f)(2)] requires.” The court continued, “And even if he had, Chase met TILA’s obligations in its June 3, 2019 letter responding to Kornea’s request for information by providing ‘the name, address, and telephone number of the owner of the obligation or the master servicer of the obligation.’”

From the foregoing matter, we can derive helpful guidance. Section 131(f)(2) seems quite clear that the servicer of a mortgage loan, whether a “servicer-assignee” or not, has an obligation to comply with its disclosure requirement. That subsection expressly refers to RESPA for the definition of a “servicer” as “the person responsible for servicing of a loan (including the person who makes or holds a loan if such person also services the loan).”

This definition does not incorporate the additional requirement that the servicer be an assignee, a fact various courts have overlooked.[iv] Chase appears to meet that definition. However, the court is right that Chase apparently satisfied its disclosure obligation and that TILA imposes liability for failure to meet that disclosure obligation only on the “creditor” of the loan, not the servicer (unless the servicer also meets the definition of creditor).

Thus, it may seem appropriate that if only servicers can violate TILA § 131(f)(2), Congress must have intended to create a cause of action for failing to comply with that section, whether it be against the servicer or the creditor with liability for the servicer’s failure.

To avoid rendering the subsection meaningless, some judges have applied agency principles to make the loan owner liable for violations by its servicer.[v]

And other courts have assumed liability without devoting attention to the distinction between a disclosure obligation under § 131(f)(2) and liability under § 130(a).[vi] 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] Kornea v. Fannie Mae, 2020 U.S. Dist. (E.D. Pa. Oct. 6, 2020)
[ii] 15 U.S.C. § 1641(g)
[iii] TILA § 130(a)
[iv] Including the U.S. Court of Appeals for the 9th Circuit in Gale v. First Franklin Loan Services, 701 F.3d 1240 (9th Cir. 2012).
[v] See, for instance, Montano v. Wells Fargo Bank, 2012 U.S. Dist. (S.D. Fla. Oct. 23, 2012); Galeano v. Fed. Home Loan Mortg. Corp., 2012 U.S. Dist. (S.D. Fla. Aug. 21, 2012); Kissinger v. Wells Fargo Bank, 888 F. Supp. 2d 1309 (S.D. Fla. 2012).
[vi] See Sam v. American Home Mortgage Servicing, 2010 U.S. Dist. (E.D. Cal. Mar. 3, 2010); Stephenson v. Chase Home Finance LLC, 2011 U.S. Dist. (S.D. Cal. May 23, 2011); and Erickson v. PNC Mortgage, 2011 U.S. Dist. (D. Nev. May 6, 2011).

Thursday, November 19, 2020

Housing Counseling Agency: RESPA Section 8

We ran into a problem with our banking department. They claimed that we violated RESPA when we paid a fee, equal to the borrower’s fee, to a Housing Counseling Agency. The HCA refers borrowers to us. We are being cited for a violation of RESPA Section 8. This seems unfair to the borrower, since the money is being paid to the agency on behalf of the borrower.

Is it permissible to pay a Housing Counseling Agency a fee that is commensurate with the HCA fee it charges the borrower?

There are myriad convoluted ways that Section 8 of RESPA may get triggered. Referrals are one of the booby traps of relationships between the parties to a loan transaction.

I suppose there is a workaround for your scenario, such as directly reimbursing the borrower (rather than the Housing Counseling Agency, or “HCA”) for payments the borrower makes to the HCA. But I would venture that you have already thought of that possibility. However, my hunch is that you want to continue the current relationship with the HCA, which is probably why you’re asking the question in the first place.

Section 8(a) of the Real Estate Settlement Procedures Act (RESPA) prohibits the transfer of a thing of value pursuant to an understanding that business will be referred to any person:

“No person shall give and no person shall accept any fee, kickback, or thing of value pursuant to any agreement or understanding, oral or otherwise, that business incident to or a part of a real estate settlement service involving a federally related mortgage loan shall be referred to any person.”

Thus, as a general proposition, no participant in a loan transaction covered by RESPA may pay anyone else for referring business to them. That said, the CFPB has provided some guidance that could – emphasis on the word “could” – possibly support a way to tiptoe past the booby trap, based on a similar scenario on which it opined recently. 

Keep in mind, however, that a “similarity” does not mean the “same” – it just means that there are overt facts that show similarity, though each scenario has to be understood not only within its context but also, on its own, to ensure it is entirely in compliance with RESPA.

On September 10, 2019, the CFPB issued a No-Action Letter Template in response to HUD’s request for a No-Action Letter regarding lender participation in its Housing Counseling Program.[i] The CFPB stated that it intended to grant applications from mortgage lenders for No-Action Letters based on its No-Action Letter Template, which specified the certifications applications should contain.

Then, on January 10, 2020, the CFPB issued a No-Action Letter (“Letter”) in response to an application filed by Bank of America using the No-Action Letter Template.[ii] The bank's request stated that it operated a “Connect to Own” program in which it entered into arrangements with HCAs that participated in HUD’s Housing Counseling Program for funding housing counseling services to consumers subject to specified conditions.

The request confirmed that the terms of the bank’s existing Housing Counseling Funding Agreements were formalized in memoranda of understanding (“MOUs”) between the bank and the participating counseling agencies, that (a) these MOUs and the bank’s related practices were compliant with applicable HUD requirements, and (b) any future housing counseling funding agreements would be formalized in MOUs between the bank and the participating housing counseling agencies, and (c) that those MOUs and the bank’s related practices would comply with the applicable HUD requirements.

The CFPB’s Letter to the Bank of America approved the bank’s request. The Letter stated that, unless or until terminated by the CFPB, the CFPB would not make supervisory findings, or bring a supervisory action against the bank under RESPA § 8 or Regulation X § 1024.14, or its authority to prevent unfair, deceptive, or abusive acts or practices, for including and adhering to a provision in the MOUs for conditioning the bank’s payment for the housing counseling services on the consumer applying for a loan with the bank – and here’s the “tiptoe past the booby trap!” – with respect to which the bank received proof of completion of housing counseling services from the participating counseling agency, even if that provision or the parties’ adherence to it could be construed as a referral under RESPA. Importantly (and dispositively), the Letter provided that the housing counseling services' payment level must not exceed a level commensurate with the services provided, and was reasonable and customary for the area.

My recommendation is to have the subject scenario further evaluated for compliance by a competent compliance professional. You can send them my answer. The specific facts and circumstances in this scenario must be scrutinized for compliance with applicable law. Several procedural, policy, and disclosure requirements need to be reviewed to avoid an allegation of violating RESPA Section 8. 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] No-Action Letter to HUD, CFPB (Sept. 10, 2019),
[ii] No-Action Letter to Bank of America, CFPB (Jan. 10, 2020),

Friday, November 13, 2020

Living Trusts: Rescission

We have several loans involving living trusts. One of them came to our attention because the borrower wants to rescind the loan we made to a living trust that he set up for his nephew's benefit. We made this loan just two days ago for improvements of a large patio and other structures.

But this was a loan to our borrower, not the nephew.

So, may we refuse to rescind by claiming the loan was to a trust and, therefore, not a consumer loan?


This question's resolution may be found in Regulation Z, Comment 3(a)-10, which provides that credit extended for consumer purposes to certain trusts is considered to be credit extended to a natural person rather than credit extended to an organization.

Expressly noted in the section for Trusts for Tax or Estate Planning Purposes:

In some instances, a creditor may extend credit for consumer purposes to a trust that a consumer has created for tax or estate planning purposes (or both). Consumers sometimes place their assets in trust, with themselves or themselves and their families or other prospective heirs as beneficiaries, to obtain certain tax benefits and to facilitate the future administration of their estates.

During their lifetimes, however, such consumers may continue to use the assets and/or income of such trusts as their property. A creditor extending credit to finance the acquisition of, for example, a consumer’s dwelling that is held in such a trust, or to refinance existing debt secured by such a dwelling, may prepare the note, security instrument, and similar loan documents for execution by a trustee, rather than the beneficiaries of the trust.

Regardless of the capacity or capacities in which the loan documents are executed, assuming the transaction is primarily for personal, family, or household purposes, the transaction is subject to the regulation because in substance (if not form) consumer credit is being extended.

We don’t know categorically about a living trust, but it sounds as though it’s the sort of trust contemplated in Regulation Z, Comment 3(a)-10. I say this because the U.S. Court of Appeals for the 9th Circuit recently considered a similar situation.[i]

Here’s what happened.

As trustee of the Lou Ross Easter trust, Gilliam obtained a loan from Levine to finance repairs to a residential property that was the main asset of the trust. The property was the security for the loan. The borrower’s sister, Lou, had created the trust for the benefit of Lou’s daughter. After Lou died, Gilliam became the trustee. Gilliam obtained the loan to make repairs to the property, so her niece, as the sole beneficiary of the trust, could continue to reside there.

But Gilliam sued Levine for rescission and damages, alleging that Levine had violated TILA by failing to disclose the payment schedule accurately. Levine argued that the loan was not a consumer credit transaction because the trust property securing the loan was not the borrower’s primary residence, even though it was her niece's residence.

And here’s the decision, in brief: The district court dismissed the complaint, finding that the loan was not a consumer credit transaction. The district court mentioned the Regulation Z Commentary as the source for determining whether a transaction is for business purposes under RESPA, but did not mention Comment 3(a)-10.

Levine appealed, and, on appeal, Levine asserted that, as a general rule, a trust does not qualify as a natural person under TILA and cannot be a party to a consumer credit transaction, subject only to a limited exception when the loan is to finance the residence of the trustee.

Then, the 9th Circuit reversed. It held that Gilliam sufficiently alleged that the loan was obtained for a consumer purpose. It decided that Comment 3(a)-10 provides that a loan for “personal, family, or household purposes” of the beneficiary of this type of trust is a consumer credit transaction. The Comment explains that “[r]egardless of the capacity…in which the loan documents are executed,” trusts should be considered natural persons under TILA, so long as the transaction was obtained for a consumer purpose because “in substance (if not form) consumer credit is being extended.”

Thus, the lender’s argument attempted to draw an artificial distinction between a loan obtained for the benefit of the trustee alone and a loan obtained to benefit trust beneficiaries.

According to the 9th Circuit, the issue was one “of first impression under federal and state regulation of consumer credit transactions.” 

Worth mentioning is that, in addition to TILA, Gilliam included claims under California’s Rosenthal Act and RESPA. Finding the definitions of consumer credit transaction identical under TILA and the Rosenthal Act, and that RESPA’s definition required only that the transaction be for a consumer purpose, the 9th Circuit concluded that transactions such as this one should be regarded as consumer credit transactions under all three statutes. 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] References: Gilliam v. Levine, 955 F.3d 1117 (9th Cir. Apr. 14, 2020)

Thursday, November 5, 2020

Climate Change: Business Continuity Challenges

We have been using your Disaster Recovery and Business Continuity Plan. It covers everything we need. Recently, our meetings have been focused on climate change and its effects on our company. Being in California, most of us in our company have come to realize that climate change is causing business interruptions for us.

I head up our compliance team, and we use your Business Continuity Checklist in connection with the Disaster Recovery and Business Continuity Plan in developing our infrastructure strategies. This is definitely the best checklist we have found to work with.

Although the Plan covers the various ways to protect our company in the case of a disaster or business disruption, we were wondering, would you provide a new section in the Checklist that is devoted to climate change?

What a great question! The Business Continuity Plan Checklist & Workbook (Includes COVID-19 Pandemic Response) was first published on March 16, 2020, and Update # 7 was published on May 26, 2020, consisting of 208 pages. The Checklist is complimentary, principally because I felt that it is obscene to charge people for it in the middle of a pandemic. Our company does not put profit over people. 

It is a good idea to combine the use of the Checklist with our Disaster Recovery and Business Continuity Plan, Includes Pandemic Response. By doing so, you are strengthening your due diligence review, ensuring that the Plan reflects your business model and compliance needs, and establishing an internal self-assessment process. All good!

Since May, we have been waiting for a stimulus bill to pass, and that is why the Checklist has not been updated. There have been developments other than the stimulus bill, of course, but that bill is important to keeping employees financially able to survive and companies economically capable of survival. Unfortunately, the House sent the bill to the Senate where it found a reluctant response and tedious negotiations. Indeed, even in the midst of a pandemic and extreme hardships, the Senate put off working on the bill.

Given your request, we are publishing today Update # 8 of the Checklist, providing a new section on climate change. In the future, I may update it again for other developments since May as well as any dispositive results regarding the stimulus bill. So, I suggest you download now the free Update # 8 version of the Checklist, which contains the new climate change section. 

To get the free Checklist, click here.

To order the Plan, click here.

Banking departments have taken it upon themselves to consider the risks of climate change with respect to events that could cause severe interruption of financial activities. I have no doubt that these actions will eventually be extrapolated into examination and enforcement.

A very good model has recently been provided by the NYS Department of Financial Services. On October 29, the NYSDFS issued a letter to state-regulated financial institutions, which provides background information for, and outlines the NYSDFS’s expectations, regarding climate change risk.[i] The department outlines the various physical and transition risks that are brought about by climate change. According to the letter, the types of assets that can be at risk due to weather events are mortgage loans, commercial real estate loans, agricultural loans, and derivatives portfolios.

In addition, the letter highlights that climate change could “negatively impact the balance sheets of regulated non-depositories through adverse impact on the businesses of their customers, including their loss of income, as well as any devalued investments due to physical or transition risks.”

It is important to note that the letter outlines the NYSDFS’s “expectation(s)” with respect to regulated organizations and regulated non-depositories, including incorporating financial risk from climate change into governance frameworks and risk management processes, and suggests that non-depositories develop strategic plans for the effects of climate change.

In banking department parlance, the word “expectation” does not mean assumes, forecasts, intends, predicts, promises, views, supposes, or hopes – it means one thing and one thing only: obligation

Do not wait for an examination to punch holes in your risk prevention efforts with respect to climate change!

So, let me set forth the essential features of the NYSDFS’s guidelines. If you are one of the 1,500 banking and financial institutions regulated by the NYSDFS, take heed. And if you are not regulated by the NYSDFS, also take heed, because it is very likely your state’s banking department will follow a similar course.

The department includes the expectations for all regulated organizations as well as the expectations for regulated non-depositories.

Expectations: All Regulated Organizations

1. Integrate the financial risks from climate change into the governance frameworks, risk management processes, and business strategies.

a. For example, regulated organizations should designate a board member, a committee of the board (or an equivalent function), as well as a senior management function, as accountable for the organization’s assessment and management of the financial risks from climate change.

b. This should include an enterprise-wide risk assessment to evaluate climate change and its impacts on risk factors, such as credit risk, market risk, liquidity risk, operational risk, reputational risk, and strategy risk; and

2. Develop the approach to climate-related financial risk disclosure and consider engaging with the Task Force for Climate-related Financial Disclosures[ii] framework and other established initiatives when doing so.

If you are not familiar with the Task Force, referred to by its acronym TCFD, it is an important initiative of the Financial Stability Board. The TCFD has developed a framework to help public companies and other organizations more effectively disclose climate-related risks and opportunities through their existing reporting processes. To do so, it provides guidance with respect to governance, strategy, risk management, and metrics and targets.

Expectations: All Regulated Non-Depositories

Conduct a risk assessment of the physical and transition risks of climate change, whether directly impacting them, or indirectly due to the disruptive consequences of climate change in the communities they serve and on their customers, such as business disruptions, out-migrations, loss of income, and higher default rates, supply chain disruptions, and changes in investor and consumer sentiments, and start developing strategic plans, including an outline of such risks, the impact on their balance sheets, and steps to be taken to mitigate such risks.

The NYSDFS letter ends with these words from Linda Lacewell, Superintendent:

"The challenge ahead is great, but we know from experience that together we can meet it. Mitigating the financial risks from climate change is a critical component of creating a stronger industry and a healthier and safer world for ourselves, our families, and future generations. There is no more time to wait. Let’s get to work."

I wholeheartedly agree! Let’s get started. 

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] Climate Change and Financial Risks, Letter, New York State Department of Financial Services, 10.29.20
[ii] Task Force for Climate-related Financial Disclosures

Thursday, October 29, 2020

Disaster Recovery and Business Continuity

We are a mortgage lender in the northwest. Our largest investor asked us for a Disaster Recovery Plan and a Business Continuity Plan.

We sent them the former because we consider it the same as the latter. While the investor accepted that we have a Disaster Recovery Plan, it rejected it as being also a Business Continuity Plan. We always thought these plans were basically the same thing.

Now we are scrambling to get them a Business Continuity Plan.

So, what is the difference between a Disaster Recovery Plan and a Business Continuity Plan?

It may seem like a Disaster Recovery Plan is just another way of saying Business Continuity Plan. But they are fundamentally different, and each serves different purposes. Both plans should interface with each other in complementary ways.

You cannot expect a Disaster Recovery Plan to act as a proxy for a Business Continuity Plan. Nor can you use a Business Continuity Plan to act as a proxy for a Disaster Recovery Plan. If you try that tactic with regulators, they will cite you with adverse findings. If you are state licensed, banking departments may share those findings with other states where you’re licensed. Federal prudential regulators will also likely issue adverse results.

And what are we describing here?

We are describing how to ensure the company remains viable when faced with significant threats to its existence. So, I will give you some pointers that will help you to know the difference between these two essential documents. But be advised: just as a bird does not fly on one wing, a company cannot depend on only one of these plans. It must have both!

Our firm has identified six factors to disaster recovery and business continuity. 

These are:

1. Disaster Planning

2. Business Impact Analysis

3. Business Continuity management

4. Business Continuity Plan

5. Recovery Time Objectives

6. Deployment

Without getting too detailed about each of these factors, I am going to focus on your specific question, which is: what is the difference between a Disaster Recovery Plan and a Business Continuity Plan?

Let’s begin with this concept: every Business Continuity Plan (BCP) contains a Disaster Recovery Plan (DRP). This is because the DRP is focused on data recovery and integrity, whereas the BCP is focused not only on data recovery and integrity but also on the many elements involved in the continuation of a business enterprise. Think of it this way: the BCP is business-centric, whereas the DRP is data-centric.

The BCP resolves certain tactical questions involving business operations confronted with the disruption of the business entity, such as:

- Does the company have a business continuity plan in place for continuation?

- Who are the management and staff personnel in charge of business operations?

- How does the company respond to vendors and third-party relationships?

- What challenges are anticipated and readied to fulfill obligations?

- How does the company maintain customer loyalty and public confidence?

- What aspects of the company need to be first recovered to stay in business?

- How prepared is the company to operate remotely?

- What are the financial costs of downtime to the company?

Some of the foregoing depend on the ability of the company to recover its data quickly, effectively, and broadly. If the DRP is flawed, all of that is imperiled; to wit, loss of reliability, diminished scope, inability to scale up, and persistence of downtime after the disruption has passed. Typical disasters and disruptions are wars, terrorist attacks, storms, hurricanes, tornados, pandemics, epidemics, fires, earthquakes, electric outages, and floods.

From the point of the various risks – for instance, risks to reputation, legal, regulatory, operational, financial, compliance, security, fraud, and competition – failure to implement the requirements of a DRP and BCP could mean the company will not survive the disaster.

The DRP resolves specific tactical questions involving data recovery and data integrity if there is a disruption of the business entity, such as:

- Does the company have a disaster recovery solution in place for its data?

- Can the company rely on and trust the data that is recovered?

- How long will it take to recover the data from backup solutions?

- What is the projected downtime caused by the impedance to data?

- Is there an offsite copy or data center for managing data?

- What are the recovery goals and staged recovery plans?

- Are applicable network resources available to users?

- Are critical systems identified and prioritized?

It doesn’t matter if the DRP and the BCP are in separate documents or situated as sections in a single document. Many companies choose to combine them for ease of use and training of employees. Lenders Compliance Group has three primary elements in a single document: disaster recovery; business continuity; and pandemic response. More information HERE.

Whatever the case, it is essential to keep these plans updated, as multifarious new requirements and challenges present themselves in an ongoing, dynamic business environment.

Ideally, a BCP due diligence should begin with a Business Impact Analysis (BIA). Although it has a kind of ominous title, this process is no more than a set of procedures that identify how a disaster could impact a company. If that is not known, how can the company develop strategies to survive a disruptive event?

Then, it is important to use the BIA to design survival strategies. This is done by filling the gaps in the existing capabilities by mitigating them through using the BIA recommendations. Next, develop a plan, which reduces to writing the ways and means to ensure business continuity. That plan should be made available to all affected employees. Finally, the company should test the plan periodically, simulate a disruption, and learn from each test how to improve.

Ideally, a DRP review undertakes an evaluation of a company’s ability to tolerate minor to major data failures. It considers such adverse events as hacking, malware, data corruption, data breaches, and many potential IT infrastructure failures. As a subset of the BCP, the DRP is meant to keep the business running, reducing the effects of the disruption, and allowing the company to gradually emerge from a disaster intact and capable of continuation.

Whereas the BCP aims at an overall approach to surviving a disaster, the DRP must proceed along certain steps to effectuating its design. The process begins with outlining needs and objectives; that is, the DRP must reflect the company’s business model, meet risk analysis guidelines, determine the files and infrastructure features to maintain, and set forth some of the threats it seeks to mitigate. Without that information, it is not really possible to restore information adequately or regain productivity.

Then, the DRP needs to take stock of its components, such as hardware; software; and data. Finally, the plan should be developed with specificity, clarity, practicality, and ease of use. Affected employees should be trained appropriately, and, importantly, ongoing monitoring and testing must be implemented.

There is a natural ebb and flow to updating the DRP and BCP. Keep them updated as changes occur in the business model, regulatory and legal environment, and technology. Management should be focused like a laser beam on Disaster Recovery and Business Continuity.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Friday, October 23, 2020

COVID-19 Online Resources

We purchased your Business Continuity Plan recently. Over the last few weeks, we have been using it as a guide. We like the idea that one of the Directors spends time with us at the outset to make sure we understand the plan’s requirements. 

Now, we are building an online website for our employees to handle disaster recovery, business continuity, and pandemic issues. We want a website page with resources for all these areas, and especially we need resources for the COVID-19 challenges. 

Your Business Continuity Plan Checklist provides a huge number of resources and informative links. 

Do you have any suggested COVID-19 links that we can put on our new website?

Thank you for this question, as it gives me a chance to provide some additional feedback. I think you should be using - 

(A) our complimentary Checklist – Business Continuity Plan Checklist (Includes COVID-19 Pandemic Response) – along with -

Taken together, they provide a considerable amount of information that will strengthen your business continuity as well as your pandemic response.

The Checklist is now 208 pages and is on Update # 7. Update # 8 will be published as soon as the next stimulus is signed into law. The Plan is available, of course, and one of our Directors does a “walkthrough” with you to answer questions and show you how to use it.

I do have some suggested resource links that, in my view, should be placed on your new website. It is a good idea to notify your visitors that a new link has been added. Keep your visitors current all the time, because the pandemic is dynamic, meaning it spreads and mutates in complex ecosystems. Today’s medical and statistical information may differ from yesterday’s analyses.

Following basic hygienic guidelines will not change: wear protective masks (viz., protect yourself and others), maintain social distancing, wash hands, avoid meetings where people are arranged closely together, stay clear of settings where aerosol transmission easily happens. 

Be alert to changes in federal and state responses to the coronavirus, as politics has unfortunately been contaminating scientifically derived guidance. That places an extra burden on your website because visitors are going there for facts, not politics; and they want reliable scientific and medically reliable resources, not controversy and opinions.

Providing online resources is a great idea. Don’t be concerned if some visitors dispute the reliability of some links. People tend toward confirmation bias, so they screen out what they don’t want to believe. Don’t be surprised if some visitors say they do not believe in science. Science is not a belief; it is not subject to faith; it does not accept unfalsifiable theories. To date, the scientific method is the best means known to humankind to validate and verify physically identifiable aspects of life. Give visitors a chance to use the links, and most of them will be grateful that your organization takes everyone’s health and welfare seriously.

The following are some online links that I suggest you consider for the COVID-19 pandemic. They run the range from statistical information to preparation and also to progress regarding treatments and vaccines. – Tracking COVID-19  

Coronavirus Dashboard 

Coronavirus Tracker  

COVID-19 Tracking Project

COVID World Map, The Guardian – Coronavirus 

Johns Hopkins – DOVID-19 Dashboard 

Rt (Effective Reproduction Number) 

Worldometer – Coronavirus (Countries) 

Worldometer – Coronavirus (USA) 

Worldometer – Coronavirus (World) 

A word about the Rt (Effective Reproduction Number) listed above. 

The statistic, Rt, measures how fast the virus is growing. It is the average number of people who become infected by an infectious person. If Rt is above 1.0, the virus will spread quickly. If Rt is below 1.0, the virus spread slows down and eventually stops. The idea is that it is not possible to capture the exact moment when somebody becomes infected. Instead, scientists do a sort of reverse engineering. Thus, data such as derived from testing, hospital admissions, and deaths, are used to estimate the velocity of propagation of the virus.

Mathematically, if the Rt (effective reproduction number) is greater than one (viz., >1.0), the rate of spread increases exponentially; that is, the rate of change accelerates rapidly, and the virus propagates quicker and quicker. 

Medically, this means that there are more and more infections and many more deaths involving the coronavirus and deaths related to comorbidities - the coexistence of two or more disease processes (such as heart disease, diabetes, asthma, cancer) - affected by the coronavirus infection.

Economically and logistically, any population growing exponentially must, sooner or later, encounter shortages of various resources, such as beds in ICU, availability of medications, medical staff, medical supplies, and gradual financial incapacitation. 

It is only by bringing the effective reproduction rate down that we can return to some semblance of normality. Monitor the Rt for your state, and proceed with appropriate caution and care.

Finally, I recommend that you hold periodic calls to discuss the new website, particularly emphasizing your company’s safe hygiene plans. Encourage questions and suggestions. Act as a team, as a corporate family, and you will get through the pandemic knowing that you have done all you could to ensure a safe and healthy world for you, your colleagues, and your families.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

Thursday, October 15, 2020


We are involved in doing an annual update of the policy for the Fair Credit Reporting Act. During this review, we realized that we did not have a section for the CARES Act. Our compliance department provided guidance all along in implementing the requirements, but nobody had yet updated the policy itself.

We are writing to you to get some guidance on the important areas to cover in our FCRA policy with regard to the CARES Act. I realize you can’t discuss every possibility, but some general guidance would really be appreciated.

What are some important FCRA compliance areas that must be implemented in regard to the CARES Act?

In my view, policy documents should be reviewed annually and updated periodically as changes occur in applicable laws, rules, best practices, regulations, and implications of case law – federal and state. It seems you’re on the right track, inasmuch as you are doing an annual update, which, in this instance, helps to show the need for an additional section.

Congress enacted the Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”).[i] It was a $2.2 trillion economic stimulus bill passed by the 116th U.S. Congress. It was signed into law by the President on March 27, 2020, in response to the economic challenges caused by the COVID-19 pandemic in the United States. We have outlined it at length in our complimentary Business Continuity Plan with Pandemic Response.

Thus, Congress passed the CARES Act to minimize the impact of the COVID-19 pandemic. The CARES Act places essential requirements on companies that furnish information to consumer reporting agencies about consumers affected by the COVID-19 pandemic.[ii]

Briefly described, the CARES Act initially included spending of $300 billion in one-time cash payments to individual Americans (with most single adults receiving $1,200 and families with children receiving more), $260 billion in increased unemployment benefits, the creation of the Paycheck Protection Program that provides forgivable loans to small businesses with an initial $350 billion in funding (later increased to $669 billion by subsequent legislation), $500 billion in aid for large corporations, and $339.8 billion to state and local governments. Lawmakers refer to it as Phase 3 of Congress's coronavirus response.[iii]

On April 1, 2020, the CFPB issued a document with a title worthy of a gargantuan Elizabethan treatise: 

Statement on Supervisory and Enforcement Priorities 
Regarding the Fair Credit Reporting Act
and Regulation V
in Light of the CARES Act.[iv] 

In this issuance, the CFPB sought to inform furnishers of their responsibilities under the CARES Act amendments to the Fair Credit Reporting Act (FCRA), stating that the “Bureau expects furnishers to comply with the CARES Act.” Under the CARES Act’s amendments to the FCRA, a consumer whose account was not previously delinquent is current on their loan if they have received an “accommodation” and make any payments the accommodation requires. 

Therefore, the CFPB has issued substantive guidance on consumer reporting during the COVID-19 pandemic. It issued its own FAQs to address the responsibilities companies have under the CARES Act and the Fair Credit Reporting Act (FCRA) when they furnish information to consumer reporting agencies about consumers impacted by the crisis.[v] The FAQ was meant to be a “Compliance Aid” – which is CFPB Newspeak for Consult a Compliance Professional.

Here are a few important provisions to put into the new FCRA section relating to the CARES Act. I provide some citations for you to reference in your research and policy development.

Furnishers must report as current certain accounts for consumers affected by the pandemic. The CFPB expects furnishers to comply with the CARES Act, and it is enforcing the FCRA, as amended by the CARES Act, and its implementing regulation, Regulation V.

Violations of the FCRA
The FCRA requires furnishers and consumer reporting agencies to conduct investigations of disputes within specified timeframes. Furnishers and consumer reporting agencies remain responsible for conducting reasonable investigations of consumer disputes in a timely fashion. CFPB expects furnishers and consumer reporting agencies to make good faith efforts to investigate disputes as quickly as possible when they are impacted by COVID-19.

The CARES Act addresses accommodations to consumers impacted by COVID-19. An accommodation includes any payment assistance or relief granted to a consumer who is affected by the COVID-19 pandemic during the period from January 31, 2020, until 120 days after the termination of the COVID-19 national emergency declared by the president on March 13, 2020 under the National Emergencies Act.[vi] Such an accommodation includes, for instance, agreements to defer one or more payments, make a partial payment, forbear any delinquent amounts, or modify a loan or contract.[vii]

Pandemic Accommodations
Under the CARES Act, there is a requirement that furnishers provide accommodations to consumers impacted by the pandemic. The CARES Act requires accommodations for two specific types of loans: (1) consumers with a federally backed mortgage loan (as that term is defined in the CARES Act) may obtain a forbearance from their mortgage servicer upon request, and the borrower’s attestation of a financial hardship due to the COVID-19 emergency;[viii] and (2) the CARES Act provides automatic suspension of principal and interest payments on federally held student loans through September 30, 2020.[ix]

Reporting Obligations
If the credit obligation or account was current before the accommodation, during the accommodation the furnisher must continue to report the credit obligation or account as current. If the credit obligation or account was delinquent before the accommodation, during the accommodation the furnisher cannot advance the delinquent status.

Reporting Considerations
If furnishers are reporting information about a credit obligation or account that is current, they should consider all of the trade line information they furnish that reflects a consumer’s status as current or delinquent. For instance, information that a furnisher provides about an account’s payment status, scheduled monthly payment, and the amount past due may all need to be updated to accurately reflect that a consumer’s account is current consistent with the CARES Act.[x]

Special Comment Codes
Reporting of accommodations simply by using a special comment code to report a natural or declared disaster or forbearance is not permitted. Furnishing a special comment code indicating that a consumer with an account is impacted by a disaster or that the consumer’s account is in forbearance does not provide consumer reporting agencies with the information required by the CARES Act and, therefore, furnishing such a comment code is not a substitute for complying with the requirements.

Product Line Reporting
A furnisher may want to report all of their consumers’ accounts or all of their consumers’ accounts in a particular product line as in forbearance. However, the CFPB cautions against this approach, as it may increase the risk of inaccurate reporting and customer confusion.[xi]

Reporting Delinquencies and Terminations 
The consumer reporting protections of the CARES Act continue to apply to the time period that was covered by the accommodation after the accommodation ends. Assuming payments were not required or the consumer met any payment requirements of the accommodation, a furnisher cannot report a consumer that was reported as current pursuant to the CARES Act as delinquent based on the time period covered by the accommodation after the accommodation ends. A furnisher also cannot advance the delinquency of a consumer that was maintained pursuant to the CARES Act based on the time period covered by the accommodation after the accommodation ends.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group

[i] Pub. L. 116-136
[ii] The CFPB previously issued a statement informing lenders that they must comply with the credit reporting requirements of the CARES Act. The CFPB released FAQs on June 16, 2020, to “ensure that consumers receive the credit reporting protections required by the CARES Act.”
[iii] Phase 1 was an $8.3 billion bill spurring coronavirus vaccine research and development (the Coronavirus Preparedness and Response Supplemental Appropriations Act, 2020), which was enacted on March 6, 2020. Phase 2 was an approximately $104 billion package largely focused on paid sick leave and unemployment benefits for workers and families" (the Families First Coronavirus Response Act), which was enacted on March 18, 2020.
[v] The FAQs can be accessed at
[vi] CARES Act, Pub. L. 116-136, section 4021, codified at FCRA section 623(a)(1)(F)(i)(I), 15 U.S.C. 1681s-2(a)(1)(F)(i)(I)
[vii] Idem
[viii] See Joint Statement on Supervisory and Enforcement Practices Regarding the Mortgage Servicing Rules in Response to the COVID-19 Emergency and the CARES Act, April 3, 2020, CFPB, FRB, FDIC, NCUA, OCC, CSBS See also The Bureau’s Mortgage Servicing Rules FAQS related to the COVID-19 Emergency, CPFB, April 3, 2020
[ix] For more information on the CARES Act requirement to suspend payments for Federally held student loans, see CARES Act, Pub. L. 116-136, section 3513.
[x] See FCRA section 623, 15 U.S.C. 1681s-2; 12 CFR part 1022, subpart E
[xi] Idem

Thursday, October 8, 2020

Marketing Services Agreements: RESPA Section 8 Pitfalls

We are a large mortgage lender that uses a Marketing Service Agreement (“MSA”) in many relationships. I am the company’s General Counsel. We have a Compliance Manager. 

Recently, the Consumer Financial Protection Bureau (CFPB) cited us for violations of RESPA Section 8 with respect to defective MSAs. I realize that this is a highly litigious area. We have retained outside counsel for these agreements, yet we still seem to be locking horns with the CFPB.

My staff and the compliance people are avid readers of your Mortgage FAQs. We believe that you can shed additional light on how to go about training our management on the risks of MSAs.

We are drafting a PowerPoint for our Executive Management on the risks associated with MSAs. In preparing it, we would like to get your view of the following four areas in particular.

(1) What are Marketing Services Agreements?

(2) What distinction may be made between referrals and marketing services?

(3) What criteria may be applied to determine if an MSA is unlawful?

(4) Are there some examples of MSAs that are prohibited?

Thank you for your question. The risks relating to MSAs are enormous not only in incurring potential litigation but also in operational, strategic, financial, and regulatory risks. Enter these waters very cautiously and guardedly. If you are not thoroughly versed in MSAs, bring in legal counsel or highly competent compliance professionals to guide you. As General Counsel, you must understand that MSAs have far-reaching implications beyond contract law.

I will answer each of your questions with the proviso that you understand I cannot here provide legal advice and my remarks are not to be construed as such. Each MSA must be separately evaluated, and the entire corporate and legal structure on which each and every MSA sits must be taken into consideration.

(1) What are Marketing Services Agreements?

First, let us define a Marketing Services Agreement (“MSA”). It is an agreement that commonly involves an arrangement where a person or entity agrees to market or promote the services of another and receives compensation in return.

MSAs may involve only settlement service providers or may also involve third parties that are not settlement service providers. For instance, an MSA exists when a mortgage loan originator agrees to market or promote the services of a real estate agent in return for compensation.

Now, what is a lawful MSA? A lawful MSA is an agreement for the performance of marketing services where the payments under the MSA are reasonably related to the value of services actually performed.[i] To be clear, this is distinguished from an MSA that – whether oral, written, or indicated by a course of conduct, and looking to both how the MSA is structured and how it is implemented – involves an agreement for referrals. But, unlike referrals, marketing services are compensable services under RESPA.[ii]

Moreover, when a person performing settlement services receives payment for performing marketing services as part of a real estate transaction, the marketing services must be actual, necessary, and distinct from the primary services performed by the person. These marketing services cannot be nominal, and the payments cannot be for a duplicative charge or referrals.[iii]

(2) What distinction may be made between referrals and marketing services?

This is a fact-specific question as to whether a particular activity is a referral or a marketing service for purposes of the analysis under RESPA Section 8(a).

In RESPA Section 8(a), referrals include any oral or written action directed to a person where the action has the effect of affirmatively influencing the selection of a particular provider of settlement services or business incident thereto by a person paying a charge attributable to the service or business.[iv] For instance, referrals include a settlement service provider directly handing clients the contact information of another settlement service provider that happens to result in the client using that other settlement service provider.

However, a marketing service is not directed to a person; rather, it is generally targeted at a wide audience. Thus, placing advertisements for a settlement service provider in widely circulated media (i.e., a newspaper, a trade publication, or a website) is a marketing service.

MSAs that involve payments for referrals are prohibited under RESPA Section 8(a), whereas MSAs that involve payments for marketing services may be permitted under RESPA Section 8(c)(2), based on the facts and circumstances of the structure and implementation. In furtherance of explicating this question about referrals and marketing services, please read my answers to questions (3) and (4).

(3) What criteria may be applied to determine if an MSA is unlawful?

MSAs are not referenced in RESPA or Regulation X. Although entering into, performing services under, and making payments under MSAs are not, by themselves, prohibited acts under RESPA or Regulation X, the determination of whether an MSA itself or the payments or conduct under an MSA is lawful depends on whether it violates the prohibitions under RESPA Section 8(a) or RESPA Section 8(b), or is permitted under RESPA Section 8(c). And that analysis under RESPA Section 8 depends on the facts and circumstances, including the details of the MSA and how it is both structured and implemented.

The following describes how specific provisions of RESPA may be used to frame that analysis.

Under RESPA Section 8(a), if an MSA involves an agreement or understanding to refer business incident to or part of a settlement service in exchange for a fee, kickback, or thing of value, then the MSA or conduct under the MSA is prohibited. Therefore, this includes, but is not limited to, agreements structured or implemented to provide payments based on the number of referrals received.

Under RESPA Section 8(b), if the MSA serves as a method of splitting charges made or received for real estate settlement services in connection with a federally related mortgage loan, other than for services actually performed, the MSA or the conduct under the MSA is prohibited. MSAs would violate RESPA Section 8(b) if they disguise kickbacks by purporting to provide payment for services, but a split charge is paid even though the person receiving the split charge does not actually perform services. Or, a violation of RESPA Section 8(b) occurs if the services are performed, but the amount of the split charge exceeds the value of the services performed by the person receiving the split.

Under RESPA Section 8(c)(2), however, if the MSA or conduct under the MSA reflects an agreement for the payment for bona fide salary or compensation or other payment for goods or facilities actually furnished or for services actually performed, the MSA or the conduct is not prohibited.[v]

RESPA Section 8(c)(2) does not apply to MSAs that involve payments for referrals because they are not agreements for marketing services actually performed. RESPA Section 8 does not prohibit payments under MSAs if the marketing services are actually provided, and if the payments are reasonably related to the market value of the provided services only.

Note: Under Regulation X, the value of the referral (i.e., any additional business that might be provided by the referral) cannot be taken into consideration when determining whether the payment has a reasonable relationship to the value of the services provided.[vi]

(4) Are there some examples of MSAs that are prohibited?

Obviously, there are a plethora of scenarios where MSAs are prohibited.

Let’s reiterate that an MSA can be lawful under RESPA if it is structured and implemented consistently as an agreement for the performance of actual marketing services and where the payments under the MSA are reasonably related to the value of the services performed.[vii]

However, MSAs can be unlawful when entered into based on their structure or can become unlawful based on how they are implemented. The CFPB has enforced violations of RESPA Section 8 in investigations that involved the use of oral or written MSAs. An MSA is or can become unlawful if the facts and circumstances show that the MSA as structured, or the parties’ implementation of the MSA – in form or substance, and including as a matter of course of conduct – involves the following features:

  • An agreement to pay for referrals.
  • An agreement to pay for marketing services, but the payment is in excess of the reasonable market value for the services performed.
  • An agreement to pay for marketing services, but either as structured or when implemented, the services are not actually performed, the services are nominal, or the payments are duplicative.
  • An agreement designed or implemented in a way to disguise the payment for kickbacks or split charges.
Consider this scenario: a lender enters into an MSA with a real estate agent that also makes referrals to the lender. The MSA requires the real estate agent to perform marketing services, including deciding on and coordinating direct mail campaigns and media advertising for the lender. But, the real estate agent either does not actually perform the MSA’s identified marketing services or the real estate agent is paid compensation that is in excess of the reasonable market value of those marketing services.

In this scenario, the lender and real estate agent would not meet the standard in RESPA Section 8(c)(2), because the marketing services are not actually provided or the payments are not reasonably related to the value of the marketing services provided.[viii] Furthermore, in this scenario if the MSA was structured or implemented as a way for the lender to compensate the real estate agent for client referrals to the lender, the MSA would violate RESPA Section 8(a).

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group
[i] 12 USC § 2607(c)(2); 12 CFR § 1024.14(g)(1)(iv)
[ii] 12 CFR § 1024.14(b) and (g)(2)
[iii] 12 CFR § 1024.14(b), (c), and (g)(3)
[iv] 12 CFR § 1024.14(f)(1)
[v] 12 USC § 2607(c)(2); 12 CFR § 1024.14(g)(1)(iv)
[vi] 12 CFR § 1024.14(g)(2). See also 12 CFR § 1024.14(b)
[vii] 12 USC § 2607(c)(2); 12 CFR § 1024.14(g)(1)(iv) and (g)(2)
[viii] 12 CFR § 1024.14(g)(1)(iv)

Thursday, October 1, 2020

Electors and the Will of the People

We are grateful for your Business Continuity Plan. Over the last few months, we have relied on it to keep the company safe through the pandemic. We put up a bulletin board that posts all the updates and pandemic news, too. 

We are giving everyone off to vote on Election Day, even those of us who have been working remotely. Everyone will be paid, and that is hundreds of people! Last week a poster said that it didn’t matter if we voted because our state’s electors are able to overrule our vote. 

We need some guidance in responding to that poster because others are now saying the same thing, and it is demoralizing a lot of employees. We want to know that our vote counts! 

Can you provide some guidance or a statement that tells us if this poster’s view – that electors can overrule our vote – is correct?

Thank you for working with our Business Continuity Plan. It would be best if you were keeping it current at all times, as business continuity is critical to a company’s survival in the face of a range of debilitating events. Our Business Continuity Plan is inexpensive, comprehensive, user friendly, and collaboratively drafted with one of our Subject Matter Experts. You can get information about the Business Continuity Plan by clicking HERE.

I will answer your question, although it is a bit off the beaten path of regulatory compliance. However, inasmuch as your concerns derive from providing business continuity initiatives to your fellow employees, I think it is important to set forth certain salient facts. I make no claim here to providing legal advice, and I am certainly not an expert in election law. If you have further questions, I suggest you contact the election authorities in the states where your employees vote.

Let me begin by restating your question, as follows: May a state legislature appoint a preferred slate of electors to override the will of the people after the election?

First, allow me to provide a brief overview. As you may know, the president is chosen by the Electoral College. The Electoral College consists of electors from each state. The Electoral College is established in Article II, Section 1 of the U.S. Constitution, and it was given specific procedures, as set forth in Article II, Section 1, Clause 3. But the Twelfth Amendment to the Constitution replaced the initial procedures with the procedures for electing the president and the vice president, which essentially provided for separate votes for president and vice president, and specified that those individuals must be from different states.

The term “Electoral College” is found nowhere in the Constitution.[i] The body or entity that is called the Electoral College meets every four years exclusively to elect the president and vice president. Currently, there are 538 electors. A majority of at least 270 electoral votes wins. Article II, Section 1, Clause 2 of the Constitution provides that each state legislature is required to determine how electors for that state are to be chosen. Any person holding a federal office, either elected or appointed, is disqualified from being an elector.

The Constitution gives Congress the choice of when presidential electors must be appointed. It gives state legislatures the power to choose the manner of appointing them. In carrying out these constitutionally delegated powers, Congress designated Election Day as “the Tuesday after the first Monday in November.” For more than a century, all states have selected their electors based on the popular vote.

Although the power to choose the manner in which electors are appointed means that state legislatures theoretically could reclaim the ability to appoint electors directly before Election Day,[ii] they may not substitute their judgment for the will of the people by directly appointing their preferred slate of electors after Election Day. Nor may they use delays in counting ballots or resolving election disputes as a pretext for usurping the popular vote.[iii] Doing so would violate federal law and undermine fundamental democratic norms, and it could also jeopardize a state’s entitlement to have Congress defer to its chosen slate of electors. I will return to counting ballots and disputes shortly.

Although it may seem that we are voting directly for the president and vice president, when we cast our votes for president, in reality we do not do so directly. Instead, we vote for electors who then choose the president and vice president. This process is governed by provisions in the U.S. Constitution and federal and state laws.

Secondly, the Constitution provides that each state must appoint its slate of electors for president “in such Manner as the Legislature thereof may direct.”[iv] The legislature in each state, therefore, receives a power called “plenary power” to determine how the state will select its electors.[v] The electors chosen by each state must “meet in their respective states and vote by ballot for President and Vice President,” then transmit lists of all their votes to the President of the Senate for counting “in the presence of the Senate and House of Representatives.”[vi]

While the Constitution gives states, through their legislatures, the power to choose the manner for appointing electors, it delegates to Congress the power “to determine the time of chusing (sic) Electors.”[vii] The Constitution, in turn, provides that all states must appoint their electors on the “Tuesday after the first Monday in November, in every fourth year succeeding every election of a President and Vice President” – which falls on November 3rd this year.[viii]

That November day is widely known to Americans as Election Day.

Thirdly, when a state has held an election, the legislation may not substitute its judgment for the will of the people. To do so would be an instance of a state legislature usurping the popular vote, which would violate federal law.

Once a state has held an election, a state legislature’s post-Election Day appointment of its own preferred slate of electors not only would contravene this fundamental democratic norm, it would also violate federal law requiring that all states must appoint their electors on Election Day (viz., the “Tuesday after the first Monday in November, in every fourth year succeeding every election of a President and Vice President”).[ix]

Furthermore, a state legislature’s attempt to substitute its preferred electors for those chosen through a popular election held pursuant to state law would also deprive the state of protections in federal law that require Congress to honor the state’s chosen electors. Indeed, the Electoral Count Act (“ECA”) includes a “safe harbor” provision that treats as “conclusive” a state’s chosen slate of electors if two criteria are satisfied:

(1) the electors must be chosen under laws enacted prior to Election Day, and

(2) the selection process, including the final resolution of any disputes, must be completed at least six days prior to the meetings of the electors.[x]

This year, the ECA “safe harbor” deadline is December 8, 2020.

A post-Election Day appointment of a state legislature’s preferred slate of electors would almost always deviate from the legal process for appointing electors established by the state prior to Election Day, with the possible exception of North Carolina.[xi] Although the ECA’s “safe harbor” criteria are not mandatory, the consequences of failing to adhere to them are significant. Losing the “safe harbor” protection leaves Congress to decide which electors to count from a state, without mandatory deference to the preferences of either the state’s voters or legislature.[xii]

Fourthly, a state legislature substituting its preferences for the will of the voters raises several Constitutional concerns. To be sure, a state legislature’s post-Election Day substitution of its own preferences for those of voters raises constitutional concerns.[xiii] The Supreme Court has explained that “[w]hen the state legislature vests the right to vote for President in its people, the right to vote as the legislature has prescribed is fundamental,” and is subject to constitutional due process and equal protection guarantees.[xiv]

The due process clause, in particular, protects citizens’ reasonable reliance on the expectation under state law that they will be able to meaningfully exercise their fundamental right to vote.[xv] Even though this due process interest has most commonly been recognized in the context of protecting economic interests or preventing the retroactive application of punitive laws, “the principle is broad enough to encompass changes in voting rules that inappropriately unsettle reasonable expectations concerning the operation of the voting process,” as a post-Election Day legislative usurpation of the popular vote would surely do.[xvi]

Finally, it would take an extraordinary, virtually unprecedented, systemic failure in the election procedures that far exceed mere election delays and disputes to justify a state legislature’s intervention. Congress exercises its authority to decide when states must appoint their electors by designating a uniform federal Election Day. By the way, that does not mean that states cannot allow for early or absentee voting, of course, as all do in some form. In any event, pursuant to the ECA, the election must be held (and the casting of votes generally must be completed) on Election Day. There is a single, narrow exception to that statutory mandate which provides that where a “State has held an election for the purpose of choosing electors, and has failed to make a choice on the day prescribed by law,” the state’s electors may be appointed on a later date “in such a manner as the legislature of such State may direct.”[xvii]

Thursday, September 24, 2020

Ignoring Ability-to-Repay

We had been requested to extend credit to a borrower whom our underwriter believed did not qualify based on the ability to repay the loan. I am an underwriter, but was not involved in this loan. I hate to say it, but politics got involved, and the powers-that-be took the loan into the credit committee, and the loan was approved. 

Now it is eight months after closing. The borrower stopped paying four months ago, and all efforts to collect have been in vain. This loan is heading into foreclosure. But the situation could have been avoided in the first place. 

We underwriters got together and decided to ask you to give us a statement of support to show the credit committee, so they know not to let this happen again. 

Our question is, what happens when a lender does not comply with the Ability-to-Repay regulation?

I agree with you; based on your brief outline, this should not be happening. When a borrower does not have the ability to repay, it puts not only the financial institution at risk but the borrower too. In the long run, everyone fails. For a statement of support, I will provide a cursory overview of Ability-to-Repay, followed by an outline of a case that demonstrates the kind of litigation that can be engendered.

The Truth-in-Lending Act (TILA), as amended by the Dodd-Frank Act, prohibits a creditor from extending a residential mortgage loan unless the creditor makes a reasonable and good faith determination based on verified and documented information that, at the time the loan is consummated, the consumer has a reasonable ability to repay (ATR) the loan, according to its terms, along with all applicable taxes, insurance, and assessments. The applicable statute is remarkably detailed about how a lender must determine ability-to-repay. Much of these procedures stem from the challenges that arose from the 2008 financial crisis.

The statute specifies that a determination of ATR must include consideration of the consumer’s credit history, current income, expected income the consumer is reasonably assured of receiving, current obligations, debt-to-income ratio, or the residual income the consumer will have after paying non-mortgage debt and mortgage-related obligations, employment status, and financial resources other than the consumer’s equity in the property that secures the repayment of the loan. TILA also requires the creditor to determine ATR using a payment schedule that fully amortizes the loan over its term. In addition, the statute requires the creditor to verify amounts of income or assets relied on to determine ATR, including expected income or assets, by reviewing the consumer’s IRS form W-2, tax returns, payroll receipts, financial institution records, or other third-party documents that provide reasonably reliable evidence of income or assets.

The CFPB’s ATR Regulation, which is part of Regulation Z, contains even more specific requirements. For example, a lender that hopes a loan will be considered a “qualified mortgage” (QM) must ensure that the loan complies with an extensive set of criteria, including those set forth in Appendix Q to Regulation Z. A QM designation results in either a conclusive or rebuttable presumption that the lender complied with the extensive ability-to-repay requirements. I’ll discuss some observations about Appendix Q at the conclusion of this article.

Now to the case. It is a little convoluted but stick with me. I think you will benefit from an understanding of the litigation. Some of its features remind me of the situation you describe.

The U.S. Court of Appeals for the 6th Circuit recently had the opportunity to apply the ATR provisions to the circumstances of a borrower who had been an experienced real estate agent knowledgeable about mortgage products, but eventually faced some cognitive difficulties, though apparently not before negotiating the loan in question from a community bank.[i]

Husband, Elliot, submitted an application for a loan in his name alone to be secured by the home he owned with his wife, Golan. The two had been contemplating separating and had agreed to divide their real estate, with Golan relinquishing all interest in, and Elliot assuming all responsibility for, the home.

The loan application listed the amount of the loan as $315,000 to be repaid over 25 years with an interest rate of 4.875% and monthly payments of $1,818.59. The application listed Elliot's income, as follows: base employment income of $528.95 per month, spousal support of $2,300 per month, Social Security of $1,975 per month, and rental income of $1,400 per month.

To verify the spousal support income, the bank relied on representations by Elliot and Golan that they were going to sign a separation agreement requiring payment of spousal support to Elliot. The two executed a separation agreement, which provided for $2,200 per month, but not until nearly two months after Elliot's loan was consummated.

To verify rental income, the bank reviewed Elliot's tax returns. The returns showed rental income in the past, but not from the home property. 
Elliot leased a portion of the home property for $1,000 per month, but the bank did not know this. 

In November 2014, the bank’s loan committee rejected the loan application. After this rejection, Golan met with the bank’s president, explained it was important to her that Elliot be able to stay at the home property, indicated that she would enter into a separation agreement to cover Elliot's monthly mortgage payments, and said the separation agreement would require her to maintain a $250,000 life insurance policy with Elliot as beneficiary.

This is the point where I felt some similarity occurs between your loan and the loan involved in the lawsuit. Just as you claim that “politics” entered into the process even after your underwriter rejected the loan based on the ability-to-repay, so in the lawsuit the bank’s president intervened and reversed the loan committee’s rejection of the loan application.

Thus, the bank approved the loan, which involved a debt-to-income ratio of 37.367%, lower than the bank’s 40% minimum threshold, and credit scores of 652 and 663, which were near the bank’s guideline of 660.

But, after the loan closed, Golan paid spousal support for only a few months, then she stopped. According to Golan, she paid support until Elliot refused to perform the separation agreement. Elliot also was fired from his job.

The divorce court ordered Elliot to pay a substantial sum to Golan for real estate division and marital debt, which he would not have owed had he abided by the separation agreement. The divorce court ordered Golan to pay Elliot $250 per month for three years (not $2,300 as the Elliot's application had listed).

Now, this is where things turn for the worse, and the bank becomes embroiled in a huge loss mitigation issue. Elliot defaulted on the loan, and the bank sent him a notice of default. He sued the bank, alleging negligence in making the loan and a violation of TILA by making the loan without a reasonable and good faith determination that he had a reasonable ability to repay the loan and for failing to verify his stated income with documentation. The district court granted summary judgment for the bank.

The 6th Circuit reversed regarding TILA but affirmed as to the negligence claim: The bank had not complied with TILA’s ability-to-repay requirements.

The bank did not explain how it had verified Elliot's spousal support income with reliable third-party documents.[ii] Regulation Z’s specificity extends to the meaning of “third-party records,” which the regulation requires a lender to use “to provide reasonably reliable evidence of the consumer’s income or assets.”

A “third-party record” means “[a] document or other record prepared or reviewed by an appropriate person other than the consumer, the creditor, or the mortgage broker…, or an agent of the creditor or mortgage broker” or a copy of a filed tax return or a record the creditor maintains for an account of the consumer held by the creditor or if the consumer is an employee of the creditor or mortgage broker, a document or other record maintained by the creditor or mortgage broker regarding the consumer’s employment.

The bank requested a copy of the separation agreement, thereby suggesting it understood the need to verify and document the spousal support with a reliable third-party document such as an executed separation agreement. And the bank did not dispute that it had not reviewed the executed separation agreement, which it obviously could not have done because the parties did not sign the document until nearly two months after the loan closed.

Furthermore, to make matters even more egregious, the bank did not comply with Regulation Z,[iii] because it had not verified the listed rental income with any documents that established that income.

All things considered, exclusion of the spousal support and rental income would have resulted in a debt-to-income ratio of over 90% (sic), which under the bank’s own standard was too high to repay the loan.

The 6th Circuit agreed that the district court had properly granted summary judgment to the bank on the negligence claim because Elliot had not established that the bank owed him a duty. The prevailing state law provided that lenders owed no duty to prospective borrowers during negotiations about the terms and conditions of a loan. The court rejected his argument that the bank owed him a duty imposed by TILA because no state case law supported this argument.

Now, I will share a few observations.

The bank argued that it had complied with Regulation Z’s Appendix Q because, although Appendix Q generally requires a creditor to verify that spousal support payments “have been received during the last 12 months” to include those payments in an income calculation, Appendix Q authorizes a lender to

rely on “evidence that [spousal support] payments have been received” for “[p]eriods less than 12 months…, provided the creditor can adequately document the payer’s ability and willingness to make timely payments.”

Thursday, September 17, 2020

Essentials of Telemarketing Policy

You recently answered a question about a company not having a Do Not Call list. The answer you gave became the basis of a meeting about how to manage our telemarketing procedures. We have updated our policies and procedures and commenced the training of our internal sales force and external telemarketing firm. I can’t thank you enough for your timely advice.

But a subject came up in our meeting that I would like to discuss. In updating our policies and procedures, we could not find a list of chapter and section titles. We want to list them and then provide our requirements in the procedures. So, we decided to send this question to you with the hope that you will provide some of the elements needed in policy and procedures on telemarketing.

Our question is, then, what are some essential elements of the telemarketing policy and procedures?

I wrote about telemarketing violations last week in connection with the Do Not Call Registry and procedures as these relate to the Telemarketing Sales Rule. Given that you are currently following up on your telemarketing strategies and updating your policy document, I will offer some elements that should go into it.

You should contact us for a Telemarketing Tune-up, because a policy approach is only a foundational framework. Our audit is quick and cost-effective. It provides findings, recommendations, and a risk rating. Your telemarketing procedures should be evaluated for regulatory compliance. That is what the Telemarketing Tune-up does. If you are actively involved in telemarketing initiatives, you should get this audit done as soon as possible.

With respect to essential elements of a telemarketing policy, I would recommend that you have chapters and sections for the following subjects. My suggestions are not comprehensive because telemarketing strategies vary, and your policy should adequately reflect the variance. However, as a serviceable set of guidelines, I think you should consider these outlined elements fundamental to a solid telemarketing policy.

Permissible Hours
You should not be making telephone calls to consumers before 8 A.M. or after 9 P.M. local time at the call’s destination, unless the person being called has specifically agreed to let you call at another time.

Do Not Call Lists
This section would require on-going training and monitoring. For instance, among other things, you need to maintain a list of consumers who ask not to receive telemarketing solicitations, consumers whose names appear on the national Do Not Call list, tracking for honoring the requests of consumers who ask not to receive telemarketing solicitations, implementing a process to prevent telephone solicitations to any telephone number on your Do Not Call list or the national Do Not Call list, training, and keeping a version of the national Do Not Call Registry, obtained from the Registry no more than three months prior to the date any call is made, and maintain records documenting this process. Furthermore, you should be auditing contact with consumers to ensure you do not sell, rent, lease, purchase, or use the national Do Not Call database, or any part of it, for any purpose except compliance with the rules and to prevent telephone solicitations to telephone numbers registered on the national database.

Oral disclosures for Outbound Telephone Calls
Make it a requirement to disclose the following information truthfully, promptly, and in a clear and conspicuous manner, in any outbound telephone call to a potential new customer: your institution’s identity, the purpose of the call (viz., to originate mortgage loans), and that you originate mortgage loans. I suggest you contact us for compliance support in this area, as we are one of the few compliance firms in the country that provides Call Calibration, which is a methodology to audit and report on calls between a financial institution and consumers.

Artificial or Prerecorded Voice Calls
Be very careful in using this telemarketing strategy! You should not use artificial or prerecorded voice calls to a consumers’ homes (or business) unless you already have a business relationship with the persons being called. Be sure that any artificial or prerecorded voice message releases the line of the person being called within five seconds of notice that the called party has hung up. Your call should have a call identifier. Also, the beginning of any prerecorded message must clearly state your identity, and during or after any prerecorded message, you must state your telephone number.

Call Abandonment
You should not abandon more than 3 percent of calls answered by a person. Additionally, you must deliver a prerecorded identification message when abandoning a call.

Caller Identification
Always transmit caller identification (i.e., caller ID) information, when available, and do not block this information ever.

Facsimile Machines
Do not send unsolicited advertisements to facsimile machines. If you do send any fax, be sure to identify your institution as the sender.

Disclosures for Telephone and Direct Mail Solicitations
Yet another area that calls for Call Calibration! This is an area fraught with litigious minefields. Be sure to disclose the following information, orally or in writing, before a customer pays for any services offered in a telephone or direct mail solicitation: the total costs to receive the services offered; all conditions that must be satisfied to receive the services offered; if you have a policy of not making refunds, provide a statement of your policy; if you mention a refund policy, provide a statement of the key terms and conditions of the policy.

You should not misrepresent, directly or by implication, many forms of information, such as the total costs to receive any services offered; all conditions that must be satisfied to receive the services being offered; any features of your services; and any aspect of your refund policies. Steer away from ever saying that you are affiliated with, or endorsed by, any government or other organization. Be careful, too, about misrepresenting prize promotions, such as not disclosing any aspect of a prize promotion, not including (among other things) the odds of being able to receive a prize, misleading about the nature or value of the prize, or misstating that a purchase or payment is required to win a prize or to participate in a prize promotion. Consider Call Calibration when conducting telemarketing campaigns involved prize promotions.

Verifiable Authorization
You should obtain express verifiable authorization before submitting a check, draft, or other form of payment from a person’s account as the result of your telemarketing efforts in one of three ways: in writing; by tape-recording an oral authorization that contains references to the date of the draft or other form of payment, its amount, your name, your telephone number for consumer inquiries, and the date of the authorization; and by providing written confirmation of the transaction, including the date of the draft or other form of payment, its amount, your institution’s name and telephone number for consumer inquiries, and the date of the customer’s oral authorization

False or Misleading Statements
I would insert a separate section for this policy element, even though it includes aspects of the section on Misrepresentation outlined above. Use this section to set forth definitions of false and misleading statements and provide examples of each.

Assisting in Violations
Include a section that states how your institution will not assist anyone else in deceptive or abusive telemarketing acts or practices when you know or should know the other person is violating the FTC or FCC rules. Such an affirmation is important, and will be looked upon favorably by regulators during an audit.

Abusive Acts or Practices
This is a thorny area filled with problematic pitfalls and potential litigation. Threats, intimidation, or the use of profane or obscene language is only the start. It may seem obvious that you should not request or receive payment of any fee before a loan is originated if you have guaranteed or represented a high likelihood of success in obtaining the loan. But there is far more involved in these telemarketing hurdles. For instance, you should not initiate a telephone call, other than a call for emergency purposes or with the prior express consent of the called party, using an automatic dialing system or an artificial or recorded voice, to emergency lines, health care facilities, radio common carriers, or any number for which the called party is charged for the call. Expanding abusive acts further, you should not (1) use an automatic dialing system to make calls that simultaneously engage two or more lines of a multi-line business; (2) disconnect an unanswered telemarketing call prior to at least 15 seconds or four rings; (3) guarantee or assure customers regarding the likelihood of loan approval; (4) cause any telephone to ring or engage any person in telephone conversation repeatedly or continuously with the intent to annoy, abuse, or harass; and (5) initiate an outbound telephone call to a person when that person previously has stated he or she does not wish to receive an outbound telephone call from your institution. Use Call Calibration to monitor for abusive acts or practices.

Recordkeeping (24 Months)
Be sure to include a section on recordkeeping. All substantially different advertising materials must be kept for 24 months. Keep the name and last known address of each customer, the loan made, the date the loan was closed, and the amount paid by the customer in connection with the loan. Keep also the name, any fictitious name used, the last known home address and telephone number, and the job title(s) for all current and former employees directly involved in telephone sales. If you permit employees to use fictitious names, you must be able to trace each fictitious name to only one employee. And, maintain all verifiable authorizations required under the rules. With respect to prize offers, keep the name and last known address of each prize recipient and the prize awarded for prizes having a value of $25 or more.

Recordkeeping (60 Months)
Keep all Do Not Call requests for 60 months, including any consumer requests to not receive solicitations.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group