QUESTION
We are a lender that subservices our loans through a reputable servicer. We originate Fannie Mae, Freddie Mac, USDA, FHA, VA, HECM, and Non-QM loan products. Our internal audit identified that we should have monitoring and control procedures in place for our subservicer.
We already have a Loan Servicing Quality Control Plan. However, we do not have a separate policy for monitoring and controlling the subservicer function. Our internal auditor recommends that we establish such a policy immediately.
As the General Counsel and Compliance Officer, I am responsible for ensuring that we meet all regulatory and legal requirements in our loan originating and servicing activities. I would like your view on whether we should have a separate policy for monitoring the subservicer.
SOLUTIONS
Subservicing
Quality Control Audits
Loan
Servicing Quality Control Plan
Monitoring & Control of Subservicer Policy
RESPONSE
Based on your question, you appear to be a master servicer. A master servicer is responsible for overseeing and auditing the activities of its subservicer. This responsibility arises from the fact that the master servicer remains liable for the performance of all servicing obligations, even when they are delegated to a subservicer.
A master servicer is an entity responsible for overseeing the administration and management of a pool of loans, often in mortgage-backed securities (MBS) and other structured finance products. It ensures proper loan management and that investors receive their returns on time.
Master Servicer
In particular, a master servicer's role includes the following:
Their role and responsibilities include:
· Loan administration and management
Handling day-to-day operations like payment collection, managing escrow accounts, and distributing payments to investors.
· Oversight of other servicers
Appointing and coordinating with sub-servicers while remaining liable to bondholders for their performance.
· Ensuring compliance
Ensuring that servicing practices comply with regulatory and contractual requirements.
· Monitoring and reporting
Tracking portfolio performance and reporting to the trustee and investors.
· Handling borrower communication and requests
Serving as a point of contact for borrowers.
· Coordination with special servicers
Working with special servicers for distressed or defaulted loans.
You should have a separate policy for monitoring and control of the subservicer. Usually, the policy complements the Loan Servicing Quality Control Plan that you mentioned. Both the CFPB (Consumer Financial Protection Bureau) and GSEs (Government-Sponsored Enterprises, such as Fannie Mae and Freddie Mac) mandate that lenders (master servicers) proactively oversee and regularly audit their subservicer relationships and operations.[i]
The master servicer is responsible for ensuring that the subservicer complies with all applicable regulations and contractual obligations, as required by Fannie Mae and other investors. Failing to oversee or audit a subservicer exposes the master servicer to significant business risks, including potential lawsuits, fines, and reputational damage if the subservicer fails to meet compliance guidelines or operational standards.
Second Line of Defense
The audit of a subservicer's servicing files falls under the Second Line of Defense for the originating institution that outsourced the servicing, with the possibility that the Third Line of Defense (viz., internal audits) may also perform independent audits to ensure effectiveness.
As the Second Line of Defense, the originating institution has the ultimate responsibility for the subservicer's actions; therefore, it must oversee the subservicer's compliance with regulations and its own servicing standards. The act of reviewing the subservicer's servicing files and operations to ensure adherence to contractual obligations and regulatory requirements is considered a core function of the Second Line of Defense, which involves monitoring and oversight functions, such as risk management and compliance departments.
Thus, the Second Line of Defense provides expertise, support, and monitoring regarding risk-related matters. I would break those features into the following activities:
· Developing and implementing policies and procedures for subservicer oversight.
· Conducting regular reviews of the subservicer's performance and compliance.
· Assessing the subservicer's internal controls and risk management framework.
· Monitoring the subservicer for compliance with regulatory requirements (CFPB, OCC, GSEs).
· Developing and implementing corrective actions to address any identified issues.
Essentially, the Second Line of Defense is actively involved in ensuring the subservicer is compliant and performing as expected, while the Third Line of Defense audits the effectiveness of that oversight and the subservicer's operations to ensure the entire risk management framework is sound. I think your internal auditor was correct in recommending a separate policy for monitoring and controlling the subservicer. Use it in conjunction with your overall Loan Servicing Quality Control Plan.
Oversight and Auditing
There
are five components of subservicer oversight and auditing. A robust subservicer
oversight program should include regular audits of servicing files and
operations. Implementing the program is not merely a recommended Best Practice
but a crucial aspect of a master servicer's responsibility to manage risk and
ensure compliance within the mortgage industry.
1. Establishing an Oversight and Surveillance Program
The program should monitor the subservicer's compliance with servicing requirements outlined in the master servicer's contracts and applicable guidelines.
These three elements must be included in oversight:
· Periodic audits and quality control (QC) reviews: These reviews help verify that the subservicer is adhering to contractual obligations and regulatory requirements.
· Operational audits: These audits delve deeper and can assess areas such as customer service reviews, escrow administration, collections, and loss mitigation procedures.
· Evaluation of training programs, financial strength, and overall experience: These evaluations help ensure that the subservicer has the resources and expertise to perform its duties effectively.
2. Maintaining Policies and Procedures
Master servicers must have established procedures for selecting and assessing subservicers, encompassing their experience, training programs, financial stability, quality control, and capacity to handle the portfolio.
3. Operational Audits
These audits should encompass customer service reviews, escrow administration oversight, procedural assessments of collection and loss mitigation, and examinations of bankruptcy, foreclosure, and REO management, among other areas.
4. Ongoing Monitoring and Review
This type of monitor involves continuously evaluating subservicer performance data, including loan-level data, customer satisfaction scores, response times, and error rates.
5. On-Site
Audits and Reviews
Regularly conducting on-site audits and reviews ensures compliance with contractual requirements and regulatory standards.
Jonathan Foxx, PhD, MBA
Chairman & Managing Director
Lenders Compliance Group
[i] Both
the Consumer Financial Protection Bureau (CFPB) and government-sponsored
enterprises (GSEs) like Fannie Mae and Freddie Mac require master servicers to
maintain oversight of their subservicers. Fannie Mae, for example, requires the
master servicer to ensure that the
subservicer is complying with all Fannie Mae requirements.
