Auto Lenders: Does Your Loan Management Software Help You Achieve CFPB Compliance?
A Helpful Guide for Auto Lenders
August 31, 2015
Software won't make auto lenders compliant, but it should provide the necessary tools to do so. Just a few months ago, the CFPB (Consumer Financial Protection Bureau) completed its regulation requirements for large auto financing companies. After reviewing these requirements, we have come up with some useful tips to consider in leveraging the functionality of your loan management software to assist in compliance. These are important points to keep in mind if you find yourself searching for new loan servicing software to accommodate these new requirements.
For now, these CFPB guidelines only apply to companies “…that have at least 10,000 aggregate annual originations.” Although small lenders aren't affected, we believe many, if not all of the requirements make the industry better. Why not future-proof your lending practices and make sure you meet these requirements?
Basic Best Practices
There are some general “must haves” for any complete loan servicing platform. Consider the following:
- Complete audit trail – The easier it is to audit your own processes, the easier it will be to pass the CFPB examination. This means your platform should have extensive history and modification logs as well as strong security controls.
- Store documents, notes and interactions – Your platform should be able to store documents for both contacts and loans. Examples include: loan/lease account documentation, applications, notes, disclosures, and all other contents of underwriting and closing files.
- Multiple workflows in multiple areas of the loan cycle – Your platform should be able to handle workflows that assure every loan has verification of ability to repay, all proper disclosures, customer inquiries processes, complaint processes, etc.
- Make reporting, monitoring and auditing the system easy to assure compliance - A good system should help with all parts: monitoring, reporting, and auditing.
Below is a list we compiled based on the Modules referred to in the CFPB examination procedures document. Keep in mind it’s not a thorough list. We invite you to look at the full document in detail to ensure you're knowledgeable about these new regulations. We offer this blog post as a starting point.
There are nine modules. We'll look at three of them.
Module 3 – Advertising and Marketing
Store opt-out notices and track renewals. Your loan management software and/or CRM should store documents sent to your customer regarding the opt-out and renewal notices for affiliate marketing. Part of this should include keeping track of how the notice was sent (email or postal service). It should also keep track of the customers who have opted-out.
Automate opt-out management and notices. It should have a workflow and that tracks the opt-out expiration date, automatically sends a renewal opt-out notice, and tracks the opt-out notice result.
Store prescreened offer details, and ensure criteria are followed consistently. Your system should have a list of the criteria use for prescreened offers and post-application criteria stored for each customer. It should have a workflow that checks the loans being made meet those criteria consistently.
Module 4 – Application and Origination
Store copies of all origination documents. Your loan management software should keep track of all origination documents furnished to customers and to the dealership.
Store copies of the appropriate disclosure forms required for the loan type. Per Truth in Lending Act and Regulation Z.
Store copies of contracts and standard closed-end credit disclosures. Part of TILA (Truth in Lending Act) means including contracts and the disclosures that are required. See regulations: (12 CRF 1026.17(a) and 1026.18).
Comply with Electronic Fund Transfer Act/Regulation E. Your loan management platform and any other payment systems should comply with the requirements established by the EFTA regarding EFT procedures (EFTA- Regulation E).
Store EFT pre-authorization and disclosure documents. To comply with requirements EFTA Regulation E (12 CRF 1005.10) the loan management system should store EFT (Electronic Funds Transfer) pre-authorization and disclosure documents. Ideally, it should facilitate formulation of a fail-safe workflow procedure that requires the pre-authorization documents before an EFT transaction can be executed.
Single EFT transactions must comply with EFTA Regulation E. In short, electronic fund transfers must follow a very specific set of rules when it comes to authorization, pre-authorization, single and recurring transactions. For more information see statues 12 CRF 1005.1 to 12 CRF 1005.20.
Keep a history of all EFT transactions on the account.
NOTE: CFPB Examiners will confirm customers are NOT required to setup recurring EFT to get the loan. This would violate the law. As such, the lender SHOULD offer a non-EFT method of payment. For more information, take a look at page 19 of the CFPB’s Auto Finance Examination Procedures.
Handle application denials and adverse action notices. Equal Credit Opportunity Act/Regulation B refers to customers being notified, in writing, within 30 days of completed application of any adverse action (i.e. denied application) due to their credit profile. This also includes any adverse action on the account. The ideal system should automatically generate and mail any adverse action notices when they occur, and then store copies of those notices in the system complete with date stamps.
Handle disclosure documents and procedures of less favorable terms. Fair Credit Reporting Act (FCRA) Regulation V requires finance companies to provide disclosures if less favorable terms are given due to the borrower’s credit.
Detects loans that are subject to risk-based pricing regulations and sends appropriate notices to customers. The loan system should detect particular loans or customers that are subject to risk-based regulations and that the appropriate notice(s) are sent. This method should comply with regulation (12 CRF 1022.72(b)). Risk-based pricing includes: credit score proxy method, tiered pricing method, and direct comparison method. The risk pricing notice may contain several documents. See page 22 of the CFPB Examination procedures for more details.
NOTE: Several documents need to be sent on a specific timeframe depending on the details of the applicant, including the offer extended to them, and the general lending practice. In all these circumstances, the loan system should be able to go through a series of “if” then “that” processes that determine what notices should be sent. In all cases, the documents should be archived for auditing and they must be sent (automatically) within a specific timeframe.There should be a system in place to regularly audit this process for documents and notices.
Module 5 – Payment processing, Maintenance, and Optional Products
The loan system should post payments in a timely manner and facilitate the audit process.
If an ACH payment is rejected, the system should have a workflow to notify the customer within a specific timeframe.
The system must provide the customer service center(s) access to customer’s current loan/lease information including any failed EFT.
The system should have a workflow to appropriately handle any customer requests for information such as amortization schedules, pay-off amounts, principal and interest paid, etc. In short, it should grant the customer access to their account information. Note that most of this information could be accessed via a customer facing online portal.
The system should have a workflow process to appropriately handle Servicemembers Civil Relief Act. For example, loans must be changed to 6% interest when military personnel goes to military service.
The system should have a workflow or process to automatically send notices regarding any fees such as penalties or other charges.
The system should have a workflow and record the right information to manage wrongfully assessed fees such as late fees and delinquency fees.
The system should apply the payments correctly (payment waterfall). The ability to handle multiple loans to one borrower and allocate the payments including half-payments is a must. Part of this process should give the customers the ability to make changes to the attribution of payments. This means the system should be able to modify the distribution and attribution of payments.
The system should handle early and extra payments correctly. Changes to principal and amortization schedules due to early payments or extra payments should be accurately reflected.
The system should automate statements. This includes treatment of credit balances in accordance to Truth in Lending/Regulation Z CFR 1026.21.
When a loan is sold or managed by a third party servicer, the transfer of the loan is done correctly by the system. It should be able to keep the integrity of the agreements by transfer notes and documents.
As you can see, there's a lot to consider, but it's worth your time to ensure your company is compliant. Lenders are under intense scrutiny now more than ever as the public demands transparency and the government regulators work to ensure that transparency. Look for more posts down the line as we continue to explore the changing regulations.