Bridging the Gap
A Dialogue on Select Issues in
Audits and Scorecards
ALFN ANSWERS 2015
Introduction
• Purpose of Panel to inspire dialogue
surrounding one of the more controversial
topics in our industry.
• In asking questions of our panelists, please
avoid client or attorney firm specific scenarios.
• This panel is meant to provide a Bird’s Eye
view.
Questions for the Panelists?
You can submit them by:
• Texting 66363 and your question to 22333
• Ask questions or make comments verbally by using the
microphones provided in the session room
Anne Beck
Anne Beck is Vice President of Servicing Risk
Oversight at Caliber Home Loans, Inc. where she
oversees Attorney Oversight, Quality Assurance,
and Breach. She joined Caliber in 2011 as AVP of
Asset Performance, monitoring foreclosure and
REO. She also served as Vice President of REO
Operations. Prior to joining Caliber, Anne was
with JP Morgan Chase as well as EMC Mortgage.
Jan Duke
Jan Duke is the president of and lead consultant at Firm Solutions. In
this capacity, she provides strategic leadership for the company and
utilizes her extensive industry experience to create customized
solutions to resolve operational challenges for clients. Her primary
focuses are audit/compliance consulting, business-process
improvement consulting, business-development efforts, and
operational leadership guidance.
Jan began her career in the consumer packaged goods industries
and later moved to the legal field where she has held senior
leadership positions in human resources, information technology,
support services, operations management, and compliance. With
over 15 years of experience in the industry, she is able to leverage
her knowledge to assist client firms in meeting their performance
and fiscal objectives.
Corey Danzig
COREY DANZIG is Chief Compliance Counsel for Ohio-based default
services law firm, Felty & Lembright. Danzig originally joined the
Firm as an Associate in Felty & Lembright’s foreclosure practice,
handling foreclosure and real estate title matters throughout Ohio's
88 counties.
In her current role, Danzig’s responsibilities include coordinating the
Firm's compliance with all Federal and State laws, managing the
Firm's relationships with its vendors, and handling the Firm’s clients’
due diligence and audit requests. Corey's experience also includes
bankruptcy law and commercial and construction litigation. Corey
received her undergraduate degree from Boston University and her
J.D. from Cleveland State University, Cleveland-Marshall College of
Law. Danzig can be reached at cdanzig@ feltyandlembright.com
Lindsey Purdy
Lindsey Purdy graduated from the Walsh School of Foreign Service at
Georgetown University in 2008 with a Bachelor of Science in Foreign
Service and Mandarin Chinese. She graduated from Drake University
Law School in 2013 when she joined the firm of Klatt, Augustine,
Sayer, Treinen, and Rastede, P.C. Purdy’s areas of practice include
residential foreclosure, commercial foreclosure and deficiency
pursuit, federal compliance, and litigation.
In 2014, Purdy worked with a select ALFN committee, drafting the
Organization’s comment on Proposed Regulation F. She has been
published on the CFPB and the upcoming debt collection regulations
and was a recipient of the 2014“Picture the Future” award. She is
currently co-chair of the DSPG and an active member of the JPEG
and COMPG practice groups. Purdy also has presented on ethics
and professionalism in the legal profession.
A Servicer’s Perspective: Anne Beck
Questions for the panelists? Text 66363 and your question to 22333
Why Scorecard?
■ Regulatory Requirements
o CFPB
o OCC
o Attorney General
o State Examiners
■ Investor Requirements
■ Trustee Requirements
■ Performance Management
o Timeline
o Best Practices
o Quality
o Responsiveness
■ Financial Risk
CFPB
•
•
•
•
•
•
•
•
Servicer Standards
•
•
•
•
Best Practices
SLA’s
Procedures
Responsiveness
RESPA
TILA
FDCPA
HPA
ECOA
FRAUD
SCRA
FCRA
GSE, Gov’t, NY Agreement
•
•
•
•
•
Notice Requirements
FCL Timelines
Allowable fees
Processing SLA’s
Reporting
Questions for the panelists? Text 66363 and your question to 22333
PAGE: 10
Scorecards
What Makes a Good Scorecard
SCORECARD
A scorecard should provide firms with valuable performance feedback to assists in improving
overall performance. Scorecards should be:
• Consistent
• Specific
• Measurable and;
• Align with Servicers Business Objectives
How Are We Doing?
Scorecards
•
•
–
–
–
–
–
–
–
•
Servicer Challenges
KPI Challenges
What is the timeline and how to calculate
GSE Allowable
Is it realistic
What is included and removed
Not all firms using holds correctly
How do you account for prior servicer delays and hold firms accountable
System constraints
Some firms send us scorecards – should we incorporate
Quality Reviews
– Timeliness of document revisions
– Documents not in system
– Lack of response
•
Fees and Costs
– Failure to review rejected and adjusted invoices
Causing late submissions
•
No one wants to be #2
Questions for the panelists? Text 66363 and your question to 22333
Know Your Servicer
Focus On What Matters Most







Learn what’s most important to your servicer
Know to which goal you are being measured
Know what holds you are allowed to use and use them
Provide contact information and update regularly
Never miss responding to an alert
If you are scoring poorly in a metric – figure out why
Hold calls with servicer and firm line level staff not just
management
 Understand the technology – not just the flaws
 Pick up the phone and call
Will It Ever Be Possible?
To standardize scorecard methodology or have an onsite exam shared by multiple servicers?
Questions for the panelists? Text 66363 and your question to 22333
Putting Your Best Foot Forward:
Jan Duke
Be Pro-Active and Prepared for New
Client Due Diligence Requests and
Existing Client Audit Inquiries
• GSE Firm Requirements/Supporting
Documentation
• Reporting Capabilities
• Capacity Planning/Model
• Organized Storage and Dissemination Process
-Alerts
-Policies and Procedures
-Audit documents and responses
Questions for the panelists? Text 66363 and your question to 22333
BE PREPARED TO PUT YOUR BEST FOOT FORWARD WHEN RESPONDING
TO NEW CLIENT DUE DILIGENCE REQUESTS AND/OR EXISTING CLIENT
AUDIT INQUIRIES
The basis of most due diligence requests as well as the oversight initiatives from existing
servicers is based on the foundational GSE requirements in addition to subsequent CFPB
requirements. Having a “package” of the relevant supporting documents organized and ready
to submit will help ensure your firm can respond quickly and with comprehensive and concise
information. The following guide contains suggested supporting documents/data
Questions for the panelists? Text 66363 and your question to 22333
GSE REQUIREMENTS GUIDE
#
Requirement
Supporting Documentation
1
Firm’s practice areas must include end-to-end default
related and REO related legal services
2
Firm must have a stated office located in the jurisdiction
for which it is retained
Firm must provide two jurisdiction specific industry
references
Firm must have the ability to handle default-related and
REO- related legal matters throughout the jurisdiction
Attorney Bios and Firm History – outlining years of experience in industry as well as # of
years FNMA designated counsel.
Loss Mitigation statistics
Mediation statistics if applicable
Title Curative statistics
List of memberships/affiliations
Office location list
3
4
5
6
Client authorized references
Third Party Vendor Management Process and Procedures

Evaluation & Onboarding

Confidentiality Agreement including newly required language
-Breach notification requirement
-Term for violation

Contracts including newly required language
-Right to audit

SLA’s

Proof of insurance/licensing

Reputation check

Oversight program

Offboarding
Outside Counsel Reliance Statistics/Report
Firm must have completed a sufficient volume of default Reports indicating incoming volume as well as closed cases for FC, BK, REO for 24 month
related and REO related legal services to demonstrate its period
experience
Firms partners must have adequate, relevant, overall
List of partner/managing attorneys with # of years admitted to practice law + years of
jurisdiction specific experience (one or more
experience with firm
partner/mgng attorney with 8-10 yrs exp)
GSE REQUIREMENTS GUIDE
#
Requirement
Supporting Documentation
7
Firm must have one or more lead attorney(s) for Fannie
Mae matters with adequate, relevant litigation
experience in the jurisdiction (5 yrs)
Firms attorneys must be licensed and in good standing in
the jurisdiction in which the firm will be retained
Firm’s non attorney staff must have reasonable
experience
Firm must have appropriate attorney-to-staff ratio to
ensure appropriate staff oversight
Same as above
8
9
10
11
12
List of all attorneys and their Bar numbers/date of Admittance; statement indicating all
are in good standing
Report of average tenure of non-attorney staff; report indicating non-attorneys with
related certifications

Metrics illustrating attorney to staff ratio

Documentation of processes (process mapping) including escalation points;
attorney touch points; exception reporting and quality control checkpoints.
Firm must have appropriate attorney-to-file and staff-to- 
file ratios to ensure appropriate oversight
Firm must have ability to grow and contract based on
market conditions
Metrics illustrating attorney/staff to file ratio (total active files divided by
attorneys)

Documentation of processes (process mapping) including escalation points;
attorney touch points; exception reporting and quality control checkpoints.

Documented Capacity Planning Model and Process supported by following data:
o monitoring of incoming referral trends
o file attrition data
o employee attrition data
o incoming mail & matters
o outgoing pleadings & packages
o exception reports
o timeline management reports
Draft a staffing policy regarding use of outsourcing and/or contingent workforce as
well as process regarding implementation of RIF and/or VSP for contraction

GSE REQUIREMENTS GUIDE
#
Requirement
Supporting Documentation
13
Firm must demonstrate high professional standards
14
Firm must be able to track, monitor and complete
matters within defined timelines




o
o
o
o
o
Report of bar complaints/status
Report of firm litigation
Statement regarding good standing with FNMA/FHLMC
Reports from case management system outlining target timeframes; compliance
with targets; exceptions to targets
Pipeline
Performance
Productivity
Exception
Analysis
15
Firm must have ability to report key data to Fannie Mae
16
Firm must have ability to report diversity data
Process flow indicating ability to export all key data elements on regular basis to FNMA
(automation capabilities for DMRS)
EEO-1 report from HR system
17
Firm must have adequate technology
Documented overview of technology applications and systems in place
18
Firm must have adequate technical support
IT org chart
19
Firm must have an appropriate amount of E&O coverage
E&O declaration page
20
Firm must have adequate financial resources
Financial statements as submitted currently to servicers
21
Firm must have business continuity and/or disaster
recovery plans in place



Business Continuity Plan
Testing of BCP
Succession Plan
GSE REQUIREMENTS GUIDE
#
Requirement
Supporting Documentation
22
Firm must have adequate quality control, supervision of
staff and review of documents

23
Firm must provided adequate employee training
24
Firm must have adequate controls over information
security, data management and fraud prevention
25
No substantial part of the law firm’s practice may
include matters that are adverse to financial institutions,
including Fannie Mae or Freddie Mac
Servicer must disclose to Fannie Mae any relationships
between the servicer and the firm and any relationships
between the firm and any outsourcing company utilized
by the servicer
Firm must disclose any interest in providers of related
services
Firm must adhere to FNMA guidelines regarding
outsourcing fees, referral fees, technology and
electronic invoice fees, and vendor selection
26
27
28





Knowledge database in secure format with versioning control and key word search
capabilities (i.e. Sharepoint)
Notarization Policy/Procedure
Code of Conduct (includes document execution as well as avenue for employees to
raise concerns)
Overview of Quality Control practices in place
Training/Onboarding Process Flow
Documented Attorney Expectation/Guidelines
Attorney Training Checklist
Standardized Learning Plans with testing and reporting capabilities






ISO type standard information security policies
Security Training
Hiring/Screening Process
Termination Process
Code of Conduct & related Training
Conflicts Check Policy


Attestation
Attestation
Attestation
Best Practices Guide to Quality Reporting
The ability to report accurate information to your clients is critical from an attorney oversight and
compliance perspective. It is also a necessary component to a well-managed practice. The below
bullet points contain suggested report “types” to ensure you meet those two objectives:

Pipeline Reporting: Increasing traceability to report on portfolio statistics allowing the firm to
report accurately on their pipeline to manage staffing levels and identify trending. (Total files
within stage and carved out by client/loan type/status)

Workflow Reports: Reducing time by creating manual work lists and delivering physical files
throughout the firm. (i.e. Petitions to be prepared, Upcoming Sales, etc.)

Billing Reports: Capturing milestone events completed in the case management system in a
snapshot report so all billing could be centralized throughout the firm.

Exception Reports: Mitigating risk by identifying issues with files so they can be escalated and
assigned as needed. (i.e. title ordered/not received, service complete/sale not scheduled, referral
received/pending original note).

Aging Reports: Uncovering information by comparing target dates against incomplete tasks. (i.e.
Service not complete within 30 days, Title not reviewed within 10 days, etc.
Questions for the panelists? Text 66363 and your question to 22333
Capacity Planning Model Sample
Capacity Model Triggers:
• At each trigger event, senior management meets and reviews the currently staffing
levels. Depending on either new demands of the industry, an increase of work driven
by referrals, or in contractions of work assessment is made with our technology
capabilities and staffing levels. We take into account our current technology, cross
training with employees and levels of staffing and adjust accordingly.
Trigger events:
• Judicial changes: Changes in the court system can account for increase in workload
due to new guidelines, rules and orders. Each new Order issued by the court is
reviewed by the senior management team to gauge the impact on the firm and if the
current staffing and technological means is capable of handling an additional change.
• Investor changes: Changes from our clients and the investor are reviewed to see if
additional work is needed in order to meet new guidelines and or regulation. Each
regulation/guideline is reviewed in order to predict the impact on current workloads
and staffing levels.
• Volume: Work volume (new referrals) to the firm, directly impacts each stage of the
foreclosure. Volume is reviewed monthly and compared to capacity plan by Senior
Management, please see attached. Based on all current industry factors the ideal
maximum case volume are as follows:
Questions for the panelists? Text 66363 and your question to 22333
Table 1: File Volume (Pipeline)
Line of Business
Foreclosure
Bankruptcy
Eviction
REO
MAX
(per month)
CURRENT
(per month)
Percentage of
capacity used
(current, monthly
rolling)
Low Capacity
Trigger (percent, 3
consecutive month
average)
High Capacity
Trigger (percent, 3
consecutive month
average)
Table 2: File Volume (New Referrals)
Line of Business
Foreclosure
Bankruptcy
Eviction
REO
MAX
(per month)
CURRENT
(per month)
Percentage of
capacity used
(current, monthly
rolling)
Low Capacity Trigger
(percent, 3
consecutive month
average)
High Capacity Trigger
(percent, 3
consecutive month
average)
Table 3: Foreclosure Specific Employee Matrix
Below is the Foreclosure specific staffing model and matrix. In the event a Trigger is reached, that particular
position triggered should be evaluated for contraction or hire.
Total FTEs
Attorneys
Non-Attorney Staff
Current Allocation
Per Employee
Maximum Allocation
Per Employee
(monthly rolling)
Low Capacity Trigger
High Capacity
Trigger
Table 4: Bankruptcy Specific Employee Matrix
Below is the Bankruptcy specific staffing model and matrix. In the event a Trigger is reached, that particular
position triggered should be evaluated for contraction or hire.
Total FTEs
Attorneys
Non-Attorney Staff
Current Allocation
Per Employee
Maximum Allocation
Per Employee
(monthly rolling)
Low Capacity Trigger
High Capacity Trigger
Table 5: Evictions Specific Employee Matrix
Below is the Bankruptcy specific staffing model and matrix. In the event a Trigger is reached, that particular
position triggered should be evaluated for contraction or hire.
Total FTEs
Attorneys
Non-Attorney Staff
Current Allocation
Per Employee
Maximum Allocation
Per Employee
(monthly rolling)
Low Capacity Trigger
High Capacity
Trigger
Table 6: Deed in Lieu Specific Employee Matrix
Below is the Bankruptcy specific staffing model and matrix. In the event a Trigger is reached, that particular
position triggered should be evaluated for contraction or hire.
Total FTEs
Attorneys
Non-Attorney Staff
Current Allocation
Per Employee
Maximum Allocation
Per Employee
(monthly rolling)
Low Capacity
Trigger
High Capacity
Trigger
Rebuttal and Response: Corey Danzig
*Considering why and how the client made a particular Finding will assist in
interpreting audit results and formulating a rebuttal, response or corrective action
plan.*
1. Regulator and Investor Guidance and Mandates for Managing Third Party
Risk
2. Client’s Scorecards and Loan Level Audits
3. Client’s Notices of Complaints or Findings
4. Consumer Complaints
5. Government or Investor Investigations, Enforcement Actions, and Lawsuits
Questions for the panelists? Text 66363 and your question to 22333
1. Government regulators require entities to conduct due diligence
reviews and continually oversee vendors.
*This typically occurs through conducted via assessments, questionnaires, and on-sight visits.
*Due Diligence and ongoing monitoring required by Regulators as follows:
a. Evaluate operational, compliance, reputation, strategic, legal, transaction, credit
risk, other risks
Federal Deposit Insurance Corporation (FDIC): Financial Institution Letter-44-2008:
Guidance for Managing Third Party Risk (dated June 6, 2008)
Office of the Comptroller of the Currency (OCC): Bulletin 2013-29: Third-Party
Relationships: Risk Management Guidance (dated October 30, 2013)
Board of Governors of the Federal Reserve System: Guidance on Managing Outsourcing
Risk (dated December 5, 2013)
b. Federal consumer financial laws
Consumer Financial Protection Bureau (CFPB): Bulletin 2012-03: Service Providers
(dated April 13, 2012)
Questions for the panelists? Text 66363 and your question to 22333
REGULATOR AND INVESTOR GUIDANCE AND
MANDATES FOR MANAGING THIRD PARTY RISK
c. Safeguarding customer information
Federal Trade Commission (FTC): Safeguards Rule implementing The GrammLeach-Blilely Act: As part of a financial institution’s information security program, it
must oversee service providers by “[t]aking reasonable steps to select and retain
service providers that are capable of maintaining appropriate safeguards for the
customer information at issue….” (12 CFR §314.4(d))
2. Firm Selection and Continued Monitoring: Government-Sponsored Entities also
require loan servicers to conduct due diligence in selecting and monitoring firms.
a. GSEs require servicers to review law firms on approximately 28 topics.
Chapter 69 of the Freddie Mac Regulations: Selection, Retention and Management of Law
Firms for Freddie Mac Default Legal Matters
Exhibit F-2-05 of Fannie Mae’s Servicing Guide: “Firm Minimum Requirements”
b. Among the 28 categories are specifics involving: Firm background; operations;
experience; capacity; volume; finances; insurance; licensing; file; staff; and vendor oversight;
technology; information privacy (“controls meeting or exceeding industry standards, including
as applicable, standards promulgated by the International Office for Standardization or
National Institute for Standards and Technology”).
Questions for the panelists? Text 66363 and your question to 22333
Second, what should be considered in
developing the response or rebuttal to the
Finding?
*Two
questions to consider:*
1.Can you refute the Finding with substantiating
documents?
2. Do you need to provide written corrective action
plan remediating the Finding and/or cause of the
Finding on a go-forward basis?
33
Questions for the panelists? Text 66363 and your question to 22333
FIRST, CAN
FINDING
DOCUMENTATION?
YOU REFUTE THE
SUBSTANTIATING
WITH
1.Documentation (importance of “papering your file”
during the pendency of the case) and
2. Summary and timeline of events as part of your answer.
34
Questions for the panelists? Text 66363 and your question to 22333
SECOND, DO
YOU NEED TO PROVIDE A WRITTEN
CORRECTIVE ACTION PLAN REMEDIATING THE
FINDING
BASIS?
AND/OR ITS CAUSE ON A GO-FORWARD
1. Engage firm management and/or other necessary internal or external stakeholders
(vendors) to:
a.
Review the Finding and determine what caused the Finding.
b.
Determine whether the Finding and/or its cause can be remediated.
c.
Develop and implement solutions to the Finding and/or its cause (see below).
2. Analyze the Finding and its underlying cause.
3. Develop and implement solutions remediating the Finding and preventing its
cause from occurring again: what resources can be used?
4. Putting it all together: drafting the corrective action plan.
35
Questions for the panelists? Text 66363 and your question to 22333
Develop and implement solutions
remediating the Finding and preventing its
cause from occurring again: what
resources can be used?
a.Does your firm use a systematic approach to create or
improve your operations?
b.Consider client and investor requirements and
expectations.
c. Consider applicable laws, regulations, industry
standards, and Federal enforcement actions/consent
orders (See Appendix for Examples).
36
Questions for the panelists? Text 66363 and your question to 22333
Develop and implement solutions
remediating the Finding and preventing its
cause from occurring again: what
resources can be used?
d. How can your case management system be modified
or customized to remediate the Finding’s cause? Will it
have controls in place to ensure that the Finding’s cause
will be prevented going forward?
e. Draft, present, and implement written internal policies
and procedures or guides to prevent the cause of the
Finding.
f. Provide supplemental and ongoing staff training on the
new policies and procedures.
37
Questions for the panelists? Text 66363 and your question to 22333
Develop and implement solutions
remediating the Finding and preventing its
cause from occurring again: what
resources can be used?
g. Quality Control: Develop worksheets or checklists to
ensure staff follows the newly developed policies and
procedures.
h. Cold Review of “post-mortem” files by staff who have
not worked on the file or by employees solely dedicated
to reviewing files.
i. Quality Assurance: Regular review of quality control
and cold review results, applicable law, client
requirements to keep policies and procedures up to
38
date.
Questions for the panelists? Text 66363 and your question to 22333
Putting it all together: Tips for drafting
the corrective action plan.
a. Ask for clarification.
b. Tone and content of the written materials:
Methodically and clearly defined steps
demonstrating how the Finding can be corrected
and/or prevented on a go-forward basis, explaining
and providing:
1. How your business improvement process will cure the
Finding and prevent it from happening again.
2. How your case management system will be modified or
customized
39
Questions for the panelists? Text 66363 and your question to 22333
Putting it all together: Tips for drafting
the corrective action plan.
b. Tone and content of the written materials
3. Policies and procedures that have been created or
revised
4. Staff and/or vendor training
5. Quality Control: How will files and staff be reviewed to
ensure the policies and procedures are being followed?
6. Quality Assurance: How will you review your policies
and procedures to ensure similar Findings will not occur?
c. Be realistic with implementation dates.
d. Ensure the plan is satisfactory to the firm,
stakeholders, and management.
40
Putting it all together: Tips for drafting
the corrective action plan.
e. Remember the perspective of the client or
client’s third party auditor.
f. Stick to your plan.
41
Questions for the panelists? Text 66363 and your question to 22333
Appendix: Applicable laws, regulations, industry
standards, and Federal enforcement actions /consent
orders
1.
Examples of applicable federal debt collection laws and regulation
 Protecting Confidential Information: The Gramm-Leach Bliley Act (15 U.S.C. §§ 68016809)
 Corresponding FTC Regulations implementing the Safeguards Rule (12 CFT Part
314)
 Interagency Guidelines Establishing Information Security Standards (12 CFT Part 30
Appendix: Addresses standards for administrative, technical and physical safeguards
for protecting customer information
 CFPB’s Regulation P on limits of disclosure (12 CFT §§ 1016.10-106.12)
 State law
Real Estate Settlement Practices Act Real Estate Settlement Practices Act (12 U.S.C
§§2601 et seq.) & Corresponding CFPB’s Regulation X (12 CFR Part 1024)
Truth in Lending Act: (15 U.S.C §§1601 et seq.) and Regulation Z (12 CFR 1026)
Federal Debt Consumer Practices Act (15 USC §§ 1692-1692p)
Unfair, Deceptive, or Abusive Acts of Practices (12 USC §§ 5531-5538)
Equal Credit Opportunity Act (15 USC §§ 1691 et seq.) and Regulation B (12 CFR Part
1002)
Fair Credit Reporting Act (15 USC §§ 601 et seq.) and Regulation V (12 CFT Part 222)
Servicemembers Civil Relief Act (50 USC App. §§ 501 et seq.)
42
Bankruptcy Stay and Relief (11 USC § 362)
Appendix: (cont’d)
**CFPB Publications: CFPB Supervision and Examination Manual
(http://www.consumerfinance.gov/guidance/supervision/manual/) and Small Entity
Compliance Guides (http://www.consumerfinance.gov/regulatory-implementation/title-xiv/)
**See OCC’s operating standards for scheduled foreclosure sales (specifically states it does
not incorporating RESPA and TILA): http://www.occ.gov/topics/consumerprotection/foreclosure-prevention/foreclosure_standards_42013.pdf
2. Examples of cited industry standards and guidance from regulators
 International Standard for Organization (ISO) 27001 and 27002: Criteria for Policies
and Procedures for Management Systems and Controls
 Service Organization Controls’ “SOC 2”: Reporting on Controls at a Service
Organization Relevant to Security, Availability, Processing, Confidentiality or Privacy
 Shared Assessments Program: Offers standardized vendor risk assurance approach
for financial institutions
 “Standard Information Gathering” Questionnaire (SIG) regarding IT, privacy, and data
security controls and
 “Agreed Upon Procedures” (AUG): regarding how to validate answers and financial
institution should assess risk controls as part of an onsite assessment of its vendors
https://sharedassessments.org/
43
Appendix: (cont’d)
3. Recent Enforcement actions and consent orders
FTC et al. v. Green Tree Servicing, LLC, 15-CV-02064 (U.S. District Court of Minnesota
2015)
 CFPB Administrative Proceeding: In RE Flagstar Bank, File No. 2014-CFPB-0014
(Consent Order)
CFPB Administrative Proceeding: In RE JP Morgan Chase Bank, N.A., File No. 2013CFPB-0007 (Consent Order)
44
Questions for the panelists? Text 66363 and your question to 22333
Questions?