Sep. 1: Notes about digital mortgages, blockchain, cybersecurity & insurance; state-level lending law trends

Contrary to my long-held beliefs, computers are not going away. And companies that use technology in conjunction with other tools are very successful. Rumors of it entering the mortgage business aside, Amazon receives about 5 percent of U.S. retail spending. But analysts believe Amazon will receive 49 percent of American online spending this year, up from 43.5 percent last year. The closest runner-up (eBay) will get only 6.6 percent.

Joe Tyrrell, EVP of Corporate Strategy at Ellie Mae, wrote, “The digital mortgage is an idea whose time has come. Our recent Connecting with Borrowers Online study shows that across all generations, borrowers have come to expect a simple online application that guides them step-by-step through the loan process. Across generations, borrowers went online to complete nearly every phase of the loan process from comparing options to application and qualification. Millennials were twice as likely as Boomers to make initial contact with lenders online (43 percent vs. 24 percent). Boomers, on the other hand, preferred more in-person interactions with their lenders. One-third (35 percent) of Gen Xers first reached out to their lender online, falling in between Millennials and Boomers.

“But from Ellie Mae’s perspective, a digital mortgage needs to encompass the entire loan lifecycle to be effective for lenders while meeting the ever-changing needs of the homebuyer.  A true digital mortgage encompasses a comprehensive consumer engagement solution to help you fund more loans by meeting borrowers at the point of interest. It offers high tech, human touch capabilities to free up lenders to handle exceptions to fund loans faster. And it includes data and analytics for machine learning to help you make smarter decisions on how to serve your homebuyers specific needs.”

No, technology is not going away, and there are people out there who want yours. Bank of America reports it will spend about $680mm this year to support its 2,200 dedicated employees fighting cyber threats at the bank. An Economist survey of 452 large organization board members finds organizations spend on average about 1.7% of revenue on cyber resilience—and 96% said that isn’t enough. According to Shred-It, cybersecurity good practices include: updating the workplace policy to include remote workers and vendors, securing physical access to information, destroying hard drives no longer in use, having a hotline for employees to call when they lose a device or notice a breach. And the Wall Street Journal reports that since 2011, 56 cyberattacks were directed at cryptocurrency exchanges, initial coin offering and other digital currency platforms and those attacks led to hacking-related losses of $1.6B.

While we’re on the topic, CNBC reports over 800 cryptocurrencies are now dead and worth less than 1 penny. Meanwhile, bitcoin is down 70% from its record high last year. Despite this downdraft, initial coin offerings have surged from $3.8B in 2017 to a whopping $11.9B this year.

Studies during the past year suggest central banks are becoming more interested in possible benefits of blockchain and cryptocurrencies. The Bank of England has introduced an interbank payment system that is compatible with blockchain, while the Bank for International Settlements has studied whether digital currency should replace real money.

The IT unit of Samsung has developed BankSign, a certification tool based on blockchain. The tool, developed in conjunction with the Korea Federation of Banks, aims to simplify transactions by requiring certification from one bank, rather than multiple entities, while offering easier registration and renewal.

Cyber insurance?

Banks and lenders are continually using technology to ward off hackers who are working to take them down. Hackers seem to constantly find new ways to break into computer systems, so countermeasures are constantly evolving. This is an evolutionary cage match and neither hacker nor banker shows any signs of slowing down. Experts will tell you that most banks will someday be hacked, so cyber risk insurance may be something to think about.

Unfortunately, cyber risk insurance policies aren’t standardized, and the market is changing rapidly. Insurers don’t even agree on what a policy should cover, what might trigger coverage, or even the definitions of basic policy terms. As a result, the coverage of one issuer might be very different from that of another. You’ll need to carefully review the options, consider your needs and budget before you buy a policy.

As with all insurance, the first stop is figuring out what coverage you need. Most cyber risk issuers offer roughly 10 kinds of coverage, though they may label them differently. Across the market, options include coverage for forensic investigation, online defamation, business interruption, recovery expenses, data loss and restoration, cyber extortion, and improper electronic transfer of funds, to name a few. Not every bank needs (or can get) all these types of coverage, so choose carefully but prudently.

Steve Brown with PCBB advises, “Once you’ve selected your policies, make sure they work together, as cyber insurance can overlap with other types of insurance. That can surface the question of which policy is primary when things hit the fan, as well as how losses should be allocated between multiple policies, what deductible a bank might pay on a claim, reporting requirements, and which policy governs the choice of and payment to an attorney or other vendor.

“Keep a particularly keen eye out for the differences and potential overlaps between cyber insurance and coverage for directors and officers, errors and commissions, commercial general liability, fiduciary liability and other insurance coverage. You may discover that one of these policy types already covers one or more of your cyber coverage needs. If you still elect to buy coverage that fills both overlapping and standalone concerns, you will need to be clear on which coverage is primary, so you’re not someday caught between two insurer and any necessary payments to be made.”

Steve wraps up with, “Last but not least, determine whether a prospective cyber risk policy includes the insurance company’s duty to defend your bank. That characteristic is more common than not and at first glance it seems like a good thing. You might be glad to have an insurance company go to bat for you — or you might prefer to control any defense. Decide now and purchase accordingly.”

State lending-related laws – hard to keep up

With the CFPB “de-fanged” or “de-clawed” – whatever term you’d like, lenders are grappling with state-level laws and regulations that can be confusing. This is in addition to the laws and regulations that states normally enforce anyway. Reporter Kate Berry penned a great piece asking, “Can state AGs really serve as ‘mini-CFPBs’?”

“Only a handful of states, such as Pennsylvania and New Jersey, have announced plans to create so-called “mini-CFPBs” to focus on consumer issues in their respective jurisdictions.

In other states, budgets have been too constrained to expand enforcement operations beyond what AGs were already doing to assist the CFPB under former Director Richard Cordray… Observers say state AG offices that had participated most willingly in Cordray-led investigations have continued to operate at full tilt in the Mulvaney era, pursuing fraud allegations and other claims as if nothing had changed…But with no general drop-off in investigatory activities, state budgets in some cases are too tight to establish mini-CFPBs around the country more broadly.”

Last year Pennsylvania announced its initiative. This year New Jersey picked Paul R. Rodriguez, a lawyer in New York City Mayor Bill de Blasio’s office, as director of the division of consumer affairs. Maryland has created a new Financial Consumer Protection Commission chaired by Gary Gensler, a former Goldman Sachs executive and head of the Commodity Futures Trading Commission. Virginia Attorney General Mark Herring created a special unit targeting predatory lenders.

Kate’s article reminds us, “Every AG’s office has a consumer protection division with express statutory authority to enforce federal consumer protection laws including unfair, deceptive and abusive acts and practices, known as UDAAP… Though the CFPB is still investigating UDAAP violations, fewer actions are being referred to enforcement, which has left an opening for states to fill.

Don’t forget New York’s Department of Financial institutions, California’s Department of Business Oversight, Florida’s Department of Financial Services, and Texas’ Attorney’s office.

The Georgia Department of Banking and Finance has adopted new provisions pertaining to mortgage lenders, brokers, and servicers including updates to its mortgage servicing standards, and provides new provisions for mortgage lenders, brokers and servicer’s that meet the definition of “loan or finance company” under the Bank Secrecy Act.

Any person subject to the licensing requirements of the Georgia Residential Mortgage Act that meets the definition of a “loan or finance company” under the Currency and Foreign Transaction Reporting Act of 1970 must develop a written anti-money laundering program and comply with all filing, record keeping, currency transaction, and suspicious activity reporting as required by the Bank Secrecy Act. Mortgage servicer standards have been updated as related to loss mitigation activity after a foreclosure process has commenced. Provisions relating to notices of service transfers have also been updated. Under the new rules the notice of service transfer requirement does not apply if, at the time of settlement, the servicer provides to the borrower written initial disclosures of the transferee that comply with the provisions of this chapter.

North Dakota asked for a federal waiver of real estate appraisal requirements that would allow local banks to make valuation assessments due to an appraiser shortage. The waiver would help rural banks and their communities by improving the timeliness and costs of real estate transactions. North Dakota’s Gov. Doug Burgum, State Commissioner for the Department of Financial Institutions Lise Kruse and the North Dakota Bankers Association made the joint request to the Federal Financial Institutions Examination Council’s Appraisal Subcommittee. North Dakota is the first state to make use of the temporary waiver request.

The state specifically has asked for a waiver of appraisal requirements for federally related real estate mortgage loans issued by banks or credit unions that are less than $1 million for business and agriculture loans or $500,000 for residential transactions. The current limits are $500,000 and $250,000, respectively. Under North Dakota law, independent evaluations are required regardless of transaction amount and the waiver would allow North Dakota banks and credit unions to assess the type of valuation that is needed. The shortage of available appraisers in North Dakota hurts consumers’ timely credit availability, slows economic development and threatens the viability of rural communities. Appraisals in some parts of the state are taking up to three months for residential and agricultural real estate loans in the state. And in some cases, the transactions have fallen through.

The Washington Department of Financial Institutions, Division of Consumer Services, notified licensees under the Consumer Loan Act that, pursuant to its authority under WAC 208-620-650, it will temporarily waive some fees in part and other fees entirely. Effective July 1, 2018 through December 31, 2019, the Department has waived hourly fees charged for consumer loan company examinations, excepting travel expenses related to the examination. For the remainder of 2018, the Department has waived fees for the assessment of the following: residential mortgage loans in portfolio on December 31, 2017, residential mortgage loans brokered in 2018, and residential mortgage loans purchased in 2018. Additionally, Mortgage Loan Originator renewal fees have been reduced from $155 to $75 for the 2019 calendar year.

The Washington Department of Financial Institutions has adopted new provisions, that take effect September 1, 2018, under its Consumer Loan Act. In addition to technical and readability changes, the new provisions help to clarify the roles of parties investing in, owning, and servicing residential mortgage loans. Additionally, the new provisions clarify what residential mortgage loan servicing activities can be conducted outside of the United States. WAC 208-620-530 adds a provision relating to the maintenance of records electronically. Under the new provisions, a cloud service may be used for records maintenance; however, the servers used to store the records must be in the United States or its territories. WAC 208-620-553 prohibits certain loan servicing activities outside of the United States including: receiving payments and maintaining of payment records, collection activities, and communications with consumers. Activities that may be conducted outside of the United States include: data entry, document review, recommendation for action, records searches, and analysis of credit disputes and escrow accounts.

In New Hampshire, provisions regarding the advertisement of motor vehicles have been amended. Under these new provisions, the banking department may review advertisements of motor vehicles within three years of the date the advertisement is advertised. The previous prevision did not place any time constraints on the banking department’s right to review advertisements. The provisions regarding payday loans and payment books has also been modified. Under the new provisions, the previously enforced requirement that a payment book provided to a borrower contain an interest calculation has been eliminated.

New Hampshire has amended its provisions regarding licensing provisions. These changes were effective as of August 7, 2018. Under this bill, certain individuals who are not regularly engaged in business as mortgage bankers, mortgage brokers, mortgage servicers, and mortgage originators in a commercial context are exempt from regulation. There is now a rebuttable presumption that an individual is not engaged in the business of a mortgage banker, broker, servicer, or originator if he or she is involved in three or fewer loans in a consecutive 12-month period.

Politicians are the same all over. They promise to build a bridge even where there is no river.
~Nikita Khrushchev

Visit for more information on our industry partners, access archived commentaries, or to subscribe to the Daily Mortgage News and Commentary. If you’re interested, visit my periodic blog at the STRATMOR Group web site. The current blog is, “What Does Affordable Housing Mean? If you have both the time and inclination, make a comment on what I have written, or on other comments so that folks can learn what’s going on out there from the other readers.


(Market data provided in partnership with MBS Live. For free job postings and to view candidate resumes visit LenderNews. Currently there are over 300 mortgage professionals looking for operations, secondary and management roles. For up-to-date mortgage news visit Mortgage News Daily. For archived commentaries, or to subscribe, go to Copyright 2018 Chrisman LLC. All rights reserved. Occasional paid job listings do appear. This report or any portion hereof may not be reprinted, sold or redistributed without the written consent of Rob Chrisman.)


Rob Chrisman