Hilltop’s Regulatory Risk and Compliance practice is the second largest component of our business. We are very familiar with the regulatory environment for banks, lenders, loan servicers, securitization issuers, credit unions, insurers, etc. Regulatory risk is significant for all of these companies, especially given the recent years of expanded regulation. The following Federal/state agencies and GSEs have direct or indirect requirements that require specific regulatory compliance:
- Federal Reserve,
- State regulators for consumer compliance and licensing requirements,
- Federal Home Loan Banks,
- Ginnie Mae,
- Fannie Mae,
- Freddie Mac, and
Our compliance personnel are very familiar with the on-going changes in requirements as communicated in the Federal Register, Federal and State Agency websites, FHA guides, VA guides, GSE Seller/Servicer guides, HUD and FHA audit guides, MBA’s USAP, etc.
Hilltop’s focus in the compliance risk area is to provide our clients with advice on the following:
- identifying our client’s “total exposure” i.e. what are the compliance requirements that apply to their business,
- identifying our client’s specific exposures i.e. where the Company may not/is not in compliance with specific regulatory requirements,
- assessing whether the regulatory compliance policies are in compliance with the Federal/state/GSE regulations (we often team with legal counsel on this assessment),
- assessing our client’s definition of the compliance requirements and what controls have been implemented to monitor, prevent, detect and remediate compliance exceptions (defining the requirements is one of the top reasons for non-compliance),
- testing compliance – policies, procedures, controls, documentation, quality of personnel, technology tools applied, data utilized to monitor compliance, etc. (execution of the compliance policies is usually the biggest area where compliance is an issue),
- assisting our client in identifying issues prior to the examiner finding such (issues relating to the compliance requirements definition, application, inaccurate or incomplete policies, process exceptions, technology problems, people, culture and the overall compliance management system concerns),
- helping with redesign of the compliance policies, processes and/or remediation of compliance exceptions.
Our goal is to help our clients with “staying on top” of their compliance requirements while also managing the efficiency and cost aspects of being compliant (i.e. assessing alternatives to comply without being excessively expensive).
Regulatory actions are generally serious actions taken by regulators to force a change in the entity’s financial position, operations, and/or technology to effect compliance with the applicable regulatory requirements. The regulatory action can take the form of one or more of the following:
- Regular examination comments and recommendations that are typically made as part of the final report.
- Supervisory letters that make “strong” recommendations and/or mandates for the entity to implement (Memorandums of Understanding (MOU) or Memorandums Requiring Action (MRA),
- Consent orders that are a legal mandate for the Company to respond, submit a remediation plan and perform such within a given timeframe.
Such regulatory actions are hopefully not common occurrences but they are a result of regulatory compliance risk. However, when they do occur, our clients have engaged Hilltop to assist with the response to the regulator, as well as, design and implementation of new policies and procedures and performing any necessary remediation efforts. We are comfortable working with the banking regulators, mortgage investors and/or other third parties who may require action by our client.
Our Regulatory Risk and Compliance team can assist your company with planning the response, planning the changes to be made, assist in implementation of the changes and monitoring of the overall remediation activities. The consent order issued that required hiring of an independent consultant to assess the top 14 mortgage servicers’ foreclosure compliance activities is an excellent recent example. We deployed over 150 compliance auditors to assist with this effort.
Hilltop can also perform compliance risk reviews by providing pre-exam readiness assessments for all of the various regulatory requirements (lending, loan servicing, anti-money laundering, BSA/privacy, safety and soundness, etc.).