Choosing Fintech Partner Wisely By Patti Katzban and Liza Warner

By Patti Katzban and Liza Warner CrossCheck Compliance

Better. Faster. More cost-effective. Have you ever heard those words before?

At the rapid pace that technology has moved us, it’s more important than ever to consider improving your digital mortgage process. Even if you have a digital strategy and an implementation plan and timetable, most likely the current pandemic has accelerated it.

Consumers and businesses, by necessity, are forced to embrace technology in this time of social distancing and stay-at-home requirements. Boards and management have seen that they have to adapt more rapidly. The culture change is apparent and there is no going back to business as usual. We must move faster.

Credit unions are continugence, our primary focus ing to employ digital technolhere is on mortgage process ogy in many aspects of their experience, credit union operations to better serve knowledge and regulatory their members. For the mortcompliance expertise regage lending process, there are quired. As credit unions many different technologies explore their options, what and third-party partners that are some of the key considcome into play to optimize the erations to balance creating overall mortgage experience. a better member experience These include lead generation, and ensuring that regulatoapplication submission, loan ry expectations are met? processing, underwriting, electronic signatures, closing 1 Credit Union and servicing. and Mortgage

There are many risks to Experience and consider and decisions to be Expertise made. If there were ever a time Ideally, your fintech partner to have a robust vendor management process in place, this is it. A rigorous vetting process will help ensure that your financial technology (fintech) partner will deliver what is promised and expected. “ Ideally, your fintech partner will have will have demonstrated a deep understanding of the mortgage lending process and the associated regulatory requirements, including consumer protection. Clearly the functionality demonstrated of the technology is an imVETTING A THIRD-PARTY a deep portant consideration and PARTNER The third-party relationship guidance from the NCUA has been around for some time, understanding of the mortgage lending that is often the first part of the evaluation process. However, as you execute your due diligence process, and the fundamental principrocess and you will want to look careples remain the same (SL No. the associated fully at the experience of 07-01/October 2007 – Evaluating Third Party Relationships). That guidance tells us that “When considering thirdregulatory requirements, including the fintech company’s management team. They should have a deep understanding of the mortparty relationships, proper consumer gage lending process, the due diligence includes deprotection. credit union environment, veloping a demonstrated understanding of a third party’s organization, business model, financial health and program “ and how their particular technology impacts the entire borrower experience. You will want to speak with risks. In order to tailor controls to mititheir existing clients about the integragate risks posed by a third party, credit tion process, adaptability, responsiveunions must have an understanding of a ness and security. prospective third party’s responsibilities In addition, if you are planning to reand all of the processes involved when tain your existing loan origination sysadding programs.” tem (LOS), you must consider whether

What are the best practices for evaluthe fintech company has experience ating your potential mortgage fintech working with your LOS. How easily partners? And, what are the issues that can changes be made on both sides to you, as the entity ultimately responsible accommodate your business or new for the third-party relationship, need to regulations? Are strong change manconsider? agement processes in place to confirm

Of all the various aspects of due dilisystems updates or changes are prop

erly implemented? Are Practices (UDAAP). service level agreements A robust third-party due being met? diligence process is impera

All technology compative. Make sure compliance nies should have a defined requirements are addressed process for receiving, anaand controls are implementlyzing and processing reged to monitor performance ulatory updates impacting to those requirements. After the software; be sure your all, the fintech company’s contract is clear on who is compliance errors are essenresponsible and the sertially your errors in the eyes vice level response time. of consumers, secondary

A cybersecurity breach market investors and regulais one of the largest risks tors. a lender faces in today’s technology environment. 3 Cultural Compatibility The chief information offiNo matter how attractive cer should be comfortable that customer information is safeguarded, and that controls are in place to prevent and detect a breach. No matter how “ the technology, ultimately you want to ensure that there is a good cultural fit between you and your fintech partner. Compatible means “a state in which two things are able

Determine who will attractive the to exist or occur together be hosting the applicatechnology, without problems or contion and the data that is collected. Do they fully understand state privacy requirements and ultimately you want to ensure that there is a flict.” Working with a fintech partner is a two-way process that involves established visions, goals and shared the Graham Leach Bliley good cultural values. Act? Is adequate cyberfit between you Research for that should security insurance coverage in place at the fintech company and how does it and your fintech partner. include due diligence on the fintech’s management team, board of directors and adviinterrelate with the credit union’s coverage? Regulatory 2 “ sory teams. Does your current culture consist of trying new things or trying not to do new things? Are you seen

Compliance Knowledge as conservative or an early adopter?

The culture of compliance in the finYour strategic plan should tell you tech industry is shifting. Fintechs are what your reputation and risk tolerrealizing that to grow and form partance should be. Spend time together nerships, regulatory compliance is a to ensure that you trust them, they non-negotiable requirement of their know what’s important to you and partners and they must get through they have a solid reputation in the the credit union’s vendor management financial and mortgage industries. process. Having a compliance culture Fintech companies can be a valued and all the correct pieces in place is espartner and collaborator to bring the sential. credit union and its members into a

Depending on what part of the propromising future. cess the fintech company is fulfilling, they should have reviewed their prod4 Expectations and Effects on uct for compliance with all relevant Membership consumer financial protection laws and Partnering with a fintech company regulations including fair lending and can provide an enhanced member Unfair, Deceptive or Abusive Acts and experience. Is the solution you are providing easy to understand and will it save time and cost to you and your members? Does it solve a problem or a perceived problem and enhance your ability to gain a new base of membership?

This is a very competitive environment, and consumers have become more technologically savvy because of the challenges COVID-19 has presented. While in the past, the hurdles may have been more about whether the right technology was available, or could be integrated effectively, that is not as much the case today.

The technology is here, and many competitors are demonstrating they can make it work. Are you ready to embrace, pivot, and jump on the digital bandwagon? If so, when done with the right level of due diligence, you can be better, faster and more effective and as a result, more successful.

Patti Katzban is a director at CrossCheck Compliance LLC and a senior business development and consulting professional with extensive experience managing Patti Katzban client relationships and consulting with financial service providers. Her clients include credit unions, banks, mortgage companies and fintechs. She can be reached at pkatzban@crosscheckcompliance.com.

Liza Warner, CPA, CFSA, CRMA, is a managing director at CrossCheck Compliance LLC and an internal audit, compliance and risk management executive Liza Warner with more than 30 years of experience in the financial and professional services industries. Previously, Warner was the chief compliance and operational risk officer for a mid-size regional bank. She can be reached at lwarner@ crosscheckcompliance.com.