A new standard for “getting it right”: The Home Mortgage Disclosure Act (HMDA) evolves
Complying with expanded HMDA reporting requirements
The expanded HMDA reporting requirements necessitate new process implementations and rigorous, ongoing testing. But the new rule isn’t all bad news: With a solid implementation plan, an institutions can do more than achieve effective compliance. By “getting it right,” they can leverage the HMDA effort to enhance operations, eliminate redundancy, and proactively monitor fair lending and data integrity risks.
- How to make the final rule work for you
- An enterprise roadmap: Five key steps
- How Deloitte Risk and Financial Advisory can help
- Get in touch
- Join the conversation
How to make the final rule work for you
There’s a silver lining to every large rule implementation. The changes that financial institutions must make under the Consumer Financial Protection Bureau’s (CFPB) amendments to Regulation C of the Home Mortgage Disclosure Act (called the HMDA final rule) are also ones they can use to their own benefit. Likely advantages of HMDA compliance include streamlining internal systems and processes and increasing operational efficiencies. Institutions can also access the same information they’re gathering for the CFPB and analyze that data to identify technology gaps, eliminate redundancies, and sharpen their understanding of lending patterns.
The CFPB is a data-driven agency, and the new HMDA reporting requirements are likely to drive consistency across the industry and encourage the use of automated processes. Each institution can benefit from knowing how its unique HMDA data profile will help it prepare for examinations and identify needed changes.
The final rule can facilitate:
- A fair shake at fair lending. Collecting and reporting more types of data, such as underwriting, pricing, loan outcome, and loan demographics should allow for a more robust internal fair lending review relative to the Equal Credit Opportunity Act (ECOA) and the Fair Housing Act (FHA). They will also enhance institutions’ abilities to self-monitor for fair lending risk exposure.
- Enhanced detective controls and an enterprise view. To adhere to the new reporting requirements, institutions will need robust internal controls testing at various stages of the reporting process. They will also need to identify control breakdowns in a timely fashion, which will allow for remediation or process enhancements when necessary.
- Consistency in the industry. HMDA is not the only force that’s spurring the industry toward a more collaborative approach to reporting requirements. The Mortgage Industry Standard Maintenance Organization (MISMO) released an update, Reference Model Version 3.4, (October 2015), which supports the HMDA rule, the TILA-RESPA Integrated Disclosure rule (TRID), and the government-sponsored enterprise (GSE) Uniform Mortgage Data Program (UMDP). The more consistent the data standards in place, the more benefit different institutions can derive from increased market efficiency, understanding, and oversight.
“Getting it right”: Five key steps
As data requirements increase and reporting becomes more frequent, the accuracy, completeness, and consistency of data are paramount. Institutions may need to enhance their existing systems and processes, especially the procedures and technology infrastructure that support reporting.
To make that task manageable, institutions should consider following five key steps to move more effectively toward HMDA compliance:
- Plan and scope. Dedicate significant time and thought to planning and scoping across all three lines of defense can provide for a smoother implementation process.
- Perform a formal gap assessment. What processes, systems, and stakeholders will implementation of the HMDA final rule affect? To know the scope, management should identify and involve intake channels, data trails, and stakeholders from all three lines of defense. It should also consider which new or existing lines of business will be affected by the revised HMDA rule.
- Develop a comprehensive action plan. A comprehensive action plan that designates responsible parties and affected lines of business is essential to the function of a change management program for the HMDA final rule. It should include engagement from all three lines of defense to build consensus and drive proper regulatory coverage.
- Design and improve. This phase serves as a feedback loop. It allows time for trial and error so the institution can incorporate the lessons from pilot tests. In this phase, responsible parties develop specific implementation requirements to meet their assigned milestones. Then they begin full-scale execution.
- Implementation and ongoing testing. Each line of defense in an institution will have its own mandates at the point of a rollout.
- First line of defense. Even after full implementation of the final rule, HMDA compliance will require ongoing maintenance. Financial institutions may find it helpful to set up an implementation management office or similar group to centralize management of the implementation of the five steps discussed here. As management prepares for the go-live date, it should periodically communicate HMDA risks and resource needs to stakeholders and executives to maintain support for implementation.
Secondline of defense. Testing and validation of HMDA reporting does not stop after implementation. Frequent and ongoing testing and validation should be performed across all three lines of defense to identify any fields or lines of business that require remediation. The second line of defense should monitor the strategic action plan for the revised program build-out. It also participates in the change control process to determine whether approved processes are being followed and necessary changes are being implemented. Thirdline of defense. Involvement of the third line of defense should include validating the sufficiency of first- and second-line monitoring and testing activities, as well as the adequacy of the overall action plan. The need to amend compliance technology stems and other internal communication protocols is part of the scope of this mandate. Upon implementation, the third line monitors and tests, as appropriate, any high-risk populations that require remediation prior to filing the HMDA Loan Application Register (LAR).
How Deloitte Risk and Financial Advisory can help
Deloitte Risk and Financial Advisory’s Regulatory and Compliance group includes industry veterans and former regulators who bring the first-person experience with regards to consumer compliance regulations, including HMDA. We can assist with all phases of the assessment and implementation, including the development of an action plan, change management, or HMDA-related testing. Deloitte Risk and Financial Advisory also offers predictive analytics capabilities that can help assess HMDA data for fair lending risks.
HMDA has its roots in the fair treatment of borrowers, but the rule and the practices it inspires can benefit all parties in the home lending market. How many of those benefits arise, and how quickly, can depend on an institution’s ability to break a multifaceted compliance challenge into discrete, understandable tasks.
To learn more, read the full report on complying with expanded HMDA reporting requirements.
Get in touch
John Graetz, Deloitte Risk and Financial Advisory principal, Deloitte & Touche LLP
Tom Nicolosi, Deloitte Risk and Financial Advisory principal, Deloitte & Touche LLP
Tamara Milliken, Deloitte Risk and Financial Advisory managing director, Deloitte & Touche LLP
Maria Marquez, Deloitte Risk and Financial Advisory senior manager, Deloitte & Touche LLP