Mortgage Compliance: Is Your CRM Putting Your Business At Risk?

The mortgage regulatory landscape can feel like a minefield. Is your CRM system a safeguard or a liability? Let’s find out.

Compliance in the mortgage industry is notoriously tough

The price of non-compliance often amounts to millions of dollars in penalties. With legal risks (not to mention fees) on the rise, it’s no wonder the cost of loan servicing has increased at least four times since 2008.

But what does any of this have to do with your mortgage CRM?

Simply put: A CRM built with compliance in mind can potentially save you multiple thousands of dollars in fines and missed business opportunities.

On the other hand, a poorly-optimized CRM—one that sounds great on the surface but does little to protect your business—will only add to the chaos.

So, how do you tell one from the other?

You can start by reading this guide. In this detailed article, we review a selection of the biggest mortgage industry compliance regulations and provide clear, practical examples for how your CRM can help protect your business from devastating legal fees. Read our article on the best mortgage CRMs for more guidance on choosing the right CRM for you.

Table of Contents

• CRM Compliance Check #1: Data Privacy and Cybersecurity
• CRM Compliance Check #2: Telemarketing Laws
• CRM Compliance Check #3: Misleading Advertisement and Marketing
• CRM Compliance Check #4: Compliance Across All Stages of Loan Process
• 8 Questions to Find Out if Your Mortgage CRM Is Putting Your Business at Risk

CRM Compliance Check #1: Data Privacy and Cybersecurity

Security and data privacy issues have always been one of the largest concerns of mortgage brokers and loan operators, and even more so in the last several years.

According to Wolter Kluwer’s 2019 Regulatory & Risk Management Indicator, 85% of respondents from US banks and credit unions rank data privacy issues as one of their biggest concerns, with 78% of respondents mentioning cybersecurity as the next immediate priority.

With the growing number of cybersecurity crimes, tightening data protection laws, and millions of dollars in violation fines, it’s clear that mortgage companies need to try harder to keep customer data secure and accurate.

Here are just a few excerpts from federal laws that mortgage operators must follow in order to stay compliant:

Gramm Leach Bliley Act Safeguards rule:

• Financial institutions under FTC jurisdiction are required to have measures in place to keep customer information secure
• Companies covered by the Rule are responsible for taking steps to ensure that their affiliates and service providers safeguard customer information in their care.

U.S. Securities and Exchange Commission (SEC) Regulation S-P:

There are several organizations and commissions that enforce customer data protection rules, including the SEC, Financial Industry Regulatory Authority, Inc. (FINRA), and Consumer Financial Protection Bureau (CFPB). As mentioned, if mortgage companies fail to secure customer data, fines from these various authorities can add up to hundreds of thousands of dollars.

• Insure the security and confidentiality of customer records and information.
• Protect against any anticipated threats or hazards to the security or integrity of customer records and information.
• Protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer.

How the Right Mortgage CRM Protects Borrower Data

As a mortgage broker or loan officer, you inevitably store lots of client data in your CRM. With that much personal data in your systems, you owe it to yourself (not to mention your customers) to make sure it’s safe.

Here’s how Shape protects your clients’ data at all times:

• Physical Security:
  Our data centers are equipped with advanced video monitoring and biometric systems and are guarded 24/7/365 by private security guards at undisclosed locations.
• Network Security:
  In Shape, all communication lines are encrypted with SSL certification, screened by powerful certified Detection / Intrusion Prevention Systems and regularly scanned for viruses using top of the line virus scan protocols.
• Staff Processes:
  Only employees with the highest clearance level have access to the data and every access entry is logged. We execute constant audits and improvements to the staff security process.

CRM Compliance Check #2: Telemarketing Laws

Loan operators and mortgage brokers utilize several channels to connect with their prospects and customers. Those include phone calls, emails, SMS and voice messages, to name a few.

Each line of communication is regulated by at least one of the following authorities:

• Federal regulations determine how mortgage operators can use phones for their telemarketing activities, banning robocalls and providing Do Not Call registries
• Telecom providers issue guidelines on how often and when businesses can contact consumers using text messages and phones.
• SMTP servers limit how many messages you can send without automatically ending up in the spam blacklists.
• Increase your team’s efficiency
• Shorten your lending cycle

Unfortunately, some CRM systems disregard those regulations completely. In a bid to attract more customers, they offer unlimited texting, calls, and email messaging—without fully thinking through how this could put the user’s business at risk.

On top of that, certain sales workflows built into your CRM may be detrimental to your business, without you even realizing it. For example, if you surpass your network provider’s (typically hidden) limit on daily text messages, your business phone number or domain can be flagged as “fraud” every time one of your agents tries to connect with a prospect.

And no one answers for spam.

This issue is hard to discover right away, but make no mistake—your response rates will plummet if you don’t nip it in the bud.

By taking the time upfront to question your CRM vendor and choose a fully-compliant system, you help your team get the most out of every communication channel, without breaking any federal regulations or ruining your credibility.

How Shape Helps You Stay Compliant With Telemarketing Laws

At Shape, we keep close tabs on all the latest regulations in the mortgage industry so you can focus on growing your business.

Here’s how Shape’s best-in-class features help more mortgage companies protect their business:

• Control email sending
  Shape automatically puts you on several secure sending servers and ensures your business domain won’t end up in the spam lists.
• Automated routing rules
  Our super smart prioritization algorithm helps your agents make phone calls only to the right prospects at the right time.
• Monitor provider limits
  As soon as the daily text messages limit is reached, Shape directs agents to use another number so that your calls and text are not labeled as fraud.

CRM Compliance Check #3: Misleading Advertisement and Marketing

If you’re like most brokers, you’re probably pouring thousands of dollars into your ad campaigns. With your ROI at stake, you know how important it is to keep your marketing messages accurate and honest.

Mortgage marketing and advertising are regulated by three strict laws:

• Truth In Lending Act (TILA):
  Requires apparent depiction of actual loan terms
• Equal Credit Opportunity Act (ECOA):
  Prohibits mortgage customer discrimination
• Mortgage Acts and Practices Rule (MAP):
  Prohibits any misleading about mortgage loan terms such as rates, fees, tax requirements, credit insurance, etc.

Violation of these acts alone could lead to hundreds of thousands of dollars in fines.

So, what does this have to do with your CRM?

If even only one member of your team uses your CRM to make false claims or provide inaccurate information when working with potential borrowers, it can put your entire company at risk. And if your CRM does little more than document the evidence, it’ll end up hurting your business more than it helps.

A good CRM, on the other hand, will help your agents stay accurate and diligent when communicating with clients and leads.

How Shape Helps Mortgage Companies Stay In Check

It’s a tough task to train your agents in a subject as complex as compliance but as the team owner, it’s up to you to help bring their conversations up to standard.

Here’s how Shape helps you stay compliant when marketing your business:

• Tested templates:
  With Shape you get access to easily customizable email messages, SMS templates, and phone scripts. Instead of anxiously monitoring every message you send, use a library of pre-qualified assets to guide your new hires.
• Analyze lead sources:
  Analyze where your leads are coming and how they are routed to quickly track the source of any misunderstanding and clarify your terms on the fly.

CRM Compliance Check #4: Compliance Across All Stages of Loan Process

You didn’t think we were done, did you?

Every stage of the loan process: origination, underwriting, closing, and post-closing, is subject to a detailed set of regulations.

And there’s no excuse for cut corners.

At the loan origination stage, you need to ensure that your customer provided all the necessary documents before moving to the underwriting stage. In that same vein, you can’t move past underwriting before the pre-qualification process is complete.

Filing inaccurate loan applicant data might feel like a minor thing in the moment but if you’re not careful, it could easily turn into a million-dollar settlement. At the same time, following the Home Mortgage Disclosure Act (HMDA), you also need to ensure that your mortgage transactional data is properly stored and unaltered.

How Shape CRM Helps You Stay Compliant Across All Stages of The Loan Process

With Shape for mortgage, you can easily track the status of every person in your database and securely store the most relevant borrower data at all times.

Here’s how Shape helps you stay compliant throughout the loan process:

• Seamless integration with LOS software. Shape bi-directonally integrates with your favorite LOS software and lets you monitor the entire borrower’s journey from one place.
• Track borrower statuses. A flexible and customizable status system will help you move borrowers from stage to stage only after all the necessary checks and compliance procedures have taken place.

8 Questions to Find Out if Your Mortgage CRM Is Putting Your Business at Risk

Here’s a list of questions you can use to quickly assess whether your mortgage CRM helps you stay compliant, or if it might be time to start looking for a more secure solution:

• Does the CRM have built-in safety limits so that your loan officers are not breaking any telemarketing regulations?
• Will your CRM system help you stay within the provider’s limits and not be flagged as a fraud or spam agent?
• Is there a seamless integration between your loan origination software and CRM so that your LOs instantly know how far borrowers are into their loan process?
• Is there a flexible status system to help move borrowers from one stage of the process to the other while following all the necessary regulations?
• How secure is your CRM system and your customer’s personal data within it?
• Does your CRM system offer customizable compliance-proof templates so new and existing agents don’t accidentally mislead customers during their conversations?
• Can your CRM help your company stay compliant in case loan officers have to work remotely?
• Does your CRM provide seamless communication across channels so you can easily monitor all communication from one place?