Impacts of TRID and Third-Party Service Providers. How to Prepare Your Institution

The integrated mortgage disclosure rule (TRID) affects much more than loan forms and consumer qualifications. Financial institutions are responsible for the oversight and management of third party vendors. Third-party relationships have advantages for the financial institution, vendors and its consumers. However, when considering contracting with a third-party vendor, institutions must have processes implemented to ensure an all-around compliant relationship that benefits all parties and adheres to CFPB guidelines. These best practices are crucial to a strong, transparent and compliant relationship.

Who is ultimately responsible?

Every third-party service provider a financial institution deals with must be able to comply with banking regulations; and if they can’t, the institution is held responsible for errors and mistakes. When a transaction between a financial institution and its customer involves a third-party, the financial institution is still responsible for compliance with laws and regulations. Liabilities due to tolerance violations are high under TRID and all third-party agreements must reflect this risk. To reduce that risk, financial institutions should seek out providers with solid policies and procedures that are in compliance.

The CFPB’s expectation for a supervised financial institution is to have an effective process for managing the risks of service provider relationships. Third-party service providers assist in executing a number of tasks, such as those activities a financial institution cannot support nor have the expertise to complete.

By following these five steps, financial institutions can limit the potential for statutory or regulatory violations and related consumer harm:

  1. Due Diligence: Verify that the provider understands and is capable of complying with federal consumer financial protection laws by conducting thorough due diligence;
  2. Training and Oversight: Request and review the provider’s policies, procedures, internal controls, training materials, and ensure the provider conducts appropriate training and oversight of employees or agents;
  3. Compliance Contracts: Clear expectations about compliance included in the contract and enforceable consequences for violating compliance-related responsibilities, including potential issues regarding Unfair, Deceptive, or Abusive Acts or Practices (UDAAP);
  4. Internal Controls/Monitoring: Establishing internal controls and ongoing monitoring for compliance; and
  5. Enforcement: Taking prompt action, including terminating the relationship, if necessary, to address problems identified through the monitoring process.

Another best practice is to document all policies, procedures, and interactions with third-party vendors and design a risk management and disaster recovery strategy with each vendor so critical operations continue uninterrupted in case of a man-made or natural disaster.

Inspect your Vendors and Oversight Processes

Oversight for third-party providers is “key”. However, and more important, is the need to maintain a stable business relationship with the third-party provider that allows for flexibility and adaption of regulatory changes. For example, if vendors provide software that calculates tolerances to determine which cost changes at settlement require re-disclosure to the consumer, do they guarantee the accuracy of its conclusions?

Proactive Communication with Vendors

Compliance risk is intensified when an institution has inadequate oversight, monitoring or audit functions over third-party relationships. In order to ensure third party vendors are complying with the new requirements, lenders should proactively communicate with their vendors to safeguard and certify they are ready for any applicable changes to processes and technology and to assess its policies and procedures. Given the importance of vendors that are involved with TRID, especially in the case with lenders, mortgage brokers, real estate agents and settlement agents, communication between these particular vendors is extremely significant.

Training is crucial

The training required to fully prepare for the rule changes extends to all employees who communicate with consumers regarding mortgages or manage administrative and underwriting processes. Loan Originators must be trained in detail regarding the Loan Estimate disclosure and the Closing Disclosure so they can explain the forms to the consumer. These new rules affect timing and content of essential customer information, and must therefore be managed by knowledgeable and experienced staff.