TILA-RESPA: Three Things to Know Before You Owe
Blog
Thought Leadership
TILA-RESPA: Three Things to Know Before You Owe
Kristy McDaniel Baia
To the chagrin of many in the title and lending industry, the TILA-RESPA Integrated Disclosure (TRID) deadline is rapidly approaching on October 3, 2015. While we can’t push back the deadline for you, we can offer you a few quick tips to help keep you compliant with the Consumer Financial Protection Bureau’s (CFPB) rules on TRID and nonpublic information (NPI).
1. The Three Day Rule
Three is the magic number for TRID. Under the new rules, lenders must deliver a new Loan Estimate to borrowers no fewer than three days before any documents or fees are collected. Mortgage pre-approvals cannot be issued until three days after the original applications are due to restrictions on when lenders can request supporting income and asset documents.
On the other side, TRID’s Closing Disclosure must be delivered to the borrower at least three days prior to settlement. If there is a change in loan terms which causes the disclosed APR to move by 0.125 in either direction, the three day clock is restarted.
If you plan to snail mail your Loan Estimates and Closing Disclosures to your borrowers, you can add another three days to that clock to account for travel time. However, the travel time can be mitigated with email, since the borrower would receive his Estimate or Disclosure on the same day as it was sent.
2. With Email, Comes NPI Compliance
While email makes sending and receiving Estimate and Disclosure documents much faster than mailing them via the post, you still have to ensure that you’re maintaining NPI compliance in accordance with the CFPB. While these rules have more “don’t do this” than “do this instead” steps, fortunately the American Land and Title Association (ALTA) has issued best practice tips to shepherd title companies towards compliance. While these tips are not mandatory, following them can ease the burden of compliance. Amongst their recommendations:
Limit NPI access to only those who need it, such as a loan officer, when they need to access it Conduct background checks on employees who will access NPI NPI should only be transmitted via secure delivery methods, like encrypted email Stay updated on federal and state security breach notification laws3. Hope for the Best, Prepare for the Worst
Since you’ll be dealing with NPI frequently, it’s imperative that your organization is prepared in case of a data breach, especially if you choose to not encrypt your email. Many states vary in timelines to disclose a breach, how they define a breach, and how much they fine for an infraction. You can prepare your organization for a data breach by establishing standards when handling NPI on the front end and educating your team on what do in case of a data breach on the back end.
A breach NPI privacy can be easy as sending an Estimate or a Disclosure to the wrong inbox. Email Encryption from AppRiver features a message recall feature where you can retract an email after it has been sent, as well as tracking tools so you can see who has read it.
If you’re ready to learn more about how email encryption can keep you compliant, contact us at (866) 223-4645 or sales@appriver.com.