Recently the 4th Circuit Court of Appeals examined whether open-end lines of credit such as a home equity line of credit (“HELOC”) fall under the definition of federally related mortgage loans under the Real Estate Settlement Practices Act (“RESPA”) in the case Lyons v. PNC Bank, N.A., 112 F.4th 267.
In this case, the borrower had a HELOC with PNC Bank. After the borrower became overdue on his HELOC loan payment, PNC withdrew the payments from the borrower’s other deposit accounts to offset the outstanding payment on the HELOC account, without the initial knowledge of the borrower. The borrower sent notice to PNC notifying them that they did not have a right to make the unauthorized transfer from his accounts to satisfy the overdue HELOC loan payment, along with a request asking for certain other information.
The borrower then sued PNC, alleging that PNC was in violation of RESPA because PNC withdrew money from the borrower’s deposit accounts to offset an outstanding payment on his HELOC loan. Further, the borrower claimed that PNC had specifically violated RESPA by failing to respond timely and adequately to his correspondence, which he contended was a Qualified Written Request under RESPA.
The Court noted that, on its face, 12 U.S.C §2602(1)(A) would include HELOC type loans in the definition of “federally related mortgage loans.” However, the Court went on to state that Congress authorized the Consumer Financial Protection Bureau (“CFPB”) to prescribe rules and regulations and grant reasonable exemptions for classes of transactions. One of the regulations the CFPB enacted is 12 CFR §1024.31, which defines a mortgage loan as “any federally related mortgage loan, as that term is defined in §1024.2 subject to the exemptions in §1024.5(b), but does not include open-end lines of credit (home equity plans).” Therefore, the CFPB had explicitly excluded HELOC type loans from RESPA.
The Court outlined the process the CFPB used in amending RESPA’s Regulation X and noted that, at the same time that the CFPB amended Regulation X, it also amended TILA’s Regulation Z. The CFPB explained that the protections proposed in those amendments, which included the timely and adequate response provision, were not necessary for open-end lines of credit [i.e., HELOCs] because, the newly amended Regulation Z included similar separate error resolution and information request requirements for openend lines of credit.
The Court ultimately ruled that TILA’s Regulation Z covered open-end lines of credit, like HELOCs, and several Regulation Z provisions substantially overlapped with RESPA’s regulations. Therefore, the Court held that the CFPB had the authority to exempt HELOCs from “federally related mortgage loans,” thus affirming that a HELOC is not subject to the provisions of RESPA.
This 4th Circuit Case supports the argument that HELOCs are not subject to RESPA requirements and are not “federally related” under its provisions. It must be noted that, while other Courts may have differing opinions, the CFPB did participate in this case by submitting an amicus brief, and it is the current opinion of the CFPB that HELOC loans are not covered by RESPA.
The U.S. Department of Housing and Urban Development (HUD) has issued a new Mortgagee Letter entitled “Modernization of Engagement with Borrowers in Default,” updating the requirements surrounding the more commonly referred to face-to-face rule.
The HUD face-to-face rule has historically required lenders to attempt to have a face-to-face interview with a mortgagor “before three full monthly installments due on the mortgage are unpaid.” According to the current version, “[a] reasonable effort to arrange a face-to-face meeting with the mortgagor shall consist at a minimum of one letter sent to the mortgagor certified by the Postal Service as having been dispatched…[and] shall also include at least one trip to see the mortgagor at the mortgaged property.” See 24 C.F.R. § 203.604(d). However, since COVID, the face-to-face specific requirements have largely been subject to HUD waiver.
In August, HUD updated the federal regulation, effective Jan. 1, 2025. Under the revised rule, mortgagees will be required to “conduct a meeting with the mortgagor, or make a reasonable effort to arrange such a meeting, before three full monthly installments due on the mortgage are unpaid and at least 30 days before foreclosure is commenced…” which is a slight change to the timing component. [Emphasis added.] Further, “[t]he meeting must be conducted in a manner as determined by the Secretary” and “[a] reasonable effort to arrange a meeting…shall consist of, at a minimum, two verifiable attempts to contact the mortgagor utilizing methods determined by the Secretary.” The Mortgagee Letter just issued provides the Secretary’s “determined methods” via both alternative interim procedures and final procedures.
Alternative Interim Procedures
Under the alternative interim procedures, which can be utilized at a mortgagee’s discretion, mortgagees must have an interview or make a reasonable effort to arrange an interview no later than the 61st day of a mortgagor’s delinquency, but alternative communication methods, such as phone interviews, emails, and video calling services, will be permitted. Meetings will not be required if: the borrower doesn’t live in the property; the subject property isn’t within 200 miles of the mortgagee, servicing mortgagee, or a branch office of either; the borrower has clearly indicated they won’t cooperate with an interview; the borrower’s payment is current due to a repayment or forbearance plan; or a reasonable effort to arrange a meeting is unsuccessful. Under the alternative procedures, a reasonable effort to arrange a meeting consists of sending the borrower a letter via a certificate of mailing or via certified mail providing interview availability and scheduling details as well as additionally attempting to contact the mortgagor at the property. These optional interim procedures expire on July 1, 2025.
Final Procedures – July 1, 2025
As of July 1, 2025, all mortgagees must be in compliance with HUD’s new face-to-face procedures. Under the new requirements, mortgagees must still conduct or make a reasonable effort to arrange a Loss Mitigation Consultation with delinquent borrowers for each default episode before three full monthly installments are due and unpaid (61 days delinquent). But, if the borrower is on a repayment plan or trial period payment plan (TPP), then mortgagees must conduct or make a reasonable effort to arrange a consult no later than 30 days after the borrower fails to make a payment on the repayment plan or TPP.
Under the new procedures, a Loss Mitigation Consultation won’t be required if:
The borrower has communicated they won’t cooperate in a consultation;
A reasonable effort (defined further below) was unsuccessful;
The borrower is on a repayment plan or TPP that will bring them current, and the borrower is meeting the terms (a forbearance does not meet this requirement); or
The borrower has filed for bankruptcy and, in the opinion of the mortgagee’s legal counsel, it would be a violation of bankruptcy law to proceed.
Notably, although the current version provides an exemption if the mortgagor fails to reside in the property or if the property is more than 200-miles from the mortgagee, both of these exemptions have been removed.
Under the new rules, a reasonable effort consists of two “verifiable attempts,” where a mortgagee documents either the date the communication was sent or the date of delivery. The first verifiable attempt must be sent by mail that utilizes a certificate of mailing or is evidenced by a tracking number. For owner occupant borrowers, an in-person attempt can be substituted for the first mailing. Acceptable methods for the second verifiable attempt include: mail, certified mail, in-person, email, text, and interactive virtual communication methods. Telephone attempts that fail to result in live borrower contact will not constitute a verifiable attempt.
Each verifiable attempt must include:
The purpose of the Loss Mitigation Consultation;
At least two available consult methods;
Scheduling instructions;
Scheduling availability, which must include at least 4 hours of mortgagee availability per week outside the business hours of 9 am to 5 pm in the borrower’s time zone;
A list of information/documents needed (if applicable);
Contact information, including a toll-free number;
Information about the availability of language access services offered (offered in Spanish and must advise to seek translation or other language assistance); and
Information on how to locate a HUD approved Housing Counselor.
Additionally, verifiable attempts must not be included with any other communication applicable to mortgage servicing, unless required by law, except that one verifiable attempt may be included with the Delinquency Notice Cover Letter or a written early intervention notice required by the CFPB.
If a reasonable effort is unsuccessful, the mortgagee must make two additional verifiable attempts at least 30 days prior to first legal. The first attempt must be sent by mail.
Further, within five days of conducting a consultation, the mortgagee must send a notice providing the date of the consultation, the loss mitigation option discussed, a list of needed documents/information (if applicable), a reminder that the borrower should contact the mortgagee if their financial situation changes at any point, the mortgagee’s contact information, and information on how to locate a HUD approved Housing Counselor.
Differing requirements exist for mortgages insured on Hawaiian homelands or Indian land.
In late August, the legal and financial minds of USFN Members, mortgage servicers, GSEs, and industry leaders converged in Dallas for USFN’s annual Compliance & Legal Issues Seminar, hosted at the JW Marriott Dallas Arts District. The two-day gathering opened with a deep dive into compliance, regulatory issues, and best practices followed by a second day focused on the most pressing legal topics of the year.
Day one began with a reality check on the evolution of compliance over the past 15 years, offering attendees a crash course on how to survive in an increasingly regulated industry. The advice was practical, to the point, and occasionally peppered with a few “what-notto-do” examples—a roadmap for the brave souls navigating this high-stakes regulatory landscape. After an intense morning of compliance metrics, the ballroom beckoned with a well-deserved buffet lunch.
Undoubtedly, the headliner of the day was “Cyber Issues from a Compliance Perspective.” The session featured a litany of nightmare-inducing scenarios where seemingly innocuous missteps opened up enormous liability for servicers, investors, and attorneys alike. Fortunately, the speakers were also quick to deliver solutions, best practices to navigate these digital landmines, and mitigate exposure. Rounding out the day were practical tips on vendor compliance and the essential ingredient for every successful firm: an ethical workspace.
After an engaging educational first day, attendees were treated to a more relaxed evening at the historic Arts District Mansion. Built in 1890, the mansion’s NeoClassical Revival architecture offered a touch of nostalgia, taking guests back to Dallas’ transition from frontier town to modern metropolis.
Live music by Joseph Patrick Neville set the mood as participants mingled and enjoyed dinner, all while mentally preparing for day two.
Panelists lead a discussion during the Compliance at the Helm session duing the first day of the Compliance & Legal Issues Seminar.
Several ambitious souls, perhaps undeterred by the Texas heat, took to the Katy Trail early the next morning, proving that compliance and legal professionals are not only resilient in boardrooms but also in beating the sun.
Day two commenced with an engaging discussion moderated by Andy Saag, featuring Eliza Financial Protection Bureau and Katie Jo Keeling, who dissected the CFPB’s proposed amendments to Regulation X. The day’s agenda spanned bankruptcy hot topics, recent case law updates, and a roundtable tackling the legal issues affecting the entire industry. Of particular interest was an ethics session on managing AI in the legal workspace; a topic that reminded us that even machines require a moral compass.
Keynote speaker Dana Dillard discusses Creating an Ethical Culture to wrap up the first day in Dallas, TX.Elizabeth Spring with the CFPB answers questions during Regulatory Changes on the Horizon
Despite the sweltering Texas heat, the 2024 Compliance and Legal Issues Seminar was deemed a tremendous success. With its luxurious setting, timely content, and a stellar mix of USFN members, servicers, and GSEs, this event is now firmly marked as “can’t miss.” Needless to say, 2025 has some big shoes to fill when the Compliance & Legal Issues Seminar returns to the JW Marriott Dallas Arts District, August 21-22!
The 6 Pillars of Success: Best Practices to Minimize Liability and Maximize Efficiency
As Federal and Local Regulators continue to beef up policies within the mortgage industry, operational compliance is more important than ever. Due to the complex nature of the mortgage industry, we must always take into consideration the fact that our landscape is designed to protect consumers, and our compliance with local and federal laws is of utmost importance to a successful business. Minimizing liability and litigation avoidance are of paramount importance. Creating a compliance framework that is effective and realistic will ensure operations flow smoothly. This article will discuss the six pillars of compliance and why these philosophies should play a pivotal role in any mortgage default operation.
1. Understanding the Compliance Landscape
First, any successful operation must understand the current compliance landscape. Again, the mortgage industry operates within a very large network of intertwined ideas and organizations. Knowing the key players and how they impact the industry is imperative to compliant operations. There are federal and local laws and organizations that are at the helm of almost all our daily operations. Knowing the relevant organizations and laws will foster an understanding of what the business requires. The creation of the Consumer Financial Protection Bureau (CFPB), and the recent Supreme Court decision upholding the constitutionality of its structure, show that strict government oversight of our industry is here to stay. To gather this information, you will need to recruit individuals for your compliance team that understand this framework and are eager to dig in and understand the nuts and bolts of the mortgage industry.
Familiarity with the Fair Debt Collection Practices Act (FDCPA), Real Estate Settlement Procedures Act (RESPA), Servicemembers Civil Relief Act (SCRA), U.S. Bankruptcy Code, and a slew of other federal and local privacy acts and consumer protection statutes, are a necessary requirement to navigating the stormy waters of the mortgage default industry. The constantly shifting compliance landscape requires eternal vigilance to prevent a misstep. For instance, the rewrite of the FDCPA with Regulation F, and implementation of the “Debt Collection Rule,” as well as the issuance of the “Model Validation Letter” for debt collectors, required a significant investment of time by practitioners and industry participants in order to digest the new requirements and put sufficient practices into place to ensure compliance.
Likewise, new case law is frequently issued by the courts which alters prior practices, notwithstanding any change to the underlying law. The recent case of Show Me State Premium Homes, LLC v. George McDonnell, No. 22-1894 (8th Cir. 2023), even though only technically binding legal authority in one federal judicial circuit, had far-reaching implications for the industry, as some of the major title insurance underwriters have applied the ruling nationwide.
2. Establish Clear Policies and Procedures
Secondly, once we have a team in place to help us understand the laws, rules, and regulations, who is creating them, and the intended public policy behind them, we then need to establish clear policies and procedures to ensure that we are compliant. To establish clear policies and procedures, we must be sure to include the following when drafting guidelines: the policy purpose and scope, outline of roles and responsibilities, primary principles of the policy, details of any procedures and guidelines that will help employees comply, consequences of violations, and the necessary steps to ensure compliance. If the policies and procedures are concisely laid out, they will be easier to understand and follow. Having one person within the compliance team responsible for drafting and updating these policies is crucial. Although organizational compliance is a group effort, it is beneficial to have one writing style and method behind the policies and procedures. Having too many individuals involved can often lead to confusing piecemeal ideas that do not have a synchronized flow, thus making it difficult for the reader to comprehend.
3. Keep up to date with compliance training, reporting and monitoring.
Next, we must keep up with training, reporting, and monitoring. In the mortgage industry, many businesses are already required to keep track of training as well as policy and procedure updates. This is usually based on work standards provided by clients. It is important to come up with a system that works for your operation. There should be a base standard for how often training and updating must occur, which should be at hire for new staff, and at least annually for all others, to be used for clients that do not provide a standard timeframe. Then, reporting and monitoring should be used to ensure the more restrictive client policies are being followed. An individual on the compliance team should be responsible for monitoring all the policies and procedures to be sure they are reviewed and updated on a yearly or more frequent basis for training purposes. This person would also be responsible for ensuring the more restrictive standards for training and updating are reviewed in a timely fashion. This may be tracked in a report, within the organization’s case management system, or with some sort of third-party compliance tracking system. This compliance leader would also be responsible for setting up training sessions to fit within the necessary timeframes. They would also track and document employee completion of training.
4. Regular risk assessment and management
Once a method for training and tracking of policies and procedures is implemented, the leaders of the compliance team should come up with a robust risk assessment plan. This plan should contain the following steps to ensure effectiveness: First, the plan should identify the risk in question and analyze the level of that stated risk. Identifying the level of risk will help with the next step of determining what actions might have to be taken to mitigate the risk. Obviously, the higher the risk, the more active the organization will need to be in order to mitigate it. Any type of high-level risks should be brought to the highest level of management within the organization and there should be a specific plan in place to handle. A determination may need to be made as to whether to escalate a matter to in-house counsel and/or outside counsel. Keeping risk assessment procedures with your compliance leaders allows for everyone to be aware of what potential issues can arise within the business operation. Knowing is half of the battle.
5. Regular reviews and audits
Now that we have developed policies and procedures based on the current compliance environment and have reviewed and trained on these policies thoroughly, it is critical that we continually self-audit to be sure that policies and procedures are not missing any crucial steps. These self-audits can be completed by members of the compliance team, but it is sometimes beneficial to have these audits completed by managers and team leads, as these are the folks handling the day to day. It may, in some situations, be worthwhile or necessary to have an audit conducted by an outside party.
While not necessarily required, audits that meet various industry standards, such as SOC 1 (previously SAS70 or SSAE 16), SOC 2, or SOC 3, may be warranted. If there is a gap in the process, it would be beneficial for these individuals to see the issue so they can understand how to fix it. They could then work with members of the compliance team to be sure their observations are taken into consideration when updating the policies and procedures. Seeing the problem will also help managers train their staff on the changes that need to be implemented.
Self-audits also greatly benefit the organization, as they can identify gaps and holes before there is an actual client audit. Catching the problem be fore a client does is one of the main reasons for having a robust compliance team.
6. Strong compliance-based community
Finally, fostering a compliance mind ed community within the organiza tion will help tie everything we have discussed together. Having employees who are willing to “say something” if they “see something” only makes the company stronger. The more eyes, the better. Having managers and attorneys who are welcoming to individuals’ questions and concerns will help facilitate this type of com munity. Introducing engaging training sessions where all employees are free to express concerns or worries may help point out issues for which the compliance team was unaware. This team environment not only builds a strong compliance web, but it also builds relationships and morale within the organization. Having annual or more frequent tests of compliance protocols, “desktop” and otherwise, is highly recommended, in order to ensure that those protocols do not fail under real-world conditions.
Working within the mortgage servicing industry has really been an eye-open ing experience as to how truly integral compliance management is to a successful organization. By adhering to the principles of the six pillars, you can be sure that you are covering your bases.
Remember, the task of complying is not easy, nor is it generally “fun,” as a change in a policy or procedure usually means there was a problem to begin with. For this reason, we should all take a step back and thank our compliance heroes for keeping us on the up and up on a daily basis.
