Transforming organizations through skillful alignment of people, process and technology.
The Hilltop Companies

Regulatory Compliance Audits

A core competency of The Hilltop Companies’ is our compliance audit service.   Since many of our professionals are auditors (Big 4, Government, and former bank examiners), our compliance audit team has deep experience in helping our clients with the bank regulatory requirements.   Specifically, our team has helped with identifying the requirements that need compliance, assessing the client’s policies, testing the processes, and reporting (including the creation and use of technology used to track compliance).

Compliance audit services are provided to assess the compliance with a number of different requirements, such as:

  • Bank regulatory requirements,
  • Federal and State law requirements for lenders and loan servicers,
  • Contracts for performance between two parties,
  • Compliance with loan covenants,
  • Investor Seller/Servicer requirements,
  • Loan securitization servicing requirements (primary, special and master servicer requirements)
  • Loan securitization or contract event “triggers”
  • Loan sale repurchase requirements,
  • Loan indemnification requirements,
  • Calculations required to support purchase price agreements, Regulatory AB requirements, repurchase amounts, indemnification amounts, etc.

The compliance audits that we execute in the Bank, lending, loan servicer or capital markets regulatory areas include, but are not limited to, testing compliance with requirements for:


  • Anti-Money Laundering,
  • Bank Secrecy Act,
  • OFAC – Foreign Asset Control,


  • Fair Lending,
  • RESPA,
  • TIL,
  • GFE,
  • HMDA,
  • GSE Seller/Servicer Requirements,

Loan Servicing

  • HAMP,
  • HARP,
  • Fair Credit Reporting,
  • Fair Debt Collection Practices
  • GSE Seller/Servicer Requirements


  • Disclosures for Regulatory AB
  • New due diligence requirements for underlying assets

The Hilltop Companies is very familiar with the banking, lending, loan servicing  and securitization regulatory requirements.    Our compliance audit teams have interfaced with many of the regulatory agencies including the following:

  • OCC
  • Federal Reserve,
  • FDIC,
  • Treasury,
  • State regulators for consumer compliance and licensing requirements
  • FHA
  • VA
  • HUD
  • Federal Home Loan Banks
  • Ginnie Mae
  • Fannie Mae
  • Freddie Mac
  • FHFA

Our compliance personnel are very familiar with the on-going changes in requirements as communicated in the Federal Register, Federal and State Agency websites, FHA guides, VA guides, GSE Seller/Servicer guides, HUD and FHA audit guides, MBA’s USAP, etc.

Our iSolutions technology team has created a web based audit tool that can be configured to test any of the regulatory requirements noted above and is used by the compliance audit teams.  The benefit of the Compliance Audit System (CAS) is that it standardizes the audit process, specific audit steps to be taken, provides “drop down” menu choices for findings and a free form text area to note any other issues that the auditor deems important to support our conclusion.  The CAS tool can easily be updated when any changes in the regulations are released – the new/changed audit steps can be uploaded quickly and our teams can immediately begin testing to such new regulation.

We have used the CAS tool for consent order work, litigation, on-going compliance reviews, State Attorney Generals’ settlement orders, etc.

Our compliance audit teams are typically engaged by our clients prior to a regulatory exam (to prepare for and anticipate what findings may be), after regulatory exams (as part of the remediation efforts to assist our client in implementing/adhering to the regulatory audit’s recommendations) or as part of a retained monthly, quarterly or year-end audit process (this may be done in conjunction with Internal Audit or Compliance).