6 Tips for Managing Exceptions & Lowering Your Fair Lending Risk
In the world of fair lending, exceptions and exception management attract a lot of attention from regulators. Here are six clear ways to proactively manage your exception process and reduce fair lending risk.
At TRUPOINT Partners, we field a lot of questions regarding exceptions and the associated best practices on how to mitigate risk. We understand that exception management can be a passionate topic of discussion inside financial institutions.
Many believe that having some flexibility with decisions will allow the firm to make smart decisions when appropriate mitigating circumstances are present. Others may argue that this flexibility can bring the risk of “special treatment” for select individuals.
The trick is this: how do you know you are treating similarly situated individuals the same? How do you know you will make the same exception for all individuals with the same individual credit characteristic?
Exception management should be an important part of your compliance management program to help mitigate fair lending risk. Exceptions usually come with some degree of discretion. Discretion is one of those areas that typically requires more monitoring, to ensure that similarly situated individuals are being treated similarly. Exceptions are not illegal. Discretion is not illegal. Both can be very important components to a successful financial institution. That said, these two items (exceptions and discretion) tend to draw additional regulator attention to compliance.
Can you have your cake and eat it, too? Can your financial institution have flexibility to make exceptions and still manage your Fair Lending risk? Yes! With a little effort.
6 Tips for Lowering Your Exception-Related Fair Lending Risk Exposure
There are several types of exceptions that should be managed (underwriting, pricing, servicing, loss mitigation). Using underwriting as an example, we have outlined the way to manage the risk associated with exceptions. Here are six things to consider:
1. Defined Policy or Approach for Exceptions: Define when/where/how you are willing to make exceptions. If you can define the special circumstances where exceptions are may be considered, then you can demonstrate discipline around treating similarly situated individuals. These definitions may feel restricting, but if properly defined, they can be empowering to all parties.
For example, you may have a 620 credit score as a standard threshold, but are willing to go to 600 when certain mitigating factors exist. Do you ever go below 600?
Below are some industry standards for how credit score-related exceptions may be handled:
- Standard FICO Minimum: 620
- Manager Approval – Dual Signature: 600 - 619
- Chief Risk Officer Approval – Triple Signature: 580 - 599
2. Report of Exceptions Frequency: Another element of exception policy that needs to be monitored is frequency. How many exceptions are being made in any given month? What is the trend line? If you are in the double digits, are there specific reasons why? Exceptions are just that - exceptions. If exceptions have become the rule, that may indicate that your policies need to be reviewed or adjusted.
3. Report Reason Codes: You also need to pay attention to why exceptions are being made. This will help provide additional insight and clarity. Consider:
- What triggered the exception? What threshold requires the exception? LTV, DTI, FICO, Documentation?
- What is the compensating factor(s)? Why are you willing to make the exception? For example, does the client have a superior payment history over the past 24 months? Client may have an average of $100,000 average deposits maintained over the past 12 months. These defined reasons and thresholds afford flexibility with discipline.
4. Document the exception approval: It's important to have a process for one signature, dual signatures, management signatures in exceptions. Typically speaking, the bigger the exception, the more important the second approval signature.
5. Document the individual file: Simply put, documentation of the exception and the compensating factors should be sufficient to allow the file to stand by itself.
6. Comparative Review: The compliance team should monitor underwriting exceptions to help ensure that similarly situated individuals are being treated similarly. Take some time to review the exception reports, find a focal point (e.g., credit score over-rides), and compare to other files with similar characteristics.
TRUPOINT VIEWPOINT: The CFPB’s ECOA Baseline Review (click here) provides some clear examples of the types of questions you may be asked by your examiner in regards to your exception process. Regardless if we are talking about Underwriting, Pricing, Servicing, or Loss Mitigation exceptions, we see a similar flow of questions:
- What are the guidelines provided for making exceptions?
- What is the frequency of exceptions?
- How are the reasons for exceptions and overrides documented?
If you can adopt the six best practices listed above, you will be able to effectively answer these questions and lower your firm’s risk associated with exceptions. Regardless the type of exception, having a policy, reporting frequency with reason codes, documenting the approval, documenting the individual file, and conducting comparative file reviews will allow your firm to manage the risks with confidence.