However, complying is very important, and should be a top priority. The penalties for non-compliance are just too stiff to ignore. Here are a few tips to help make sure you (as a mortgage lender) are in compliance with federal and state regulations. *
Befriend the FCRA:
The Federal Fair Credit Reporting Act regulates the operation of consumer reporting agencies, and also affects you as a user of information. It regulates how a consumer’s information may be used, and restricts who has access to this sensitive information. In order to be in compliance, one needs to have a thorough understanding of the FCRA.
Store your paperwork:
The Federal Equal Opportunities Act states that a creditor must preserve all written or recorded information connected with an application for 60 months. In keeping with the ECOA, Data Facts, Inc. requires that you retain the credit application and, if applicable, a purchase agreement for a period of not less than 60 months.
Properly dispose of sensitive information:
As part of the Fair Credit Transaction Act of 2003, if a consumer report is being used for a business purpose, it is subject to the Disposal Rule. This rule calls for the proper disposal of information in consumer reports and records to protect against “unauthorized access to or use of the information.”
Guard your emails:
Email hacking is becoming more and more prevalent. Periodically review how your organization is using email to exchange information. Make sure sensitive information that is being sent via email is protected by using Winzip password protection, and by never sending social security numbers in the body of the email.
Have a plan for a breach:
If you have not already done so, establish processes and procedures (in a written plan) for responding to and containing security violations, unusual or suspicious events and similar incidents. The goal should be to limit damage or unauthorized access to information assets and to permit identification and prosecution of violators.
Certain states have passed restrictions in addition to the FCRA. Make sure to be familiar with any additional laws in your state, and follow these rules carefully to maintain full FCRA compliance.
Maintaining compliant procedures and processes is an integral part of doing business in the mortgage industry. By taking the time to become comfortable with the laws and regulations, you will be better able to protect yourself and your business from lawsuits, fines, and penalties.
*(This is not intended to provide legal advice. You should consult your own company's Human Resource and Legal departments and/or obtain legal advice).