The collection, reporting, and monitoring of this data may add strain to staff and available resources. Organizations should consider the effects and potential mitigations for various positions.
Commercial and small business lenders and underwriters
Commercial and small business lenders whose roles have not required a strong working knowledge of HMDA requirements may be unprepared for the rigorous processes required for accurate collection of data under Section 1071.
For some organizations, commercial and small business loan applications are less formal than consumer mortgage applications and can encompass a variety of documents such as financial statements, credit memos, or offer sheets to gather and evaluate information. Organizations might need to rethink how small business application data is collected and whether a different approach might be required for efficient and accurate collection of the required datapoints.
Lenders and underwriters must establish a process and control framework that appropriately mitigates the risk of noncompliance. Personnel should learn requirements, establish and document new controls, and test the controls to evaluate effectiveness.
Support personnel
Loan processors, loan closers, and pre- and post-closing personnel need to understand the new rule and what information must be collected. Such personnel might be unfamiliar with the locations of reportable data points in source documentation. Additionally, they might need to adapt to short- or long-term manual processes for data entry and reporting depending on the capabilities of their organization’s loan origination system.
Compliance personnel
Although the new rule will require compliance department expertise to provide advice and guidance, data collection and reporting should be established as a business unit function.
Risk and compliance management should consider holding meaningful discussions with senior and executive management. Topics could focus on the significance of a compliance strategy, the need for cultural buy-in, and the importance of understanding regulatory requirements, system constraints, and limitations.
Additionally, applicable elements of the Section 1071 rule should be integrated into the organization’s enterprisewide risk assessment. Assessment results should drive the frequency of both the second and third lines of defense monitoring and testing.
Organizations can help alleviate challenges by:
- Evaluating current processes to determine where additional application and underwriting stage steps might be required
- Assigning roles and responsibilities and establishing consistent processes under policies and procedures
- Creating a source document reference guide demonstrating where required data points are located
- Evaluating staffing capacity and needs
- Training personnel on expected requirements