CUNA Regulatory Comment Call

June 5, 2009

EXECUTIVE SUMMARY

• The National Credit Union Administration (NCUA) and the other Federal financial institution agencies (Agencies) have issued proposed rules to implement the Secure and Fair Enforcement for Mortgage Licensing (SAFE) Act. The SAFE Act requires an employee of a financial institution and their subsidiaries that are regulated by an Agency who act as a residential loan originator to register with the Nationwide Mortgage Licensing System and Registry (Registry).
• These rules will apply to federally-insured credit unions but will not apply to credit union service organizations (CUSOs) as they are not regulated by NCUA. However, CUSOs and their employees must comply with State licensing and registration requirements that are also mandated under the SAFE Act.
• The SAFE Act also requires the employee to obtain a unique identifier that is associated with the originator within the Registry system and requires the employee to maintain this registration.
• The proposal implements these SAFE Act provisions and provides that financial institutions require its employees to comply with the SAFE Act provisions to the extent that they are residential mortgage loan originators. The financial institution must also adopt and implement written policies and procedures that are intended to ensure compliance with these requirements. These policies and procedures must be tailored based on the nature, size, complexity, and scope of the institution’s mortgage lending activities.
• Comments in response to the proposed rules will be due within 30 days after the proposal is published in the Federal Register, which should be within the next few days.

Please feel free to fax your responses to CUNA at 202-638-7052; e-mail them to Senior Vice President and Deputy General Counsel Mary Dunn at mdunn@cuna.coop and to Senior Assistant General Counsel Jeff Bloch at jbloch@cuna.coop; or mail them to Mary and Jeff in c/o CUNA’s Regulatory Advocacy Department, 601 Pennsylvania Avenue, NW, South Building, Suite 600, Washington, DC 20004-2601. You may also contact us at 800-356-9655, ext. 6732, if you have questions or would like a copy of the proposed rules. You may also access a copy here.

BACKGROUND

The SAFE Act was enacted last year and requires a nationwide licensing and/or registration system for residential mortgage loan originators. For financial institutions, the respective Agency must develop a registration system by July 29, 2009. However, under the proposal, the initial registrations do not have to be completed until 180 days after the Registry is capable of receiving them, which is not expected until mid-year 2010. At that time, employees will not be able to originate residential mortgage loans until they register and obtain a unique identifier that is associated with the originator within the Registry system. The Agencies will issue a formal announcement in advance of the date when the Registry will begin accepting registrations.

Those not regulated by an Agency must be licensed and registered under State law, and the SAFE Act requires all States to have such a system in place by July 29, 2010. This would include CUSOs and their employees. Employees who originate residential mortgage loans for the CUSO and the credit union would be subject to both the State licensing system and the requirement under these proposed rules. The Registry is used for both the State system and for the registration system outlined in these proposed rules.

The SAFE Act requires the development of a registration system for financial institution employees through the Registry, which is an Internet-based system developed and maintained by the Conference of State Bank Supervisors and the American Association of Residential Mortgage Regulators. Information that is to be submitted to the Registry includes the mortgage loan originators fingerprints for criminal background checks, as well as personal history, experience, and information related to administrative, civil, or criminal matters.

The Agencies expect to enter into an agreement with the Registry that addresses other requirements and issues, such as fees, security, and other operational matters. However, this agreement will not be completed until this proposal is finalized.

The Registry will serve as a repository of information on mortgage loan originators. The financial institution will be responsible for reviewing employee submissions and reports that are received from the Registry.

BRIEF DESCRIPTION OF THE PROPOSED RULES

Residential mortgage loan originators must register if they are employees of a financial institution or a subsidiary of a financial institution that is regulated by an Agency. This would not include CUSOs as they are not regulated by NCUA, although CUSO employees would have to comply with the State registration and licensing requirements.

Under the proposed rules, the mortgage loan originator must register with the Registry, maintain and renew that registration, and obtain a “unique identifier,” which is a number or other means of identification that is associated with the loan originator within the Registry system. The unique identifier remains the same, even when the employee changes employment, moves, or changes his or her name. This identifier tracks the loan originator and facilitates public access to the employment history and any disciplinary or enforcement actions that have been initiated against the loan originator. The financial institution must require its employees to comply with the proposed rules and cannot allow them to originate loans until they are in compliance.

A “mortgage loan originator” means an individual who takes a residential mortgage loan application and offers or negotiates the terms of a mortgage loan in exchange for compensation. This would not include an individual who performs purely administrative or clerical tasks on behalf of a loan originator or an individual who only performs real estate brokerage activities. This would also not apply to those who originate timeshare loans. The term “administrative or clerical” tasks means: 1) the receipt, collection, and distribution of information common for the processing or underwriting of a residential mortgage loan; and 2) communication with a consumer to obtain information necessary for the processing or underwriting of the mortgage loan.

The proposal includes an appendix that provides numerous examples of activities that would cause an employee to be considered a “mortgage loan originator” for purposes of these rules, which are not all inclusive. These include examples of when an employee:

• Takes or does not take a loan application.
• Offers or negotiates the terms of a loan, as well as examples of what does not constitute offering or negotiating these terms.
• Does or does not offer or negotiate the terms of a loan for compensation.

The proposed rules only apply to residential mortgage loans that are used for personal, family, or household use. This also includes refinancings, reverse mortgages, home equity lines of credit, and other first and second lien loans.

The proposed rules will not apply to an employee if during the previous 12 months: 1) the employee acted as a loan originator for five or fewer residential mortgage loans; and 2) the financial institution employs originators who meet this threshold who in aggregate originate 25 or fewer residential loans. The employee would have to register if either the individual or aggregate threshold is exceeded. However, once registered, the employee must continue to be registered until he or she stops making mortgage loans, even if the employee falls below the above threshold in any one specific year. Also, these thresholds are voluntary and loan originators are permitted to register if they choose or if their employer requires registrations.

The loan originator must renew his or her registration annually during the period between November 1 and December 31 of each calendar year, regardless of the date of the initial registration. To renew, the loan originator must confirm that the information in the Registry is still accurate and complete and must update any information, if necessary. In addition to providing an update during the renewal period, the information also needs to be updated when:

• There is a change in the employee’s name.
• The individual ceases to be an employee of the institution.
• Other information supplied by the individual during the registration process becomes inaccurate.

The initial registration is effective as of the date the registrant receives notice from the Registry that the process is complete. A renewal or update is effective when the registrant receives notice from the Registry that the renewal or update is complete. Here is the employee information that has to be submitted to the Registry:

• Identification information, which includes names and former names, Social Security Number, gender, date and place of birth, as well as home and business contact information.
• Date the employee began his or her employment.
• Financial services employment and financial history for the past ten years.
• Criminal history with regard to felonies and certain misdemeanors.
• History of financial services-related civil actions, arbitrations, and disciplinary actions.
• Professional license revocations or suspensions as they pertain to financial services.
• Employment terminations based on violations of law or standards of conduct.
• Actions described above that are pending.
• Fingerprints, in digital form if possible, as well as any other information that is needed for conducting a criminal history background check. Fingerprints that the financial institution currently has on file may be used if they are less than three years old.

The financial institution may either provide the required information to the Registry or request that the employee do so. Either way, the employee must attest to the correctness of the information and must provide authorization for the Registry or the financial institution to obtain information related to any administrative, civil, or criminal findings in which the employee is a party. The employee must authorize the Registry to make the following information publicly available:

• His or her name or other names used.
• Name of current employer.
• Current principal business location and business contact information.
• Ten years of relevant employment history.
• Publicly adjudicated or pending disciplinary actions and arbitrations against the employee.

The nonpublic information submitted to the Registry will be available to the Agencies and to State mortgage regulators, as appropriate. The financial institution must have policies and procedures for confirming the adequacy and accuracy of employee registrations, which must also cover updates and renewals.

The financial institution is also required to provide certain information to the Registry, which includes the institution’s name, main office address, primary Federal regulator, primary point of contact information, and contact information for “system administrators,” who will have the authority to provide this information to the Registry and keeping it and its list of registered employees current. System administrators, who may not serve as loan originators, must update the information within 30 days after it becomes inaccurate.

In addition, the financial institution must confirm to the Registry that it employs the registrant after all the other information about the employee is provided. Within 30 days after the registrant is no longer an employee, the financial institution must notify the Registry of the date that he or she ceased being an employee.

Employees who are registered will not have to re-register when they change their place of employment and continue to originate mortgage loans provided that:

• The employment information in the Registry is updated.
• New fingerprints of the employee are provided to the Registry for a new background check if the current ones are more than three years old.
• Information about the new employer is provided to the Registry, as required under these rules.
• The registration is maintained, as required under these rules.

These re-registration requirements apply when transferring from one financial institution to another when both are covered under these rules, regardless of whether either is a bank, thrift, or credit union. They also apply when the originator was State-licensed under the SAFE Act prior to transferring to a financial institution that is covered under these rules. In addition, the rules provide a 60-day grace period to comply with these re-registration requirements when employment changes as a result of an acquisition, merger, or reorganization.

Financial institutions must implement written policies and procedures that are intended to assure compliance with these rules. These must be appropriate to the nature, size, complexity and scope of the institution’s mortgage activities and must include the following:

• A process for the identification of which employees are required to be registered.
• A requirement that all employees who are mortgage loan originators be informed of the requirements of the SAFE Act and these rules and be instructed on how to comply.
• Procedures to comply with the unique identifier requirements. These include requiring the employee to provide the unique identifier to consumers upon request, before acting as the loan originator, and through the originator’s initial written communication with the consumer, if any. The institution must also make this available to consumers in a manner practicable to the institution, such as through its website, in a branch office lobby, or upon request of any employee.
• Procedures for confirming the adequacy and accuracy of the employee registrations, including updates and renewals. This would include comparing information supplied by the employee for purposes of registration with the information in the institution’s records.
• Procedures and tracking systems for monitoring compliance with the registration requirements, such as maintaining appropriate records.
• Periodic independent testing of the institution’s policies and procedures for complying with the SAFE Act and these rules. Testing may be done by institution personnel or outside parties.
• An outline of appropriate actions to be taken if employees fail to comply with these requirements, including prohibitions on making loans or other disciplinary actions.
• A process for reviewing the criminal background history reports on employees that are received through the Registry and taking appropriate actions. Institutions must maintain these reports and document any actions taken.

• The Agencies propose thresholds in which registration will not be required if mortgage loan volumes do not exceed certain levels. Are these adequate and appropriate? What would be the burden of complying with these thresholds and how can they be minimized? Should there be other types of thresholds, such as an asset-based threshold used under the Home Mortgage Disclosure Act?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Should the rules apply to modification of existing loans? Should this exemption be temporary in light of current economic conditions or should it be permanent? Should there be criteria for this exception, such as applying only to modifications in which the rate, payments, or principal is reduced. Should the rules apply to mortgage originators who engage in approving loan assumptions? Should the rules apply to loan originators who refinance existing loans, especially if there is no cash-out and the refinance is with the existing lender? Would these exclusions adversely affect the consumer protections under the SAFE Act and these rules?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Will the 180 day implementation period after the Registry is operational provide adequate time to comply with these rules? Is there an alternative that would be more appropriate? Should a staggered process be implemented and how should that be developed? What other alternatives are there for addressing the large numbers of initial registrations that will have to be processed when the Registry is operational? Is it appropriate for one employee to provide information to the Registry on behalf of another?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Are the initial registration requirements, as well as the requirements to maintain registration, adequate and feasible and do they serve the consumer protections purposes of the SAFE Act? Is the 60-day grace period to re-register when there is an acquisition, merger, or reorganization appropriate? Is the three-year limit for using existing fingerprints appropriate? Do you currently have fingerprints for employees and are they in digital or paper form?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Do you believe the data that must be collected is appropriate? What about the data that will be made public? Is there additional information that should be collected or made public?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• How difficult will it be to establish policies and procedures that are designed to assure compliance with these rules? How much time and resources will be needed to adopt such policies and procedures?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Will the features and requirements of the unique identifiers be adequate and appropriate for providing the consumer and fraud protections, as envisioned under the SAFE Act? Do these pose problems for financial institutions and their employees? Are there circumstances in which a mortgage loan originator would not be able to provide the unique identifier to the consumer before acting as the loan originator? Do the rules ensure that consumers will be made aware of the information that they will be able to access in the Registry?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Besides those in the Appendix, what other examples would there be of activities that would cause one to be or not be considered a “mortgage loan originator? Should examples be in the Appendix or provided by some other means? Are there mortgage loans made in which there may be no mortgage loan originator? Are there automated processes in which mortgage loans are offered without a loan originator? If so, please describe the communication that a consumer has with you and your staff. In general, what activities are conducted by employees with respect to mortgage loan pre-approvals?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  
• Other comments?
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

  ---

  
  
  

Copyright © 2009 - Credit Union National Association, Inc.