Keys to Bolstering Your Third-Party Oversight

Continued market volatility and operational risk have ensured that the consumer and commercial lending space remains challenging for financial institutions (FIs). For institutions that relied on third-party subservicers during the pandemic, the challenges are doubled: Not only must they consider their own complex risk profile, but also that of the third-party subservicers engaging with their portfolios and borrowers. In recent years, subservicers have had to navigate an increasingly messy environment:

• High turnover
• Historic recovery requirements
• Changing operating model
• Fluctuating interest rates
• New pandemic-related requirements
• Growing cyber-risk exposure

Issues plaguing subservicers are compounded for third-party oversight teams, namely due to the disruption of their ability to conduct business in the manner they were accustomed. Many FIs’ oversight programs struggled in the following key areas:

Relaxed Pandemic Oversight Leaves Businesses Vulnerable

These significant changes to oversight operating models have led to a backlog of assessments that leave third-party oversight teams blind to pandemic-era issues that continue to persist. In this article we will discuss why it is vital that financial institutions remain vigilant in their oversight responsibilities, the biggest risks facing third-party oversight teams, and some mitigation strategies to help prepare you to appropriately manage these evolving risks.

Key Risks and Considerations

Operating in a Higher Delinquency Rate Environment

The greater macroeconomic impacts coming out of the COVID-19 pandemic, such as higher interest rates, reduction in the workforce, and potential recession, are impacting both consumers and third-party servicers alike. This impact is seen clearly in the mortgage subservicing market, where many third-party subservicers have had to reduce their staffing in key areas, while simultaneously contending with an influx of customer calls, increased requests for loss mitigation solutions, and rising foreclosure and bankruptcy activities.

To consider: In 2023, these subservicers will need to address their reduced staffing models and focus on enhancing customer-facing systems that allow borrowers to self-serve. Additionally, given the cool-off in the real estate market and rising interest rates, servicers will need to contend with increased delinquency, limited mitigation solutions, and rising foreclosure activity. Subservicers will need to be agile in adopting processes and controls to ensure compliance and avoid unnecessary borrower harm.

Capacity & People Management Issues Stemming from Operating Model Changes

Third-party servicers are experiencing capacity issues as a result of:

• Customer call volumes as customers navigate difficult life situations
• Remote work environment requiring operations and technology enhancements to support the mobile work structure
• Regulatory changes, a slew of new requirements coming in and requiring time-consuming system enhancements
• Elevated delinquency volumes require outreach on forbearance options, credit reporting adjustments, and fee waiver conversations

To consider: These capacity pressures are expected to remain elevated through 2023 and should be a top priority for oversight groups, as these constraints often increase regulatory risk as compliance obligations are deprioritized in lieu of front-end business requirements.

Increased Regulatory Scrutiny — Relaxed Pandemic Oversight Won't Cut it

Throughout the pandemic, federal regulatory bodies such as the Consumer Financial Protection Bureau and the Office of the Comptroller of the Currency have been actively monitoring the servicing practices of third-party subservicers. This trend is poised to ramp up in 2023, with findings, penalties, and fines already being issued for improper servicing practices. Regulators have made it clear that challenges stemming from the pandemic are no longer an excuse, and that they expect increased focus on testing and validation as part of compliance oversight.

To consider: Oversight teams should be mindful of these factors when assessing that their programs will be successful during a regulatory review:

1. Does the third-party subservicer perform a critical function on your behalf?
2. Has your organization conducted an onsite or virtual assessments in the past 12 months?
3. Does the third-party subservicer have adequate staff in place to support a higher interest rate environment, specifically adequately trained staff to handle loss mitigation, bankruptcy, foreclosure, etc.?
4. Does the third-party subservicer have the necessary policies, procedures, and training materials available to employees to be in compliance with regulatory requirements?
5. Does the third-party subservicer have offshore operations? − Rapid changes to global working conditions may require companies to quickly shift functions to onshore resources.

Subserviser Oversight: Mitigation Strategies

With the pandemic in the rearview mirror, regulators have made it clear that relaxed third-party oversight will no longer be tolerated. Financial institutions must increase oversight vigilance to ensure key risks are identified and resolved swiftly. While technology and automation will undoubtedly help FIs overcome these challenges, they are only as effective as the key performance indicators that underpin them and the escalation and resolution of identified issues. Those that fail to prioritize vendor oversight open the door to regulatory, financial, and reputational risk.

How Guidehouse Can Help

Guidehouse is a leading provider of consulting services to the public sector and commercial markets, with broad capabilities in management, technology, and risk consulting. Our professionals work with industry leaders to build sustainable third-party oversight functions that can withstand heightened regulatory oversight and evolving business stressors. Whether your financial institution is preparing for increased delinquencies or assessing subservicers’ risk and controls, we can help drive the effectiveness and efficiency of your program across a range of functions.