No matter what kind of mortgage lender you are, you likely know the dread of the third-party compliance audit. Whether it’s completed by your warehouse partner (likely a third-party vendor), or a government regulator at any level, it’s probably not your favorite time of year (or the quarter, for that matter). Who likes to hear about where they’re failing—or worse, what the fine for that failure could cost? Many a CEO have lost sleep in anticipation of the unwanted “discoveries” that come with an audit.
Part of the problem comes from the traditional way our industry approaches compliance and/or QA. Even owners and executives who have made genuine efforts to build solid compliance programs frequently don’t have a way to monitor whether or not the programs are working—until the audit. Let’s face it: compliance is not considered a revenue-driver (although I’ve argued against this in the past). It’s an expense, and a major one at that. So, often times the temptation is to get it done “for once and for all.” A new system that claims to be comprehensive. A part-time compliance officer or, better yet, an outside firm to call just before the aforementioned audit.
For some reason, far too many firms don’t have anything continuous in place. And while training and problem spotting tend to be the focus of their efforts, monitoring is generally not. So, even though those businesses are able to explain to an auditor or regulator what training was given and when; or what basic data sets are reviewed periodically (usually for obvious financial malfeasance), or even why an unusual mortgage was processed the way it was; they can rarely explain what frontline staff are actually using from the training or doing when it’s not on paper or in a database—until it’s too late.
An audit, as unpleasant as it may be, is an opportunity for improvement. It’s also a necessary evil in an industry as interdependent and heavily regulated as ours. It’s simply impossible to set up the many moving parts (especially when the typical loan is produced by multiple different businesses working together) and expect them to hum along perfectly.
The human factor of monitoring and oversight—in addition to training, tech and documentation—is a necessary component of compliance and quality assurance. Whether that’s making use of full-time staff dedicated to the role and provided with effective methodologies, or whether it’s a third party partner charged with those duties, chances are, if you know in advance what the auditor will find under the hood, you’ll sleep better the night before that audit!
Ideas or suggestions for future topics? Have something you’d like to say to the readers of Deeper Thoughts? Please share with me at firstname.lastname@example.org.