CFPB Has Expanded Its Vendor Management Reach

CFPB exams for the non-bank lender have matured in recent years. The scope of the examination process has expanded to include a much more thorough review of vendor oversight.

Our expert can attest that they’ve witnessed and been involved in the changing scope of the examination process. Certainly, every year, the level of scrutiny seems to be increasing. So, it appears that the CFPB has expanded their scope and, like many internal vendor management programs which are also in a state of various maturity levels, so is the fashion by which the CFPB approaches the topic of oversight.

Non-Bank Mortgage Lenders Just Starting Out With Vendor Management 

In a recent poll of over 180 non-bank mortgage lenders, approximately 48% of lenders stated their vendor management program was classed as a mature level while a staggering 46% stated they were “Just starting out”.

If these vendors are flying under the radar, it could be a case of playing Russian roulette of your responsibilities to implement vendor oversight practices. As a wise insurance claim analyst once told the driver who hadn’t had a claim in 20 years, “You were due." Don’t let this be the case with failing to implement a robust vendor management program.

The Maturing CFPB Examination Process

In the space of the last three years, the depth and detail of the questions during an examination have developed into something that resembles the following:

• Year 1. The examiner requests a copy of your vendor management policy and procedures.
  
  
• Year 2. The examiner requests copy of the vendor management policy and procedures along with a list of your critical vendors.
  
  
• Year 3. (My most recent experience.) The examiner requests the above information plus copies of actual audit documentation and the board approved reports that you have conducted during the year.

The CFPB is itself connecting the dots to identify risk and non-compliance.

Today, the CFPB essentially looks to the policy and procedures and ties that into measuring the lenders actual compliance with the policy. In addition, it's common nowadays to also:

• Submit copies of all of the vendor audit findings
• Submit board approval
• Submit corrective action notices
• Show/explain outlook reminders and excel reports if you use those
• Demo your vendor management software if your program is matured past using reminders and excel

By understanding the sophistication of the potential CFPB examiner will help you be better prepared not only during examination season but how you manage your internal program.

Regulatory Oversight Reaches Far and Wide

It isn’t just the CFPB looking at the non-bank lender's vendor management records. For every state that a lender is licensed opens the additional oversight from that state examiner.

Again, one of the great things about my role here at Venminder is that I get to speak to a lot of Vendor Managers and I hear some of the same stories repeatedly that I also experienced sitting on that side of the table. In fact, one vendor management department recently explained that they had 15 state visits in the course of 3 weeks out of the 22 states they were licensed in.

Depending on your organization's size, your reputation in the market, even down to the number of complaints your company receives on the CFPB consumer complaint portal, may vary and determine when you come up on the examination radar. However, you still must prepare for potential GSE exams along with state examiners.

Being prepared will go a long way in demonstrating that you take vendor management seriously and are concerned with the protection of the borrowers NPPI. The CFPB or any examiner needs to have the sense that you are taking a PROACTIVE rather than a REACTIVE approach to vendor management.

For help on doing proper oversight on a contract mortgage underwriter, download our infographic.