Approved Advisor

Borrowers face new set of credit checkups

Initiative targets last-minute changes in finances

Mortgage giant Fannie Mae rolled out its Loan Quality Initiative (LQI) June 1, thereby forcing homebuyers to obtain mortgages based on “refreshed” credit reports or risk their closing being canceled and, in some states, their deposits forfeited.

In other words, the buyer is not officially approved for the mortgage until the results of second credit report are approved. There may be other last-minute verifications of undisclosed liabilities, such as job status, that may be “refreshed” as well.

Example:

Buyer A listed his three credit cards on his loan application. The lender approved Buyer A’s credit and approves the mortgage loan request, partially based on this information. Buyer A goes to Home Depot, applies for yet a fourth credit card.

The day before the closing, while Buyer A’s excitement is peaking, the lender refreshes his credit to make sure his credit score is still as good as it was when it was pulled the first time.

The lender discovers that Buyer A’s credit score has been lowered because Buyer A applied for a fourth credit card. It’s called finding an “undisclosed liability,” and it is not going to end well for the buyer.

Under the LQI, the lender could delay the closing, increase the interest rate, ask for a larger downpayment, or cancel the closing. In some states, Buyer A could lose his deposit.

“The impact on closings is too early to measure,” according to Gail Stanley, an Orlando mortgage lender, “but my guess is that homebuyers will be well coached.

“What lender, mortgage broker or real estate broker isn’t going to use every communications tool available to make sure the buyer does not even think about using available credit, much less apply for more during the ‘refreshing’ period?” Stanley asked.

“The mortgage lending business as we have known it is over,” according to Boston’s MetLife Home Loans’ senior mortgage consultant, Brian Cavanaugh. “Quality loan service and counseling will replace rate shopping because mortgage pricing is so competitive.

“Homebuyers need to work with loan officers who clearly understand the new guidelines and can help the buyer understand the importance of complying with them. Mortgage financing is incredibly important in personal financing now and it needs to be understood and protected,” Cavanaugh said. Stanley said that pulling the second credit report is not new, and that the LQI will be a welcome new tool for lenders who practice responsible lending.

“We all realize that buyer qualifications need to be tightened and that the lender needs to be protected. Consumer education is the challenge,” Stanley said. “Realtors need to encourage their buyers to be as complete as possible in the original application and to be careful not to do anything that will negatively impact their credit score before the escrow closes.”

Depending on the state and the standard purchase and sale agreement used, borrowers could lose their deposits, according to Boston attorney Richard D. Vetstein. He recommends that real estate attorneys review standard purchase agreements.

Vetstein posted some advice about Fannie Mae’s LQI on his Massachusetts Law Blog. “If you’ve taken out new loans that are sizable enough to affect the debt-to-income-ratio calculations used in your original mortgage approval, the deal could fall through. The added debt load could render you ineligible for the mortgage because you suddenly appear unable to handle the payments without a strain on your household budget,” he notes.

Also, “Many lenders already pull second credit reports right before the closing, but the Fannie Mae mandate will likely result in a markedly increased number of lenders pulling second credit reports and performing other last-minute verifications.” And Vetstein states that a surge in new use of existing credit sources could also impact consumers’ ability to secure a home loan.

But holding the buyer accountable pales in comparison to the stringent accountability now in place to prevent lenders from submitting contract products for sale to Fannie Mae with “undisclosed” liabilities. (See www.efanniemae.com, keyword: Loan Quality.)

Just as lenders are calling for refreshed truth from buyers, Fannie Mae is not asking — it is forcing lenders to upgrade the quality of their underwriting and to get used to the new system and embedded, stringent accountability tools for meeting clear, detailed and tougher underwriting standards.

Fannie Mae’s ultimate goal is not to punish the lender or homebuyer. It is to be repaid. Not only will profits start flowing again, but investors will return. And when that happens, loans will become easier to obtain.

There will no doubt be faults found with Fannie Mae’s Loan Quality Initiative, but “lack of accountability” will not be one of them. It is a welcomed and refreshing thought.

http://www.inman.com/news/2010/06/23/borrowers-face-new-set-credit-checkups

By Dave Fletcher/Inman News, Wednesday, June 23, 2010

(Wall Street Journal) A recently discovered data breach at a New Jersey credit-card processor could rank among the biggest ever reported.

Heartland Payment Systems Inc. disclosed Tuesday that cyber criminals compromised its internal computer network, gaining access to customer information associated with the 100 million card transactions it handles each month.

The company said it couldn’t estimate how many customer records may have been improperly accessed but that the compromised data includes credit card numbers, card expiration dates and some internal bank codes. Heartland, which is based in Princeton, N.J., processes transactions for more than 250,000 businesses nationwide.

Avivah Litan, an analyst at research company Gartner, estimated that as many as 100 million consumers could have had their credit-card data stolen, based on her conversations with industry executives. Previously, the largest known breach occurred when around 45 million credit- and debit-card numbers were stolen from retail company TJX Companies Inc.

“I would call this the largest breach ever,” Ms. Litan said.

But Robert Baldwin, Heartland’s president and chief financial officer, called her estimate a “totally fictional number.” The company added that, since it’s too early to say how many records were accessed, calling it the largest-ever breach would be “speculative.”

Software ‘Light-Years More Sophisticated’

Representatives from Visa Inc. and MasterCard Inc. alerted Heartland to a pattern of fraudulent transactions on accounts that the processor handled some time in the fall, Mr. Baldwin said. But an internal investigation and subsequent audits failed to detect a security breach.

Last week, however, a forensic investigator discovered evidence of the breach. Mr. Baldwin said that the criminal targeted Heartland with a piece of malicious software that was “light-years more sophisticated” than the viruses commonly downloaded off the Internet. He declined to say if the software was on the company’s network before the fall or how many records were accessed, adding “in all likelihood we will never know.”

The retail and payment-card industries have spent around $2 billion in recent years to improve data security, Ms. Litan said. In December, another payment processor, RBS WorldPay, a division of Royal Bank of Scotland Group, announced that its systems were breached. That criminals could break into a payment processor shows that “much more radical steps are needed” to protect payment information, she said.

Unauthorized Data Access on the Rise

More than forty states now have laws that require businesses to disclose when sensitive information may have been accessed by an unauthorized party. In 2008, 656 such incidents were publicly reported, according to the Identity Theft Resource Center, a non-profit organization dedicated to helping victims of identity theft. That’s up from 446 in 2007.

Heartland said it has isolated the affected computers and removed the malware. It hasn’t made any new investments in security technology yet, but “everything is on the table” Mr. Baldwin said.

The company is working with the U.S. Secret Service to investigate the incident, Mr. Baldwin said. It has been “working feverishly to assemble all the evidence we could” about the extent of the breach and who caused it, he said.

Washington, DC – Federal Housing Finance Agency (FHFA) Director James B. Lockhart announced that Fannie Mae and Freddie Mac will implement a revised Home Valuation Code of Conduct (Code) effective May 1, 2009. The Code is based on an agreement between the Enterprises, the New York State Attorney General Andrew Cuomo and FHFA to improve the reliability of home appraisals. Following a comment period on the original Code, modifications were made by the Enterprises to reflect comments received. The revisions will facilitate implementation in the marketplace.

The revised Code builds on existing Fannie Mae and Freddie Mac seller-servicer guidelines to increase the reliability of appraisals for loans sold to the Enterprises for their portfolios or for securitization. The Code applies to lenders that sell single-family mortgage loans to the Enterprises beginning May 1, 2009 and will help assure that borrowers, homebuyers and secondary mortgage market investors receive fair and independent property valuations.

“The Enterprises have a strong interest in ensuring the soundness of the appraisal practices that lead to appraisal reports supporting the mortgage loans they purchase from lenders,” said Director Lockhart. “FHFA supports this effort by the Enterprises to strengthen the appraisal process against the possibility of improper influence and coercion. The Code strikes a balance of assuring enhanced protections for appraisers while maintaining lender ability to address unprofessional appraisal practices and to perform quality controls on appraisals received. I appreciate the work of Fannie Mae and Freddie Mac on the Code and of the Attorney General’s Office throughout the process.”

Fannie Mae and Freddie Mac will be providing information on the Code to market participants in early January to address implementation questions in advance of the May 1, 2009 effective date.

Link to HVCC Code

Beginning next year, Fannie Mae and Freddie Mac will have to obtain identification numbers for the loan officer, originating lender, and appraisers involved in each loan they buy or guarantee, their regulator said.

The requirement will help the government-sponsored enterprises monitor the performance of loans originated or appraised by specific companies or individuals, the Federal Housing Finance Agency said last week. “If originators or appraisers have contributed to the incidences of mortgage fraud, these identifiers allow the enterprises to get to the root of the problem and address the issues,” James Lockhart, the agency’s director, said in a press release.

Fannie and Freddie will issue in the next 30 days guidance to lenders on satisfying the requirement, the FHFA said. The GSEs are to use the numbers assigned to lenders and loan officers in a national registry set up by the Conference of State Bank Supervisors.

(Financial Week) The federal government is ill-equipped to stop the migration of predatory subprime lenders to the rapidly growing sector of U.S.-backed home loans, raising the specter of another cycle of lending abuses.

The Federal Housing Authority lacks sufficient staff, adequate technology and legal authority to screen questionable lenders who seek to participate in the issuance of federally backed loans, Department of Housing and Urban Development officials told lawmakers late Friday.

One FHA lender in New York who was debarred for five years resumed operations using the same fraudulent practices, HUD assistant inspector general James Heist told the House Financial Services Committee.

An Arizona lending company that filed for bankruptcy after its license was suspended by the state was reconstituted by one of the principal owners under a different name in the same location, Mr. Heist said. HUD approved the new entity to process federal loans last year, he said.

“I see bad actors moving over to FHA because money has dried up,” said Rep. Maxine Waters (D-Ca.), a subcommittee chairwoman.

The FHA is part of HUD.

The FHA’s oversight shortcomings aren’t limited to lenders. Its reviews of appraisers are “not adequate to reliably and consistently identify and remedy deficiencies,” Mr. Heist said.

An audit found that the government’s roster of appraisers included 3,480 with expired licenses and 199 that had been disciplined by the state, he said.

Subprime lenders who made deceptive or predatory loans to borrowers who lacked adequate income or credit histories have been pegged by many economists as being at the root of the financial crisis. The ensuing foreclosures contributed to the collapse of the home-loan market and Wall Street’s mortgage-backed securities business.

With the credit crunch and the demise of subprime loans, lender applications to participate in the FHA program for low- and middle-income homebuyers have soared.

The FHA had over 3,300 approved lenders at the end of fiscal 2008, more than a four-and-a-half-fold increase from two years before, Mr. Heist said. Open applications for fiscal 2009 thus far total 1,007, of which 827 have already been approved.

“The integrity and reliability of this crop of program loan originators, in our view, is unproven and, in light of the aggressive recent history of this industry, may pose a risk to the program,” he said.

FHA’s lender approval process “is largely manual,” Mr. Heist said. Dozens of systems that store federal housing data “have been obsolete for nearly two decades,” said HUD deputy assistant secretary Phillip Murray.

Mr. Murray said that in the case of the sanctioned Arizona company whose principal started a new firm, the FHA lacked the authority to hold him responsible for disciplinary actions against the earlier firm.

HUD is now preparing a rule to address this legal gap, a process that could take a year-and-a-half, he said.

[To see the written testimony of HUD assistant inspector general James Heist, CLICK HERE]

Original Story: http://www.financialweek.com/apps/pbcs.dll/article?AID=/20090112/REG/901099962/1016/ECONOMY

Source: Boston Globe – Several Internet complaint boards are filled with comments from credit card customers from coast to coast who have noticed a mysterious charge for about 25 cents on their statements.

The charge shows up on statements as coming from “Adele Services” in Melville, N.Y. There is no business by that name listed in Melville, or registered to any business anywhere in New York, for that matter.

Two theories of what is going on have advanced on message boards and among consumer advocates: Someone is trying to find out whether an illegally obtained credit card number will work before making a bigger charge, or they’re trying to rip off tiny amounts from tons of people.

The latter theory has more credibility at the moment. The Better Business Bureau in Louisville reports that, at least so far, those who have been hit with the small charge have yet to get slammed with a bigger charge. The bureau speculates that the number of possible victims could be in the millions.

It’s not clear how the numbers got in the hands of the people making the charge, but consumer advocates say it is most likely through either a data theft or someone using a computer to generate numbers.

Former Massachusetts assistant attorney general Edgar Dworsky, who runs ConsumerWorld.org, said the scam reminded him of an old adage: “It’s easier to steal $1 from a million people than $1 million from one person,” he said.

Most people, Dworsky said, are likely to overlook or ignore the small charge. “Isn’t that the perfect scam, when the victim doesn’t even know something has been taken?” he said.

Take a look at your credit card statements, and if the charge is there, don’t let it slide. It’s what the thieves want you to do. Instead, file a dispute with your credit card company, and lodge complaints with the Federal Trade Commission (www.ftc.gov) and the Internet Crime Complaint Center (www.ic3.gov) – which is run by the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance. Federal law enforcement officials tend to react when the complaints reach a certain volume.

New registry makes it easier for regulators to spot the mortgage world’s con artists

Boston Globe – By Michelle Singletary – May 7, 2008 – There are lots of proposed remedies to prevent another mortgage catastrophe like the one we’re going through now. Most of the suggestions I’ve seen won’t fix the loopholes that allowed so many borrowers to take on loans they couldn’t afford.

But there is one solution that may help stem fraud in the mortgage industry and reduce the number of unscrupulous or unlicensed brokers and loan officers.

The Conference of State Bank Supervisors and the American Association of Residential Mortgage Regulators have launched the Nationwide Mortgage Licensing System, to help state officials keep track of individuals and companies. The system streamlines the regulatory process by allowing state-licensed mortgage lenders, brokers, and loan officers to use one form to apply for, amend, update, or renew their licenses online. The registry brings uniformity and transparency to the mortgage industry.

Often, unsavory individuals and companies can continue their unlawful practices because there are no uniform rules. What they are prohibited from doing in one state might be allowed in another.

Clearly, this new registry won’t catch people who choose to escape detection by not applying for a license. But the database could be used by responsible lenders, brokers, and eventually consumers to check whether someone who claims to have a state license to arrange loans actually does.

With the mortgage registry, applicants have to disclose a great deal of information, ranging from their Social Security number to any criminal or civil actions against them. They also must provide fingerprints and identify affiliations with lenders, brokerages, and title companies.

The database is also designed to track those who do business under various names.

“From this single record it allows the regulators to see the entity exactly the same as other regulators,” Matthews said.

What a great tool this will be once all the states participate. Imagine state investigators being able to check the status of a questionable applicant nationwide without having to search databases in 50-plus jurisdictions.

This uniform licensing source will be a crucial tool for regulators trying to determine if someone is participating in an unlawful activity that got them banned from mortgage activity in another state.

So far, seven states -Idaho, Iowa, Kentucky, Massachusetts, Nebraska, New York, and Rhode Island – are participating. By year’s end, 18 state agencies are scheduled to be part of the system, although 42 state agencies representing mortgage regulators in 40 states have indicated their intent to come on board.

Matthews said he expects all 50 states, the District of Columbia, Guam, Puerto Rico, and the Virgin Islands to be part of the registry in three to five years. By 2009, consumers will have access to the database, he said.

Michelle Singletary is a columnist for The Washington Post.

Did you ever click on a banner ad advertising low mortgage rates? Did you ever submit an online mortgage inquiry?

[Tuesday, April 22 on MSNBC.COM] – LendingTree has told its customers that former employees helped unauthorized mortgage lenders hack into its systems and steal customer information from 2006 to 2008.

The incident reveals just how aggressive the mortgage loan business was during the height of the housing boom, and also raises fears for consumers who share their information with companies that help them shop around for the best deal. And it highlights what experts say is an often overlooked source of data theft — the inside job.

According to a letter sent to customers recently, former LendingTree LLC employees shared “confidential passwords” with lenders, who in turn used the login information to “access LendingTree’s customer loan request forms.”

The forms contained critical personal data, including names, addresses, Social Security numbers, income and employment information. The company said the lenders did not use the information to commit identity theft or fraud, but simply to “market their own mortgage loans to … customers.”

In connection with the incident, LendingTree, based in Charlotte, N.C., has filed lawsuits against three small California-based home loan companies.

A LendingTree spokeswoman said the company was not granting interviews to discuss the data theft. She would not say how many customers were affected nor how much data was stolen, but instead supplied a copy of the customer letter sent by the firm.

While LendingTree says in the letter it has no reason to suspect its consumers are at heightened risk for identity theft, it did suggest consumers obtain a free credit report and file a fraud alert with the nation’s credit bureaus.

Upon learning of the security breach, LendingTree says, it “promptly enhanced the security of our system.”

Given that data was accessed from 2006 to early 2008, it can be inferred that passwords used by former employees remained operational for months or even years after their employment was terminated, generally considered poor security practice, said identity theft expert Rob Douglas, editor of InsideIDTheft.info.

“This plays into everybody’s fear that this happens all the time,” Douglas said. “When consumers share their information with companies, they assume it ends up in other companies’ hands.”

One victim who received the LendingTree letter — but who requested anonymity — was annoyed that LendingTree offered no compensation for the trouble.

“Rather than offer a free credit report they suggest that I use my annual free credit report,” the consumer said, referring to the once-per-year free peek that consumers get at their report by visiting AnnualCreditReport.com.

In its letter, LendingTree includes a pamphlet called “Guide to Protecting Your Credit and Identity.” Consumers who obtain their credit report and see anything suspicious are told to “contact the credit bureau.”

Consumers who visit LendingTree expect their personal information to be shared with other companies. They are hoping LendingTree will help them find a mortgage firm with the best rate, and expect several companies to “bid” for the right to supply their home loan.

But in this incident, loan applications were viewed by unauthorized lenders, who used the information to market their own loan products, LendingTree said.

“We suggest that you remain vigilant by reviewing account statements and monitoring your credit reports for the next 24 months,” the letter says.

Mon Mar 17, 2008 7:35pm EDT

BOSTON (Reuters) – A computer hacker stole thousands of credit card numbers after breaching security at two U.S. grocery store chains owned by Belgium-based Delhaize Group SA, the companies said on Monday.

Nearly 2,000 cases of fraud have been linked to the breach, but no personal information such as names or addresses was accessed when the hacker broke into the Hannaford Bros. stores in Massachusetts, New England and New York, and Sweetbay customers in Florida, Hannaford said in a statement.

Boston’s WBZ radio said 4.2 million credit and debit card numbers were stolen. Company officials were not immediately available to confirm the number of stolen card numbers.

Hannaford, headquartered in Scarborough, Maine, said it became aware of unusual credit card activity on February 27 and began an investigation. It said the data was illegally accessed during the credit card authorization process.

Hannaford Chief Executive Ron Hodge offered an apology for the intrusion. There are 165 Hannaford stores in the U.S. Northeast and 106 Sweetbay supermarkets in Florida.

“We sincerely regret any concern or inconvenience this has caused,” Hodge said in a statement. “We have taken aggressive steps to augment our network security capabilities.”

The breach is the latest at a big U.S. retailer and comes after U.S. retail group TJX Cos Inc disclosed last year that data from 45.7 million credit and debit cards were stolen by hackers over a period of 18 months, as well as personal information for 451,000 people.

A group of banks later asserted in court documents that the number of consumer accounts were affected was closer to 94 million, a charge Massachusetts-based TJX denied.

MBA 2007 MARI Report Exposes and Explores Residential Mortgage Fraud against Lenders in US

WASHINGTON, March 13 /PRNewswire-FirstCall/ — The Mortgage Bankers Association (MBA) today announced that the Mortgage Asset Research Institute, LLC (MARI(SM)), a ChoicePoint(R) company, has completed its 10th Periodic Mortgage Fraud Case Report to MBA. The report examines the current state of residential mortgage fraud and misrepresentation in the U.S. based on participating subscribers’ reports to MARI.

The report, which sites Florida as topping the MARI Fraud Index list for the second consecutive year and Nevada climbing to the No. 2 ranking, was released during MBA’s annual National Fraud Issues Conference in Chicago.

“The current market conditions, compounded by mortgage fraud, are having a detrimental impact on our entire national economy,” said David Kittle, CMB, Chairman-Elect of the MBA. “The MARI report provides critical insight for those in the real estate finance industry to better understand the factors contributing to these circumstances so that our communities and member companies are protected.”

According to the Mortgage Fraud Case Report, “The conditions in the mortgage industry for the last half of 2007 made the year one for the record books.” Overall, 2007 marked the lowest volume of mortgage loan originations since 2002, the highest number of delinquencies and foreclosures, rapid and near complete shutdown of the non-conforming secondary market and hundreds of announced closures of mortgage originators.

“Because fraud is persistent, it is imperative for the mortgage industry to collaborate in its efforts to combat mortgage fraud against lenders,” said Merle D. Sharick, ChoicePoint Vice President and MARI’s National Manager of Business Development. “MARI will continue its efforts to disseminate current data for use by MBA’s members through our annual fraud report.”

Highlights in the Mortgage Fraud Case Report include: — In addition to Florida and Nevada, the remainder of this year’s top ten (in order): Michigan, California, Utah, Georgia, Virginia, Illinois, New York and Minnesota; — Colorado showed the greatest improvement from prior years’ rankings, dropping out of the top ten for the first time in five years; — The most common types of fraud found in 2007 originations continue to be in the areas of employment history and claimed income; and — The continuing unsettled state of the mortgage market as a whole does not bode well for any improvement in avoiding fraud in the coming year.