The Secure and Fair Enforcement for Mortgage Licensing Act (SAFE Act) has changed how the residential mortgage loan industry operates at a very fundamental level. This sweeping legislation has created a nationwide licensing and registration system for residential mortgage loan originators (MLOs). The law seeks to provide accountability and tracking of MLOs, support anti-fraud measures, and enhance consumer protections, but it has created substantively new and intrusive mandates on institutions like yours. Additionally, the law makes a lot of hardworking, honest, mortgage loan originators (MLOs) feel like criminals with its background checks, annual registration and fingerprinting.
The SAFE Act, like Dodd-Frank and the CFPB itself, came out of the mortgage loan crisis. Unlike the legislation and agencies that arose after the bank failures of the Great Depression, the Consumer Financial Protection Bureau is dedicated to protecting Individual Consumers rather than the banking system itself. This significant shift in focus is at the heart of all the new regulations coming out of the CFPB and the primary cause for the more aggressive and adversarial nature of the new regulatory climate. The CFPB seeks to protect Consumers above all else. Who are they protecting consumers from you ask? Well, YOU, the financial institution, whether you are a mega bank, a community bank, or credit union.
While the number of mortgage loan originators who were actually involved in deceptive and abusive practices was very small, all MLOs and their institutions must now follow the SAFE Act requirements. What does this mean in a nutshell?

1. You are going to need a Policy.

Regulators love policies and this is no exception. You need to have a SAFE act policy that at minimum defines a MLO, lists the new registration/renewal requirements (fingerprints, background, etc.) and that specifically forbids non-MLOs from originating mortgage loans. The best policies will also address monitoring the Registry, Independent testing (audit) for compliance, and procedures for third party affiliates or vendors who originate mortgage loans for the institution. That last item has been an area of regulatory interest.

2. You need to appoint a System Administrator.

This is simply someone to input all the information on MLOs into the national Registry for the institution. This can be anyone EXCEPT a designated mortgage loan originator (MLO). I often see the Human Resource Officer appointed to this position. This Officer already has access to personnel files and is aware of employment changes. Also, they are seldom MLOs.

3. You need to make your MLOs’ unique identifier numbers available to your customers.

This can be done in a variety of ways. The most common I’ve seen involve putting the number on MLO business cards, correspondence (written & email), loan disclosure forms and posting them on the institution website or in the lobby. You just need to show a reasonable effort.

4. You need to decide if you want to use the exception.

The de minimus exception was written into the law supposedly to make things easier for small lenders. The de minimus exception allows an institution to exempt an MLO from registration if they originate less than 5 loans per year. I have yet to see any institution use this exemption. The trouble of monitoring the number of loans made and the risk of going over 5 loans makes it more trouble than it is worth. I advise all our clients to register all MLOs regardless of the number of originations. It is actually easier.
Whether this regulation results in a more responsible and fair mortgage financing process with more knowledgeable consumers has yet to be determined, but institutions are already having to adjust the way they do business and try to balance the intrusive nature of the regulation on their lenders. If it is any consolation, Federal Regulators are subject to very similar rules. When I joined the FDIC I had to submit to a full background check and on the very first day they fingerprint you.