Bank of America is on the hook for $12 million in penalties after the Consumer Financial Protection Bureau (CFPB) issued a consent order against the bank for falsifying mortgage lending data.
Hundreds of loan officers at Bank of America failed to record any demographic data for mortgage applicants beginning in 2016, inaccurately reporting that these applicants opted out. The CFPB observed that many officers were simply not asking for information required by law.
How did this happen?
The bank discontinued its monthly monitoring of “information-not-provided" for respondents that same year. Within the year, rates for information-not-provided for race and ethnicity rose from 6% to 9%, eventually reaching 17% in 2020 according to the consent order.
As far back as 2013, Bank of America had an “information-not-provided" rate three to four times higher than its peer institutions, according to the CFPB. Even after it implemented a monitoring program in 2013 to “solve” the problem – dropping its “information-not-provided" rate from 13% to 6% – they were still nowhere near the average of 3% of other large banks.
In particular, the bank failed to oversee loan officers collecting HMDA-reportable data over the phone. It had a problem with loan officers failing to ask for this information but consistently ignored the issue, the CFPB says.
What happens when you fail to train employees on HMDA lending compliance
The backbone of your compliance management program (CMP) is employee training. Any institution that offers mortgage loans – from banks and credit unions to mortgage lenders – should provide HDMA compliance training to all relevant employees.
For instance, the Fair Lending Guide from the National Credit Union Administration (NCUA) recommends training for “all employees involved in any aspect of taking, evaluating, acting on a credit application, or furnishing/maintaining credit information.”
Effective training programs should be role-specific, customized for the particular job, and take into account an employee’s previous experience and level of expertise. New lending officers need a basic understanding of their essential regulatory compliance responsibilities – they should certainly understand the importance of collecting demographic data on HMDA-reportable loans.
As they take on additional responsibilities or their roles shift, employees must acquire a deeper knowledge of the interplay of compliance issues from UDAAP to CRA.
Related: 9 Fair Lending Compliance Training Essentials
How do we know the fair lending training at Bank of America needed improving? A BofA spokesperson said so: “After receiving one complaint in 2020, we conducted a review and notified the government, which prompted this inquiry. As the CFPB notes, we took additional steps in 2020 and 2021 to enhance our monitoring and training to ensure employees ask applicants for required racial, ethnic, and gender information. This data collection issue had no impact on applications,” news outlets reported.
Probing a little deeper into this statement and the press release surrounding the CFPB’s consent order, there are a few discrepancies to highlight.
- Bank of America discontinued its loan monitoring program in 2016, which led to an immediate and significant spike in “information-not-provided" applicants.
- Despite instituting its monitoring program, the bank still underperformed its peers in collecting demographic data on HMDA-reportable loans.
Clearly, its compliance management system was lacking.
Building a robust HMDA compliance management system
A compliance management program is one element of a compliance management system (CMS). It’s one thing to have employee compliance training and policies and processes. It’s another thing to ensure that policies and processes translate into actual procedures.
In the case of Bank of America, it likely had a policy that lending officers needed to collect demographic data from mortgage loan applicants. It also likely also had a process for ensuring it was HMDA compliant.
But it lacked governance: the oversight to ensure policies and processes became employee procedures.
Examiners stress the importance of the board's and management's compliance oversight for this very reason. When regulators discuss a culture of compliance, they want to see that your financial institution has effective compliance policies and processes. But they also want you to maintain oversight of procedures. Without oversight, there is no way to be sure of effectiveness.
Financial institutions can comply with HMDA and avoid regulatory penalties with robust oversight and insight into mortgage lending procedures.
The importance of HMDA data scrubs for compliance
Maintaining an effective HMDA compliance management system begins with reporting clean data on the CFPB’s online Loan Application Register (LAR). LAR data fields required for HMDA reports include applicant demographic data, including race, ethnicity, gender, and income.
Additionally, the CFPB requires reporting on loan amounts, dates, collateral, and loan status. Identifying gaps in reporting between the original loan documentation and information entered in LAR is essential.
HMDA scrubs compare data entered in the LAR with applications within a financial institution’s Loan Origination System (LOS) or physical loan documents. Inaccurate HMDA data violates the law. When regulators observe a pattern of discrepancies in LAR reporting, you expose your financial institution to enforcement actions and fines.
FIs should scrub their HMDA data periodically. How often a particular lender needs to scrub HMDA data depends on the institution's size, the number of mortgage loans underwritten, and its defined risk tolerance.
Related: HMDA Scrubbing FAQ
It’s crucial that financial institutions don’t wait until the last minute to evaluate HMDA data before the annual March 1 submission deadline. Regularly evaluating LOS data for inconsistencies or errors ensures a clean and accurate transmittal process.
It is challenging and time-consuming to perform this task manually, which is why many financial institutions rely on HMDA transmittal software solutions.
For instance, software with geocoding capabilities can quickly tell you if an address on a mortgage application is incorrect.
GMI and fair lending
Fair lending software spots anomalies in your mortgage lending data.
HMDA government monitoring information (GMI) mandates that financial institutions collect demographic data.
Too many instances of “information-not-provided" in the CFPB’s LAR are red flags for regulators. On occasion, borrowers will decline to provide demographic data. In these instances, the expectation is that lenders should determine the ethnicity, race, and sex of the applicant based on “visual observation or surname,” according to Reg C.
When the ethnicity, race, or sex of the applicant cannot be determined (For example, they filled out an application online or over the phone and their name offers no clues), institutions will mark this down as either Code 2 or Code 3 in LAR.
Related: Consumer Fair Lending Analysis – What's in a Name
But as we saw with Bank of America, regulators will become suspicious if too many of these codes appear. They will compare your performance obtaining HMDA data with peer institutions in your assessment area.
The best way to avoid penalties or increased scrutiny from regulators is to ensure that your institution has a robust HMDA compliance management system – that you train employees, scrub your data consistently, and understand performance expectations based on peer lenders in your assessment area.
Take our Quiz below!
Subscribe to the Nsight Blog
Share this
Fair Lending Pitfalls: The CARES Act & Mortgage Loan Servicing
8 Red Flags Indicating Potential Fair Lending Risk
