Press Release: 1/22/18

Financial Services Superintendent Maria T. Vullo today reminded all regulated entities and licensed persons covered by the Department of Financial Services’s (DFS) landmark cybersecurity regulation that the first certification of compliance requiring a statement to the Superintendent covering the prior calendar year must be filed electronically via the DFS cybersecurity portal on or prior to February 15, 2018. Superintendent Vullo also took the opportunity to announce that DFS will now be incorporating cybersecurity in all examinations, including adding questions related to cybersecurity to “first day letters,” which are notices the Department issues to commence its examinations of financial services companies, including examinations of banks and insurance companies for safety and soundness and market conduct.

Read Full Press Release CLICK HERE

The CFPB is assessing the Ability to Repay rule, also known as the Qualified Mortgage rule, they released in January of 2014.  Under the rule, we have a 43% ratio that essentially only applies to private industry loans and a 3% cap that really only applies to mortgage brokers because of all of the exemptions.  This is your opportunity to comment.  Certainly, we would recommend that they remove lender-paid compensation from the 3% cap.  That would give an even playing field for all originators, that the CFPB claims to want to create.  Secondly, the government loan exemption from the 43% ratio expires in 2021.  The CFPB must decide in this iteration if that should be extended.  Changing to a 50% DTI would be the best choice but we really need to extend the GSE/FHA/VA exemption if raising the DTI is not their choice.  They also need to make certain streamline refinances remain QMs.

May 17, 2017

Pursuant to §597 of the New York Banking Law, licensed mortgage  bankers and registered mortgage brokers are required to file a Volume of Operations Report (“VOOR”) annually.

The Department is pleased to announce the 2016 VOOR will be accessible beginning Monday, May 22, 2017 at 9:00am EST. Correspondence outlining the filing requirements and password were mailed out to licensed mortgage bankers and registered mortgage brokers on May 17, 2017.  Kindly note, all VOOR filers will have six weeks from the date of this correspondence to electronically file the required VOOR information. 

click link for more information http://www.dfs.ny.gov/banking/voor.htm

The Consumer Financial Protection Bureau (CFPB) has issued a proposal to facilitate compliance with the 2015 updates to the Home Mortgage Disclosure Act (HMDA) rule. The changes proposed would help financial institutions comply with the 2015 HMDA Final Rule by clarifying the information they are required to collect and report about their mortgage lending.

You can access the proposal on the Bureau’s website.

The New York State Department of Financial Services (“DFS”) has been closely monitoring the evergrowing threat posed to information and financial systems by nation-states, terrorist organizations and independent criminal actors.  Recently, cybercriminals have sought to exploit technological vulnerabilities to gain access to sensitive electronic data.  Cybercriminals can cause significant financial losses for DFS regulated entities as well as for New York consumers whose private information may be revealed and/or stolen for illicit purposes.  The financial services industry is a significant target of cybersecurity threats.  DFS appreciates that many firms have proactively increased their cybersecurity programs with great success.    

Given the seriousness of the issue and the risk to all regulated entities, certain regulatory minimum standards are warranted, while not being overly prescriptive so that cybersecurity programs can match the relevant risks and keep pace with technological advances.  Accordingly, this regulation is designed to promote the protection of customer information as well as the information technology systems of regulated entities.  This regulation requires each company to assess its specific risk profile and design a program that addresses its risks in a robust fashion.  Senior management must take this issue seriously and be responsible for the organization’s cybersecurity program and file an annual certification confirming compliance with these regulations.  A regulated entity’s cybersecurity program must ensure the safety and soundness of the institution and protect its customers.    

It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.  The number of cyber events has been steadily increasing and estimates of potential risk to our financial services industry are stark.  Adoption of the program outlined in these regulations is a priority for New York State.
 
Read Full Regulation Requirement
 

Governor Andrew M. Cuomo today announced the first-in-the nation Cybersecurity regulation to protect New York's financial services industry and consumers from the ever growing threat of cyber attacks . 

Read Press Release Click Here

For more information, please see HUD Mortgagee Letter 2017-17