Kaitlin Kelly. Jake Danielski. Richard Schatzberg. Fran Kelly Professional Liability LLC

Transcription

1 Best Practices Made Easy! Presented By: Nicole Plath; CEO, Fortune Title Agency, Inc. Paula Zwiren, Esq.; President, Zwiren Title Agency, Inc. Jaime Johnson; Consultant, Minerva Title Advisors LLC Joseph A. Grabas CTP, NTP; CEO, Investors Title Agency, Inc.

2 Our Resident Experts Kaitlin Kelly Fran Kelly Professional Liability LLC Jake Danielski Customers Bank Richard Schatzberg SWK Technologies, Inc.

3 Best Practices Made Easy CHANGE When we least expect it, life sets us a challenge to test our courage and willingness to change; at such a moment, there is no point in pretending that nothing has happened or in saying that we are not yet ready. The challenge will not wait. Life does not look back. A week is more than enough time for us to decide whether or not to accept our destiny. Paulo Coelho The Challenge WILL NOT Wait!

4 Dear Valued Partner, In addition to your Best Practices manual we are requesting that you submit the following items for review as well: Training materials of your employees and agents that have consumer contact or compliance responsibilities. Description of the process your organization conducts for the supervision of employees and agents that have consumer contact or compliance responsibilities. Internal and External Audit Reports. Litigation affecting the product or services your organization is or will be providing to XYZ. All of these items should be sent in their entirety 45 days from this notice to. The Consumer Financial Protection Bureau (CFPB) Bulletin and the Office of the Comptroller of the Currency (OCC) Bulletin require financial institutions to oversee its service providers. To assist us in complying with the foregoing guidance please be aware that we are asking you, our title and settlement partners, to comply with the following requests and submission schedule. The American Land Title Association (ALTA) has published its Title Insurance and Settlement Company Best Practices ; which should ideally already be in place for businesses providing title and closing services. XYZ Bank supports ALTA s Best Practices and is requesting that a copy of your uncertified manual be provided as part of this examination. Your Best Practices manual should include policies and procedures for the following items: Licensing, Escrow/Trust Accounting, Privacy and Information Security, Title and Settlement Pricing. Document Recordation, Title Policy Production/Premium Remittance, Professional Liability Insurance and Consumer Complaints.

5 Settlement Agent Approval Application E&O Insurance Wire Instructions Blanket CPL

6 STUFF THEY WANT TO KNOW Social Security Number Years of Experience Disciplinary Actions Suspensions & Revocations Client Fund Disputes Escrow Accounts Closed E&O Claims Check Writing Authority Closers Document Retention Privacy of NPI Security References

7

8 STUFF THEY WANT TO KNOW Type of Entity Are You Licensed Can you Act as Settlement Agent Affiliated with mortgage lender Other entities Copy of License E&O Insurance Wiring Instructions Acknowledgment Letter

9 Compliance Management Report Benefits Demonstrates to lenders that you have implemented Best Practices Provides a self-assessment of Best Practices Prepares you for a formal assessment Identifies gaps within your company

10 ALTA Tools (Non-Member) Without ALTA Membership

11 ALTA Tools (Non-Member) Without ALTA Membership Assessment Procedure Number ALTA Best Practices Framework: Assessment Procedures ALTA Best Practice 1: Establish and maintain current License(s) as required to conduct the business of title insurance and settlement services. Assessment Recap Overall Assessment Recap: If any individual procedure marked with an asterisk FAILS, Best Practice 1 FAILS. 1.01* Confirm the active status of the Company and/or individual Licenses/registrations for each state in which the Company conducts business. Validate compliance with ALTA Policy Forms Licensing Requirement. Documentation reviewed may include actual licenses, Department of Insurance or appropriate state regulatory agency websites/screenshots, Bar Association status, corporate or business registrations with the state and other documentation as applicable to state/license. Sample Selection: PASS / FAIL 100% of all required licenses and corporate registrations in all states in which Company operates on assessment date. View Company s active ALTA Policy Forms License or verify compliance on ALTA website.

12 ALTA Tools (Member) With ALTA Membership

13 ALTA Tools (Member) With ALTA Membership Best Practice #1: Establish and maintain current license(s) as required to conduct the business of title insurance and settlement services. 10Total Questions Please review the Instructions prior to completing this Questionnaire. This chapter contains one questionnaire and one worksheet to complete. To prepare for an Assessment, a company should have these practices in place and included in a formal set of written procedures. Corresponding Question Control/Procedure Assessment Response Control/Procedure Compliance NOT Procedure Questions YES NO NOT Documented? Documented? Descriptions/Comments In worksheet 1-A, list the states in which your company does business? On an annual basis, does your Company have a procedure to review and determine your state licensing requirements? If yes, list the person(s) responsible for this procedure in the Descriptions/Comments Section Describe your Company's procedures to review and determine your state licensing requirements in the Descriptions/Comments Section List all of the Company's license and registration requirements on Worksheet 1-A List all of the licenses and registrations held by the Company and its employees and their expiration dates (or attach any existing document that includes such information) on Worksheet 1-A In the Descriptions/Comments Section list what resources your Company uses to determine the current licensing requirements for the states in which you do business? Examples include: state insurance department website or materials, state land title association materials, ALTA's Title Insurance Regulatory Survey Does your Company maintain current copies of state required licenses in a single location? Is evidence retained that the Company and its employees comply with current licensing and registration requirements? Does your Company possess an ALTA Policy Forms License? Your Company possesses an ALTA Policy Forms License if it is a member of ALTA, paid $195 for a Policy Forms License or obtained an Occassional Use Waiver because your Company conducts fewer than 50 transactions per year. Are the Company and its employees compliant with the current licensing and registration requirements?

14 ALTA Tools (Member) With ALTA Membership WORKSHEET 1-A: Current Title Insurance & Settlement Services License Information State New Jersey Pennsylvania Type of License Required Registration Requirements State Licenses Number Expiration Date Corporate and Individual Agent/Producer /31/2014 Corporate or Agency Wide License Only Employee Licenses Number (if applicable) Expiration Date

15

16

17

18

19 Example Compliance Management Report

20 Pillar 1 - Licensing Best Practice: Establish and maintain current license(s) as required to conduct the business of title insurance and settlement services. Purpose: Maintaining state-mandated insurance licenses and corporate registrations (as applicable) helps ensure the company remains in good standing with the state. Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

21 Pillar 1 Licensing State Licensing Requirements Company and Individual Producer Licenses ALTA Policy Forms Licenses PROVE IT

22 State Licensing Requirements

23 State Licensing Requirements

24 Producer Licenses

25 Producer Licenses

26 ALTA Policy Forms License

27 PROVE IT!! Compliance Management Report

28 Pillar 2 Escrow Trust Accounts Best Practice: Adopt and maintain appropriate written procedures and controls for escrow trust accounts allowing for electronic verification of reconciliation. Purpose: Appropriate and effective escrow controls and staff training help title and settlement companies meet client and legal requirements for the safeguarding of client funds. These procedures help ensure accuracy and minimize the exposure to loss of client funds. Settlement companies may engage outside contractors to conduct segregation of trust accounting duties. Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

29 Pillar 2 Escrow Trust Accounting General Account Rules Infrastructure/Organization of the Accounting Reconciling/Balancing Services a Bank can offer you to be Compliant

30 General Account Guidelines Relating to the Accounts Name of the account Dormant account monitoring Bank fees from another account Federally insured accounts Relating to the People Employee credit reports/background checks Removing inactive employees Routinely reviewing authorized signers Multiple signers Training on company policies

31 Infrastructure/Organization Checks and deposit tickets should show name of the account as trust/escrow Checks and deposits should identify related file Electronic security user level Physical security locked/secured

32 Reconciling/Balancing 3 way reconciliations Individual file receipts and disbursements ledger Trial balance, Deposits in transit, Outstanding checks Within 10 days of receiving the bank statement Reconciliations available for underwriter review Shortages Policies on timeframes to address each type of item showing AUTOMATION: Rynoh, E-Reconcilliation

33 What You Need From Your Bank Feature or Service Multi-Layer Authentication (Hard Security Tokens, Call-Backs, Dual Control Approval) Customizable Online Banking Account Title Modifier or Escrow Product Designation FDIC Participation Fee Analysis or Flat Fee Arrangement International Wire Blocks ACH Debit Blocking Positive Pay (enhanced further with Payee Positive Pay) Benefit to You Deters fraud - ensures additional security for client funds especially when funds transfer is involved Allows for security restrictions at a user level, and segregation of account access, including dual approval requirements Ensures all escrow account statements show Escrow or Trust Ensures that the funds in your trust account are federally insured in the case of bank failure Ensures that any fees for your entire banking relationship to be deducted from a single account (not your escrow account) Blocks or disallows any attempt to wire funds outside of the US where retrieval is unlikely Blocks or disallows any attempt to debit your escrow account through the use of externally initiated Automatic Clearing Houses Deters fraud counterfeit checks or altered payee names will be brought to your attention to reject before they are paid.

34 Pillar 3 Security of Nonpublic Personal Information Best Practice: Adopt and maintain a written privacy and information security program to protect nonpublic personal information as required by local, state and federal law. Purpose: Federal and state laws (including the Gramm-Leach-Bliley Act) require title companies to develop a written information security program that describes the procedures they employ to protect nonpublic personal information. The program must be appropriate to the company s size and complexity, the nature and scope of the company s activities, and the sensitivity of the customer information the company handles. A company evaluates and adjusts its program in light of relevant circumstances, including changes in the company s business or operations, or the results of security testing and monitoring. Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

35 Pillar 3 Physical & Network Security Protect Money and Confidential Information Usually the most time consuming section If you have not already started, do no wait any longer! Adopt and maintain a WRITTEN privacy and information security program to protect non-public personal information as required by local, state, and federal law This section includes both network and physical security Written policies to consider: Privacy Policy Disaster Recovery Policy Clean Desk/Clear Screen Policy

36 Ways to Simplify Pillar 3 Compliance Use Resources provided by the ALTA Use Resources provided by the Underwriter This section is one where you may consider hiring outside, third party providers for their expertise in: Policies and Procedure Creation or Improvement Information Technology and Security Privacy and Protection of the consumer s Personal, Private Information Training employees on Privacy and Security Issues

37 Ways to Simplify Pillar 3 Don t reinvent the wheel Two major parts of Pillar 3: Internal processes and practices requires reviews and checkpoints. The language and processes required of Pillar 3 will be (near) standard for most institutions. Work with partners and competitors alike to share common procedures and implement regularly scheduled reviews/self-audits. Incident tracking and reporting is critical. Human resource consultants and employment attorneys are strong resources to aid in this process. Network and Data Protection Data/network protection and business continuity all play a critical role. For most title companies, this is the most challenging area. The technologies and methodologies at play are complicated and beyond the technical resources/skills found in most SMBs.

38 Suggestions for Meeting the Technical Requirements of Pillar 3 1. Start with a Network Assessment to understand the assets in your network (servers, PCs, routers, etc.). A network services firm can perform this task for you often in half a day and often for FREE. The network audit will identify the low hanging fruit for you. 2. Evaluate Managed Services and Business Continuity strategies from network service professionals, including (Nuvotera, Spam Soap, etc.), web (OpenDNS, Websense, etc.), anti-virus and malware protection, as well as hosting options and Mobile Device Management (MDM). If performed correctly, managed services can provide complete traceability of systems access and transactions. 3. Perform regularly scheduled disaster recovery/business continuity tests and document the results and the corrective actions. 4. You may consider hiring an ethical hacker to break into your network and identify weaknesses/vulnerabilities and identify corrective actions. 5. PLEASE, PLEASE, PLEASE consider cyber liability insurance which can protect you from the penalties that will result from a breach.

39 Pillar 4 Settlement Process Best Practice: Adopt standard real estate settlement procedures and policies that help ensure compliance with federal and state consumer financial laws as applicable to the settlement process. Purpose: Adopting appropriate policies and conducting ongoing employee training helps ensure the company can meet state, federal and contractual obligations governing the settlement. Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

40 Pillar 4 Settlement Procedures and Policies Recording Procedures and Pricing Procedures Incorporate Policies and Procedures into Manual and Training Department Specific Position Specific Training Written Policies and Documented Confirmation it was given and understood. Signed Receipt of Training Management Oversight double check task items during quality control

41 Pillar 4 Settlement Procedures and Policies Recording Procedures Recording Procedures Things to think about: Do you record documents for clients even when you don t close the file. What are controls to make sure documents are recorded. How long does it take to record documents. How you determine fees and what you do with fee errors Tactics to prevent kickback from the recorder. Procedure for handling rejected documents. Tools Simplifile, e-recording CSS Title software County websites

42 Pillar 4 Settlement Procedures and Policies - Pricing Procedures Pricing Procedures Things to think about: Written procedures regarding pricing Remember when Know your discounted rates. Don t rely on the system Double checking fee calculations Routine review When to double check new fees, commercial endorsements, infrequent property uses Overpayment/Refund Process how detect, who report to, etc. Days Tools Underwriter Links for pricing Title software

43 Pillar 5 Policy Production and Remittance Best Practice: Adopt and maintain written procedures related to title policy production, delivery, reporting and premium remittance. Purpose: Adopting appropriate procedures for the production, delivery and remittance of title insurance policies helps ensure title companies can meet their legal and contractual obligations. Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

44 Pillar 5 Title Policy Production Title Policy Production and Delivery You are the expert, just document your process Utilize software Tasks Reporting Verify receipt of delivery FedEx, UPS read receipts

45 Pillar 5 - Title Policy Production Policy Reporting You are the expert Talk to your Underwriter Mail physical copy Upload to a website Premium Remittance You are the expert Talk to your Underwriter Software or Underwriter generated reports Check Lumping Wire remittance upon closing

46 Pillar 6 Insurance Best Practice: Maintain appropriate professional liability insurance and fidelity coverage. Purpose: Appropriate levels of professional liability insurance or errors and omissions insurance help ensure title agencies and settlement companies maintain the financial capacity to stand behind their professional services. In addition, state law and title insurance underwriting agreements may require a company to maintain professional liability insurance or errors and omissions insurance, fidelity coverage or surety bonds. Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

47 Pillar 6 Insurance Coverages Document all coverages Compliance Management Report Insurance Requirements State Banking & Insurance Website Underwriter Evaluation of Policies Pick the right broker

48 Update From The Expert Check the definition of professional services In all inclusive states, make sure you have coverage for escrow, search/abstracting if you are doing these things. Not always necessarily included in the definition of professional services as a title agent. If a service is not included in the definition of professional services, make sure there are no exclusions pertaining to those services Watch out for exclusions pertaining to the handling and disbursement of funds. Evaluate your limits. Make sure they are comparable to the type of transactions you are doing Residential vs. Commercial Property values. State mandated deductibles.

49 Update From The Expert Independent contractors How does your policy respond? Are YOU covered for YOUR vicarious liability? Does your policy require you to warrant their coverage? Does it limit your coverage for your liability over the acts of independent contractors? Check the exclusions to make sure something you are doing is not specifically excluded such as oil/gas/mineral/subsurface rights.

50 Update From The Expert Surety Bond Coverage State mandated so just make sure you comply with state regulations. Fidelity Coverage PA for example only requires you to carry a limit of $150,000. Typically employee theft situations are above and beyond this amount of money. Higher limit policies are available and may be necessary if you have significantly more money in your escrow or operating accounts.

51 Update From The Expert Unauthorized Transfer of Funds Coverage Great coverage to have as a title agent with all the money being wired in and out regularly. Included in most high limit fidelity polices You can sometimes add it on to your fidelity coverage or it is also offered in cyber liability policies. You want to have it somewhere!

52 Pillar 7 Consumer Complaints Best Practice: Adopt and maintain written procedures for resolving consumer complaints Purpose: A process for receiving and addressing consumer complaints helps ensure reported instances of poor service or non-compliance do not go undiscovered Source: American Land Title Association Title Insurance and Settlement Company Best Practices, Version 2.0, July 19, 2013

53 Pillar 7 - What do you need? Written Policy Standard Consumer Complaint Form Standard Procedure for Handling Complaints Consumer Complaint Log Complaint Analysis Training for employees

54 Pillar 7 Consumer Complaints Standard Consumer Complaint Form Date of Complaint Contact Information of person making complaint File Number or Property Address Description of Complaint Description of Requested Resolution Amount of Fees associated with transaction Contact Information for person/department handling complaint Actual Resolution of Complaint Word Document / Web Form / Spreadsheet Outsource

55

56 Pillar 7 Consumer Complaints Consumer Complaint Log Date of Complaint Contact Information of person making complaint File Number or Property Address Description of Complaint Description of Requested Resolution Amount of Fees associated with transaction Contact Information for person/department handling complaint Actual Resolution of Complaint Date of resolution Word Document / Web Form / Spreadsheet Outsource

57

58

59 What are Policies? The terms policy and procedure are often used interchangeably, but these two terms are different. A policy states the goals and objectives of the agency and describes what the agency wants to achieve with respect to a particular subject. Procedures set forth the specific steps that need to be taken to meet the title agency s objectives.

60 Step 1: Determine the policies the agency needs. Policies should be created to cover every area of a title agency s operations including: Human Resources: recruiting, hiring, termination, and training Security: security awareness, privacy, and document retention and destruction Operations: Title examinations and review, accounting/escrow accounts, real estate transaction processes

61 What are some of the Policies that should be part of your Best Practices? Disaster Recovery and Business Continuity Policy Privacy Policy Clear Desk and Clean Screen Policy

62 Disaster Recovery Policy Address the timely resumption from and prevention of interruptions to business activities and processes caused by information-system failures Address protection and recovery of physical facilities and equipment from loss, damage, theft, or compromise Business continuity plans for all critical business processes Include detailed, up-to-date contact information for key individuals required for executing the plan

63 Privacy Policy Explain: How your company collects information about the consumer Where that information is shared How that information is used How that information is protected Identify the consumer s right to opt out of the information being shared with unaffiliated parties pursuant to the provisions of the Fair Credit Reporting Act. Consider Physical Security and Network Security of Personal, Private Information held by your company Train your employees on Privacy Matters

64 Clean Desk and Clear Screen Policy A written policy to ensure that files, documents and computer files containing Personal, Private Information are stored in a secure manner Should address when an employee leaves their workstation for the day or an extended period of time Both paper and electronic files must be addressed Address procedures to insure all documents, files, portable devices and electronic media are secure Have a written policy in place and do periodic sweeps to ensure your staff is consistently following through with protecting any personal information they handle.

65 Other Policies You Should Have A written information security policy; An Acceptable Use of Information Technology policy. This policy lays out the ways and circumstances under which employees may use Company owned technology (e.g., acceptable use of the Internet, , and information resources). Policies and procedures that restrict access to Personal Information to authorized employees (this is called logical access restrictions). These restrictions can include password protection and should be applied to all systems including network, database, and individual application layers.

66 Additional Policies, Continued Policy and procedure restricting the use of removable media (e.g., USB ports, CD/DVD writeable drives) Record Retention and Disposal policy. This policy should set out the minimum amount of time a file should be retained and require appropriate destruction of files. Finally, make sure your Company website includes a Privacy Statement.

67 Questions? Joseph A. Grabas, CTP, NTP Investor s Title Agency jgrabas@continuingeducationnj.com Jaime Johnson Minerva Title Advisors jjohnson@minervatitleadvisors.com Paula Zwiren Zwiren Title Agency, Inc. paula@zwirentitle.com Nicole Plath Fortune Title Agency, Inc. nicole@fortunereo.com Alicia Kelly Fran Kelly Professional Liability LLC alicia@titleliability.com Jake Danielski Customers Bank jdanielski@cbpcb.com Richard Schatzberg SWK Technologies, Inc. richard.schatzberg@swktech.com