Andrew Peters and Sonny Abbasi of Lenderworks: Growing Your Business and Staying Compliant in a Changing Landscape

Andrew Peters is President of Lenderworks, Fairfax, Va. Sonny Abbasi is General Counsel & Chief Compliance Officer with Lenderworks.

Andrew Peters

It’s no secret that things are about to change in the regulatory enforcement world, especially at the federal level. After years of restraint under the previous administration, the seismic political shift shaking the Beltway this year will likely embolden any number of career regulators, the most aggressive of which have been constrained for several years. We’ve already heard and seen the early indications of change from the CFPB and FHFA themselves.

Sonny Abbasi

The obvious focus for more aggressive enforcement will clearly be the Fair Lending Act, especially given the national dialogue about diversity and inclusiveness. The second priority? The Fair Lending Act. As well as the third. After all, the GAO has recommended that the CFPB review its own reorganization of its Fair Lending enforcement decision in 2018. The Acting CFPB Director warned us himself, pledging a more aggressive approach to supervision and enforcement just days after the new administration stepped into the White House. Mortgage servicing is also reportedly in the crosshairs of regulators. The message is clear: Now is not the time to play fast and loose with mortgage origination.

None of this is news to the mortgage industry at this point. And while all lenders—banks and non-banks alike—of all sizes would do well to be ahead of the game, updating and reinforcing their compliance strategies; it is likely to be the smaller, growing, non-bank lending companies that are most vulnerable to aggressive enforcement. After all, growth businesses simply don’t have the resources (and reserves) that their larger counterparts do. This could be the difference between keeping the lights on after a violation and fine or winding down. As always, an ounce of prevention is worth a pound of cure. There are multiple key steps smaller lenders should be taking, not just thinking about taking, right now.

What Should You be Doing?

I used to explain to clients who wanted to take a more aggressive approach in the marketplace that examiners and others can and will “look back” up to, say, three years on any actions your business (or its agents) may have taken. I’d remind them that this could be especially painful if a change of administrations in the White House meant a major change in business and compliance philosophy. Right now, that appears to be the case, to say the least.

So now what? Start with your data. Fair lending monitoring is the name of the game, so your HMDA data must be pristine—as in, constantly and consistently reviewed and actioned against. And if your HMDA data maintenance policy is anything other than robust and up-to-date, now is the time to make it so. After all, this is where enforcement officers and auditors start any audit or investigation. It’s your only chance to make a first impression. This should be every lender’s first compliance priority…as of yesterday.

The second place where Fair Lending violations tend to come to light is, naturally, the consumer complaint database. This is especially true for servicers, but applies to all mortgage lenders as well. If addressing consumer complaints has not been a strong suite or a priority for your growing business because you simply haven’t had the time or resources, it’s time to make the time and find the resources. Even outsourcing is fine (just be sure to vet your service provider thoroughly!). It’s just that simple. Start with addressing your existing complaints, and brush up (and document) your policies and procedures on that front as well. As always, be sure to document the follow-up and resolution efforts, too.

The Compliance Management System—Not Just for the Big Boys.

While any compliance officer or general counsel understands how a compliance management system works, not everyone in a sales-driven business does. A compliance management system is an integrated system of documents, processes, policies, tools, controls and functions designed to help a business stay within its legal requirements. A business of any size in an industry as heavily regulated as ours needs to have a compliance management system. It also helps the staff of that business understand clearly their individual duties and responsibilities when it comes to staying compliant, not to mention providing a means by which the company can monitor its own performance. Where violations are found, it’s not always a means of mitigation to be say “But we have a system in place to prevent violations,” but it can be in some situations. Asserting that the company’s leadership had no idea that a few employees were committing violations, however, is never a defense or mitigating factor.

Larger firms are likely to have their own compliance staffs and systems in place. But smaller lenders who don’t have the resources can certainly locate any number of qualified consulting providers who can get the job done well. Just be sure to do your homework. Not every consultant is as qualified as you’d like to believe. Check references. Ask many questions. If your consultant falls short of the mark, you’ll be just as liable for a violation as you would have been if you had no consultant at all.

It’s important that the Board of Directors or Owner/CEO of any growing mortgage lender keep their focus on controlling their compliance management systems. That means being sure that all systemic audits are taking place regularly and on time. That includes CMS, BSA/AML (Bank Secrecy Act/Anti-Money Laundering) and so forth. It also means having mechanisms in place to ensure effective quality control of loans as well.

Be Ready with a Dress Rehearsal

It’s a universal truth that nobody enjoys audits. But it’s highly likely that, in one form or another, your compliance officers and management team will be interfacing more frequently with regulators and enforcement agencies more frequently in the coming years. Even though self-audits aren’t much more enjoyable than actual audits, they’re effective ways to be ready when an actual audit arrives. Again, an experienced compliance officer or general counsel understands how to manage such an exercise. But a number of qualified, third-party consultants specialize in helping lenders with their self-auditing processes, and it’s advisable to reach out if you don’t have any audit protocols in place.

When in Doubt, Document

If you’re a veteran mortgage banker or compliance officer, you likely understand that it goes without saying that policies, procedures, compliance systems, oversight and the like should always be documented. And yet, it needs to be said. A stunning number of firms in the industry still operate their compliance “programs” by the seat of their pants. Perhaps an SVP who already has a day-job in another division has the part-time designation of “compliance officer.” Or perhaps the COO handles the duties. These are exactly the scenarios that turn audits or investigations from “unenjoyable” into “nightmarish.” Dedicate the resources. Implement a cohesive system. And, above all, get it in writing.

In a more aggressive enforcement environment, the very existence of your business could well depend on it.

(Views expressed in this article do not necessarily reflect policy of the Mortgage Bankers Association, nor do they connote an MBA endorsement of a specific company, product or service. MBA NewsLink welcomes your submissions. Inquiries can be sent to Mike Sorohan, editor, at; or Michael Tucker, editorial manager, at