SEPTEMBER/OCTOBER 2017 | VOL. 38 | NO. 5

The Mortgage
Servicing
Rule

Are You
Prepared?

Training is the key to ensuring compliance and providing the best customer service in mortgage loans.

What to Consider Today in Anticipation of the New Regulation

WHILE FINANCIAL INS TITU TIONS HAVE INVES TEDmuchtimeand moneyenhancingtheso-called“threelinesofdefense”thatcomprisecompliance management—businesslines,thecompliancedepartment,andinternalaudit—many continuetostrugglewithhowbesttodeploythem.

Often, compliance monitoring and compliance audit have been built as separate silos that largely operate independently of each other. But banks that coordinate the compliance monitoring done by the first two lines with their internal audit efforts, can help streamline operations and minimize disruptions across the organization while still meeting evolving regulator expectations.

Compliance Audit and Monitoring Functions

Financial institutions deploy the three lines of defense—monitor-
ing, reviewing, and auditing—to perform the audit and monitoring
functions in different ways. For example, in one bank, the busi-
ness lines might carry the majority of the compliance monitoring
load, the compliance department could serve more of a consult-
ing role to the business lines, and internal audit might provide
the independent compliance reviews that extend throughout the
organization. Another bank could have the compliance depart-
ment perform detailed monitoring reviews over line-of-business
processes, and internal audit could assess the compliance program
on a more holistic level. Regardless of how the first and second
lines of defense integrate compliance monitoring, internal audit
must remain independent. (For a more extensive discussion of
the three lines of defense, see the article “Compliance in 3D: The
Three Lines of Defense and What You Need to Know” in the Sep-
tember/October 2016 issue of ABA Bank Compliance magazine.)
Monitoring and independent audit of compliance both have
been part of the picture for some time, but until recently, the
line between the two often was blurred. As long as someone was
providing compliance testing independent of the business lines for
the organization, regulatory agencies typically were satisfied. That’s
no longer the case. Regulators now expect more of a distinction
between the two as part of a mature compliance management
program. The compliance department should maintain a clear
understanding of how compliance is functioning throughout the
organization, with internal audit providing an independent opinion
on whether compliance controls are appropriately designed and op-
erating effectively, including the compliance monitoring function.
The Consumer Financial Protection Bureau’s (Bureau’s)

Compliance Audit & Compliance Monitoring:

BYJOSEPHN.DURHAM,CRCM,CAMS,and PAULR.OSBORNE,CPA,AMLP,CAMS

Better Together

Than Apart

Always keep in mind that
internal audit needs to
remain independent and
should never avoid closely
scrutinizing high-risk areas
simply because they are
covered by the compliance
department.

24 | ABA BANK COMPLIANCE | SEPTEMBER–OCTOBER 2017 SEPTEMBER–OCTOBER 2017 | ABA BANK COMPLIANCE | 25

■■ ■

An institution’s goal should be to tackle this large undertaking by finding the most streamlined, synergistic, economical and hopefully least burdensome enterprise approach.

FEATURES
COLUMNS:
16 | Perspective

B Y PAUL BANKER

28 | HMDA

B Y NIMA VAHDAT, CRCM, CAMS

33 | The Other Side

B Y S TU LEHR, CRCM

DEPARTMENTS
34 | From the
Hotline

B Y LESLIE CALLAWAY,
CRCM, CAMS, CAFP
MARK KRUHM, CRCM,
CAFP
RHONDA CAS TANEDA,
CRCM

37 | Regulatory
Developments
Table
38 | Around the
ABA
40 | Continuing
Education Quiz

4 | The Mortgage Servicing Rule— Are You Prepared?

BY LIZA WARNER, CPA, CFSA, CRMA, AND JIM SHANKLE, CFSA

The Bureau issued a final rule in August 2016 referred to as the 2016 Mortgage Servicing Rule. Now is a good time to step back and assess how prepared your organization is for these new provisions.

10 | Implementing HMDA 2018: Nearing Critical Mass

BY RICK KOHRUMEL, CRCM, CAMS

Your financial institution may want to consider some essential strategies during the HMDA implementation.

Here you’ll find a review of many of the new and changed rules, and their expected impact.

18 | Update on Commercial Loan Data Reporting: What to
Consider Today in Anticipation
of the New Regulation

BY CARL PRY, CRCM, CRP

Dodd-Frank included a brand-new data collection and reporting requirement under ECOA for small-business and minority- and women-owned business applications and loans. It’s in each bank’s best interest to start the planning process now.

24 | Compliance Audit and Compliance Monitoring:
Better Together Than Apart

BY JOSEPH N. DURHAM, CRCM, CAMS, AND PAUL R. OSBORNE, CPA, AMLP, CAMS-AUDIT

Often, compliance monitoring and compliance audit largely operate independently of each other. However, banks that coordinate compliance monitoring with their internal audit efforts can help streamline operations and minimize organizational disruptions while meeting regulator expectations.