Blockchain projects, notes on wire fraud and cyber attack safeguards, lender technology, lender vs. investor risk
I know I’ve run this before, but how cool is it to sit at your desk and be able to listen to thousands of radio stations from around the world?
Lender vs. investor risk
In the United States, Fannie & Freddie are under the conservatorship of the U.S. Government. We’ve seen repeated proposals to change this, with varying degrees of acceptance, but as of yet we have no clear plan – often due to risk issues. WealthMaker’s Michael McAlary weighed in. “At WealthMaker we’ve studied the US mortgage market and its unique characteristics compared to other mortgage markets around the world. It is the only major mortgage market where credit risk is ultimately carried by the tax payer while interest rate risk is worn to the investor/lender. In most, if not all, other markets credit risk is carried by the lender/investor and interest rate risk is carried by the customer.
“This then begs the question, ‘What risk does the customer carry?’ As part of the ongoing structural changes in mortgage markets, I’m seeing a convergence of mortgage and investment products with new commoditized products. In the past, these types of products were only available to higher net worth individuals. At the same time customers are demanding more personalised, financially relevant solutions and an ongoing relationship as the internet has turned on its head the traditional customer relationship, just ask United Airlines. WealthMaker’s Aspire product addresses the above as it starts as a mortgage and ends up as an investment – it tracks a customer’s life cycle.”
Folks in the mortgage industry have been hearing about the promise of fully electronic mortgage originations for quite some time. Brian Fitzpatrick, CEO of LoanLogics, thinks the new wave of technologies featuring do-it-yourself borrower portals hold promise, but lenders need to consider some of the complications these technologies may present.
“People are looking at these apps and websites as the next big thing, but they have the potential to create data nightmares. Many companies that are using self-driven borrower portals are relying on systems that are separate from their LOS and may or may not be integrated. The synchronization challenge this presents up front is then complicated by more partners, systems, documents and data that come into play as the loan is manufactured. It’s not only time-consuming it’s creating greater data contamination that is not being caught until much further into the process.
“In general, there’s a huge problem in the industry with data integrity, simply because so much information is collected from so many different parties. The more information that is gathered, the more likely you are to get contaminated data. We’ve found that the main culprits behind loan defects are simple human error and conflicting information from multiple sources. Mistakes are made, and then the data is tainted.
“Many in the industry believe that the digital mortgage experience and point-of-sale technologies will solve these problems. But while lenders are offering a digital mortgage experience to borrowers on the front end, almost everybody is still using an older system on the back end. That creates manual work-arounds and makes it more difficult to verify all the data borrowers submit.
“And while many believe that the LOS is the ‘sole source of truth,’ a distinction should be made between a source of truth that spans multiple systems and documents and a system of record that ultimately can house that information. I can put bad information in my LOS and the information is in the loan file, but it’s still bad information. The data integrity is in question until it is validated and verified.
“There is definitely a need to simplify the mortgage experience for borrowers, but I’m seeing a lot of style over substance. One again, companies are trying to build out front end functionality and intelligence without addressing the back-end shortcomings and data integrity issues. Lenders should be leveraging data and document validation technologies in combination with an automated rules engine that is able to identify, verify and validate data in real time–no matter what system you’re using–so that any data discrepancies are brought to light immediately. Additionally, the intelligence relative to processing, underwriting and capital markets is encapsulated into the rules engine which then reduces all the manual intervention in operations and in quality assurance and quality control. Otherwise, a lot of these new mortgage ‘experiences’ will not live up to expectations.” Thanks Brian!
Wire fraud, IT, cybersecurity, hacking
Walt Mullen, Chief Strategy Officer of Title Resource Group, writes, “As you are more than aware wire fraud is one of the largest risks we are seeing in the real estate sector now and it is on the rise. I wanted to share with you our most recent video on this topic that has been getting a lot of traction. Education is the key to solving this problem as there are a lot of people in the process, and the fraudsters are smart and use urgency and many other tactics to get people off guard and redirect funds… in most cases offshore and within seconds.”
According to a recent report from IT security provider LogicForce, hacking attempts were made on over 200 U.S. law firms between 2016 and 2017, 40% of which didn’t even know that they had been breached, according to a report by Ian Lopez. But John Sweeney, president of LogicForce and apparent optimist, said the results present “plenty of opportunities for corporate legal and law firms to get on the same page” with cybersecurity. “We’re finding some areas to be consistent across a wide variety of firms, both big law and small law, that it doesn’t take a lot to improve,” Sweeney said. “We want to educate the industry on, ‘Hey, you don’t have to be spending millions upon of millions of dollars to tighten up controls that your corporate clients want to see in order to secure your processes and keep up with your obligations to protect.’”
Banks are increasingly turning to cybersecurity experts to vet deals for risk, including dormant computer viruses or evidence of industrial espionage. Approximately 85% of executives surveyed by the New York Stock Exchange say vulnerability discovered during an audit preceding an acquisition would make them reconsider the deal.
I’ve noted this before, but they’re called ‘phishing’ emails because the cybercriminals who send them are fishing for victims. These fraudulent emails, which may appear to come from a legitimate company or even a personal acquaintance, are designed to trick people into giving up personal information, such as credit card and social security numbers.
A recent report from Wombat Security Technologies has shed some new light on the kinds of phishing emails used by hackers to gain access to small business systems. Fake emails that mimic the messages people expect to see in their work email inboxes are proven to have shockingly high click rates.
The best way for companies to deal with cyberattacks is to have enough safeguards in place to prevent them from happening in the first place. But if you’re, say, DLA Piper, which got caught up in this week’s big ransomware attack, the key question is what to do once it’s already too late. Reporter Rhys Dipshan lays out the most critical steps, like not taking anything for granted: “Ransomware attacks can often serve as smoke screens or distractions serving to mask other nefarious operations, which may result in the theft of data,” said Austin Berglas, senior managing director and head of the cyber defense practice at K2 Intelligence. In other words, it may be even worse than you think.
Earlier this year, the New York Department of Financial Services (NYDFS) issued a cybersecurity regulation that goes well beyond current federal requirements for financial institutions in scope and specificity. The Privacy, Cyber Risk & Data Security practice of Buckley Sandler will be hosting a webcast to discuss the general requirements and timeframes for compliance with the NYDFS regulation, how the NYDFS regulation compares to current requirements under the Gramm-Leach-Bliley Act Safeguard Rule, and the increasing involvement of states in cybersecurity. “Please join Douglas F. Gansler, Elizabeth E. McGinn and James T. Shreve for this important and timely discussion on Tuesday, July 25, 2017 from 2:00 – 3:00 pm EDT. There is complimentary registration here. Registration required. Please, no outside law firms, government agency personnel, consulting firms, or media. After registering and being approved, you will receive a confirmation email containing instructions for joining the webcast.”
It may be that multiple law firms were affected by Tuesday’s massive ransomware attack. But just one of them saw its name splashed across the Internet as one of the cyber catastrophe’s main identified victims. “Suffice it to say, it’s going to touch hundreds if not thousands of different points of business, and not only in the U.S. It’s a nightmare, there’s no doubt about it,” one cybersecurity consultant told reporter Roy Strom when asked about the attack on DLA Piper. The firm’s phone and computer systems were shut down or thrown out of whack on at least three continents, with the Washington, D.C., office forced to use a sign in the lobby to warn employees against using their machines. But the attack could mean more business for one group: companies that sell cybersecurity insurance to law firms.
Blockchain news? Sure.
Chinese financial firms, universities and think tanks have partnered to launch a blockchain research lab based in Shenzhen to battle financial fraud. Fraud is estimated to cause 50% of losses in China’s consumer finance industry.
IBM is working with seven of Europe’s largest banks to launch a blockchain project that will be used for international trade involving small and medium-size enterprises. “We are convinced that blockchain will have a huge impact on banks in the future and that trade finance is one of the biggest areas of potential for the technology,” said Rudi Peeters of KBC Group, one of the banks involved in the project.
Blockchain technology, and specifically its use of smart contracts, could create legal uncertainty when used across jurisdictions, according to a Financial Stability Board report. While the report gives no guidance on solving the potential difficulty, it does advocate greater co-operation on these issues between nations.
(Disclaimer: I didn’t have the energy or inclination to sanitize this tale. Some will agree with it, others disagree. I am merely passing it along.)
In the year 2017, the Lord came unto Noah, who was now living in America and said:
“Once again, the earth has become wicked and over -populated, and I see the end of all flesh before me.”
“Build another ark and save 2 of every living thing along with a few good humans.”
He gave Noah the blueprints, saying: “You have 6 months to build the ark before I will start the unending rain for 40 days and 40 nights.”
Six months later, the Lord looked down and saw Noah weeping in his yard – but no ark.
“Noah!” He roared, “I’m about to start the rain! Where is the ark?”
“Forgive me, Lord,” begged Noah, “but things have changed. I needed a building permit. I’ve been arguing with the boat inspector about the need for a sprinkler system.”
“My neighbors claim that I’ve violated the neighborhood by-laws by building the ark in my back yard and exceeding the height limitations. We had to go to the local Planning Committee for a decision.”
“Then the local Council and the electric company demanded a shed load of money for the future costs of moving power lines and other overhead obstructions, to clear the passage for the ark’s move to the sea. I told them that the sea would be coming to us, but they would hear none of it.”
“Getting the wood was another problem. There’s a ban on cutting local trees to save the Greater Spotted Barn Owl. I tried to convince the environmentalists that I needed the wood to save the owls – but no go!”
“When I started gathering the animals the ASPCA took me to court. They insisted that I was confining wild animals against their will. They argued the accommodations were too restrictive and it was cruel and inhumane to put so many animals in a confined space.”
“Then the Environmental Protection Agency ruled that I couldn’t build the ark until they’d conducted an environmental impact study on your proposed flood.”
“I’m still trying to resolve a complaint with the Human Rights Commission on how many minorities I’m supposed to hire for my building crew.”
“The Immigration Dept. is checking the visa status of most of the people who want to work.”
“The trade unions say I can’t use my sons. They insist I must hire only Union workers with
“To make matters worse, the IRS seized all my assets, claiming I’m trying to leave the country illegally with endangered species.”
“So, forgive me, Lord, but it would take at least 10 years for me to finish this ark.”
Suddenly the skies cleared, the sun began to shine, and a rainbow stretched across the sky.
Noah looked up in wonder and asked, “You mean you’re not going to destroy the world?”
“No,” said the Lord. The Government beat me to it.”
Visit www.robchrisman.com for more information on our industry partners, access archived commentaries, or to subscribe to the Daily Mortgage News and Commentary. If you’re interested, visit my periodic blog at the STRATMOR Group web site. The current blog is, “Does Everyone Want a Job?” If you have both the time and inclination, make a comment on what I have written, or on other comments so that folks can learn what’s going on out there from the other readers.
(Market data provided in partnership with MBS Live. For free job postings and to view candidate resumes visit LenderNews. Currently there are over 300 mortgage professionals looking for operations, secondary and management roles. For up-to-date mortgage news visit Mortgage News Daily. For archived commentaries, or to subscribe, go to www.robchrisman.com. Copyright 2017 Chrisman LLC. All rights reserved. Occasional paid job listings do appear. This report or any portion hereof may not be reprinted, sold or redistributed without the written consent of Rob Chrisman.)