Third-Party Risk in the Eyes of MBA President and CEO David Stevens, CMB

As part of our Venminder Thought Leadership series where we speak with the industry’s sought-after thought leaders for their perspective and advice on third parties, mitigating risk, best practices, trends and more, we had the opportunity to speak with David Stevens of the Mortgage Bankers Association.

David Stevens Interview Highlights

David is the President and CEO of the MBA. He brings a great deal of experience to the table with over 34 years in housing finance. Because of his passion and leadership, he has often spoke with the media and in congressional hearings in Washington. David is dialed into the issues in the industry, understands it’s changing and gave Venminder a deep dive overview into how the changing regulatory oversight framework is impacting housing finance.

Let’s cover:

• Vendor risk management post-financial crisis
• Limited reps and warranties and how this promotes independent vendor oversight practices
• Deregulation decisions
• Data security and cybersecurity importance
• Important housing finance areas
• Third party risk overall

You can listen to the full interview here.

Vendor Risk Management Post-Financial Crisis

David shared that post-financial-crisis, third party services have blossomed, therefore, the industry is requiring additional check and balances in the overall lending process due to the additional risk that comes into play. Still, given the additional oversight, he feels this is a positive change as leveraging external expertise can provide additional efficiencies. 

Limited Reps and Warranties and Vendor Oversight

During our discussion, we talked about limited reps and warranties and how this promotes independent vendor oversight practices. Since vendors do not offer much as far as reps and warranties, the majority of the compliance burden falls on the lender. It’s extremely important that third party oversight comes into play and the lender is checking the checker. 

Fannie Mae recently introduced Day 1 Certainty, which has offered additional warranty relief when certain data points are validated by the lender if using an approved vendor. Unfortunately, even an approved vendor can experience a breach. We are seeing data breaches of consumer and credit card data, which is a constant reminder that just because Fannie Mae has approved a vendor does not mean that the lender should discontinue their oversight duties. It’s important to ensure the vendor has everything in order on their end. This is a necessary additional precautionary check. 

Deregulation Decisions Not Wise for Third Party Oversight

Even with impactful changes like Day 1 Certainty, my discussion with David made me think of a phrase that I’d like to share as a precautionary warning, “Don’t pop the champagne just yet.”

With the temporary reorganization of the CFPB leadership in 2017, much noise had begun regarding deregulation. David shared that lenders feel that under President Trump, third party oversight may be easier with less regulatory compliance burdens to worry about. That raises an important question. Having worked so diligently to improve third party oversight and security, why would you want to roll back regulations and eliminate all the impacts and decisions made post Dodd Frank Act? David felt this would be viewed as a mistake.

The importance of oversight does not diminish and it’s important that the industry keep their credibility and reputation, therefore, deregulation would not be a wise decision.

Data Security and Cybersecurity Are Important

Data security and cybersecurity are becoming increasingly important.The Equifax breach, CFPB push for additional data points in HMDA and hourly cyber-attacks at different sized of financial institutions are just a few reasons why.

This is an area that needs to be heavily considered at an institution. It may mean an internal investment in full-time employees (FTEs) to assist with preventing cyber-attacks or pulling an outside expert in. David shared that shortly after his departure form HUD, a data breach was reported of HUD’s systems in which the government provided a credit monitoring service to him and thousands of other government employees to assist due to what data was exposed.

The concern doesn’t stop there. There is even a concern with the data security of the CFPB system. Dave shared this stems from the remaining question which is what is the CFPB trying to solve for? The CFPB, like many others, needs to have a secure system in place. Given the increase in breaches, and even the HUD breach, each regulator should be considering this.

Housing Finance – What’s Important to David?

David is a great leader and truly believes it’s important as an industry that we come together and work to make the industry stronger. He feels it’s important to make the right choices, even when they’re unpopular or tough. 

David shared his focus on 4 key areas:

1. Doing right by the customer
2. Working with the realtor community
3. Third party vendors
4. Importance of embracing the culture of true risk management
   
   

Third Party Risk Worthy of Your Time

David says opportunities significantly increase if you embrace all aspects of the business, not just be isolated to the one channel where you’re currently employed in making a living.

Through his experience in loan origination, risk management, sales and acquisitions and government leadership, central risk management standards played a part in all of them. Executives often are removed from third party risk, but David demonstrated with ease his vast experience and concerns with all the relevant topics which bleed over into one another.

Vendor risk is a strategic competitive advantage yet has its own set of challenges and requirements. What’s clear is it’s a relevant topic worthwhile of deeper discussion.

David understands that making right choices, regardless of some views, is needed. He has a passion for the industry and sharing knowledge with others in order to impact the housing finance industry positively.

To learn what you can do to improve your vendor oversight, download our infographic.