Federal and New York Regulatory Update

Federal and New York Regulatory Update

The Federal Housing Finance Agency (“FHFA”) issued an advisory bulletin on December 2, 2014, providing guidance to Fannie Mae and Freddie Mac (collectively, the “Enterprises”) on managing risks associated with their relationships with Seller/Servicers.  The New York Department of Financial Services (“DFS”) extended emergency regulations related to mortgage servicing.




FHFA expects each Enterprise to assess financial, operational, legal, compliance, and reputation risks associated with its single-family Seller/Servicers and to take appropriate action to mitigate those risks or reduce the Enterprise’s exposure.  Each Enterprise should implement a board-approved risk management framework that specifically includes risk-based oversight of single-family Seller/Servicers with oversight performed pursuant to the policies and procedures described in the advisory bulletin.


Risk Management Framework


The board of directors of each Enterprise is responsible for overseeing the Enterprise’s overall risk management.  The use of a third party does not relieve the Enterprise’s board of directors and senior management of their respective responsibilities to oversee and manage the risks that arise out of the Enterprise’s Seller/Servicer relationships.


FHFA expects each Enterprise to have a risk management framework for Seller/Servicers as part of its enterprise-wide risk management program.  The framework should incorporate a policy for the oversight of Seller/Servicer relationships by establishing standards for identifying, assessing, monitoring, and managing risks associated with such relationships.



Selection of Seller/Servicers


Prior to entering into a contractual relationship with a Seller/Servicer, the Enterprise should perform due diligence and document the results.  The due diligence should evaluate relevant risks related to a potential Seller/Servicer and should be informed by the factors below.


  • Financial Risk Factors – Financial risk is the risk of loss due to the Seller/Servicer’s inability to meet its financial obligations.  Financial risk may arise due to deterioration in the Seller/Servicer’s financial condition, significant growth, or an unexpected event that causes financial hardship.  The Enterprises should consider the following in assessing each potential Seller/Servicer’s financial risk, as appropriate:
    • Overall financial strength and financial ratio trends;
    • Business plan, expertise, and loan production sources;
    • Ability to meet selling and servicing guides and other contractual provisions, including representations and warranties, under stable and adverse economic scenarios;
    • Existing and anticipated sources of income, capital, and liquidity;
    • Quality of loans;
    • Projected levels of loans, mortgage servicing rights (“MSR’s”), and other servicing assets;
    • Adequacy of fidelity bond and errors and omissions insurance coverage; and
    • Complexity of the Seller/Servicer’s financial structure, including the terms of any financial arrangements with other parties.


  • Operational Risk Factors – Operational risk is the exposure to loss from inadequate or failed internal processes, people, and systems, or from external events.  Operational risk may arise when a Seller/Servicer cannot effectively perform the duties that it has contracted to perform due to deficiencies in its operations or controls.  The Enterprises should consider the following in assessing each potential Seller/Servicer’s operational risk, as appropriate:
    • Current and prospective resources and capacity regarding staffing, facilities, technology infrastructure, and any sub-servicing arrangements;
    • Organizational structure, complexity, and ownership, including affiliates;
    • Key personnel, principals, and controlling shareholders, including information from background checks, when appropriate;
    • Reliance on, exposure to, and performance of sub-servicers, location of sub-servicers, and the Seller/Servicer’s ongoing monitoring program and quality control testing of sub-servicers;
    • Seller/Servicer oversight of third party service providers (e.g., mortgage brokers, appraisers) contractually obligated to the Seller/Servicer, not the Enterprise;
    • Risk management program, internal controls and results of audits or reviews, including independent post-closing loan review process;
    • Business continuity and contingency planning; and
    • Information technology management program, including an information security framework.


  • Legal, Compliance, and Reputation Risk Factors – Legal, compliance and reputation risk exists when a Seller/Servicer’s operations are not consistent with laws, regulations, sound practices, or an Enterprise’s selling and servicing guides and other contracts.  The Enterprises should consider the following in assessing the legal, compliance, and reputation risk associated with potential Seller/Servicers as appropriate:
    • Maintenance of the appropriate federal and state charters or licenses required for or relevant to operating their business;
    • Scope of federal and state regulatory oversight, both prudential and consumer protection;
    • Compliance programs for all applicable laws and regulations, including consumer protection laws;
    • Record of compliance with applicable laws and regulations, based upon publicly available information;
    • Information known or reasonably available to an Enterprise about loan originators used by the Seller/Servicer and their compliance with consumer protection laws;
    • Publicly available information about supervisory and legal actions, including criminal and civil actions, taken against the Seller/Servicer, key personnel, principals or controlling shareholders, and affiliates;
    • Publicly available information about investigations and litigation initiated by federal and state authorities, and agreements reached in conjunction with those actions, including the assessment of fines;
    • Orders issued under the FHFA Suspended Counterparty Program; and
    • Significant consumer complaints or a pattern of consumer complaints.


Evaluation of these risk factors should be consistent with, and supportive of, the standards for approving Seller/Servicers articulated in the risk management policy.


Ongoing Monitoring


Monitoring of the Seller/Servicer for the duration of the relationship is essential to an Enterprise’s ability to manage Seller/Servicer risks.  As part of ongoing monitoring, each Enterprise should have risk-based procedures that required updating information obtained during the approval process and performing subsequent analysis to evaluate changes in a Seller/Servicer’s risk.  FHFA expects that ongoing monitoring will be risk-based, so it will vary among individual Seller/Servicers and may change over time for a particular Seller/Servicer. Enterprise policy regarding the scope and frequency of ongoing monitoring activities should be commensurate with the risk associated with the particular Seller/Servicer.


The documented analysis should take into account factors assessed during the approval process, as well as the following factors, as appropriate:


  • Volume of loans sold; MSR’s retained, sold, transferred, or pledged; and servicing transfer activity, noting rapid or significant changes;
  • Outstanding obligations and past performance regarding recoveries of repurchases and compensatory fees;
  • Adherence to approved terms of business, including capital requirements, sales volume, and product limitations;
  • Delivery and servicing performance record;
  • Contractual ability of the Enterprise to access Seller/Servicer records and conduct onsite visits;
  • Results of operational reviews performed by the Enterprise;
  • Results of the Enterprise’s review of a Seller/Servicer for the Seller/Servicer’s compliance with consumer protection and other laws where the Enterprise may have legal liability as a result of the Seller/Servicer’s noncompliance;
  • Information about a Seller/Servicer’s compliance with consumer protection laws where the Enterprise may be exposed to significant risk as a result of the Seller/Servicer’s noncompliance;
  • Record of compliance with Seller/Servicer guides and other contractual terms, including compliance with laws and regulations, based on Enterprise compliance and quality control reviews;
  • Results of fraud and data integrity reviews;
  • Volume, type and pattern of Seller/Servicer guide waivers considering documented justification for waivers, and results of ongoing performance reviews of loans with waivers relative to justification and expectations;
  • Sufficiency and timeliness of performance data to evaluate the quality and effectiveness of Seller/Servicer processes for actual and projected volumes;
  • Accuracy and completeness of loan recordkeeping, including loan data systems and loan documentation, throughout the life of the loan;
  • Changes in the Seller/Servicer’s business model, strategies, or practices; and
  • Operational and system complexity, including after an acquisition or merger involving multiple locations, systems and processes.




Our July 21, 2009, October 27, 2009, January 25, 2010, March 22, 2010, August 10, 2010, December 16, 2010, March 24, 2011, June 30, 2011, September 29, 2011, January 25, 2012, April 11, 2012, July 11, 2012, October 17, 2012, April 1, 2013, June 20, 2013, November 12, 2013, January 8, 2014, March 24, 2014, July 16, 2014 and October 30, 2014 Compliance Memoranda discussed Emergency Regulations issued by the DFS addressing mortgage loan originator licensing and application requirements and mortgage loan servicer registration and financial responsibility requirements.  The DFS recently extended all of the Emergency Regulations effective November 25, 2014, with an expiration date of February 22, 2015.