Skip to main content
Sign In |
  Help (new window)
MISMO Logo

ISWG

Go Search
Home
  
MISMO Wiki > ISWG > Wiki Pages > ISWGPurityDiscusion  

ISWGPurityDiscusion

View All Site Content

Recent Changes

Mortgage Loan Data Flow / Data Purity

Mortgage Loan Data issues have the ability to significantly impact the quality and reliability of mortgage banking processes and decision making.

Common Data Flow / Data Purity Issue Sources

  • Inconsistent or non-existing definitions, standards, understandings, value-sets
  • Limited controls, edits, validations resulting in in-accurate or incomplete data
  • Lack of access to necessary information due to process or system constraints/limitations

Data Flow / Data Purity issues may result in problems with:

  • Underwriting
  • Product Selection, Suitability
  • Valuations
  • Secondary Market Valuations, Hedging
  • Servicing Assessment
  • Fraud Identification and Prevention

Possible Solution Ideas - How can the MISMO help?

  • Greater leverage, expansion of the MISMO Logical Data Dictionary as a mortgage industry standard
  • Continue to push aggressively for MISMO adoption
  • Continue to aggressively extend MISMO to support additional transactions
  • Create Industry Data Standards (Value Sets, Edits, Etc.)
  • Create a mortgage industry Process Model – Possibly integrate with MISMO Standards
  • Facilitate/Support BPM concepts and standards in the industry
  • Educate the industry to TQM Data Quality Approaches
    • Governance
    • Process
    • Standards
    • Etc.
  • Others

May 5, 2008 - Talking Points

I would like to suggest several topics from recent events in the market and MISMO.
  1. Appraiser Risk Assessment; there were a number of recommendations for information integrity and credential risks that can be evaluated.
  2. Financial Crimes Enforcement Network (FinCEN) reported a 95% increase in Identity fraud and theft.
  3. Red Flag ID Theft Regulations.
  4. MISMO migration to Version 3.0 and SOAP as the primary routing protocol.

Appraiser Risk Assessment: Primarily there were two main points taken away from the evaluation:

  1. Mitigating Appraisal Information Risks
    1. Appraisal data unintentionally or intentionally gets altered while in transit from the Appraiser to the Ordering Party, and goes undetected by the Ordering Party, resulting in inaccurate appraisal information being used to close the loan and appraisal fraud.
    2. Appraisal data unintentionally or intentionally gets altered, and goes undetected, during the final quality control and underwriting processes, resulting in inaccurate appraisal information being used to close the loan and appraisal fraud.
  2. Mitigating Identity Credential Risks
    1. A rogue appraiser could take advantage of poor identity credential practices to obtain an electronic identity credential that allows the person to participate in appraisal workflows for the purpose of committing further fraud.
    2. A rogue appraiser could take advantage of poor account establishment practices to obtain account access that allows the person to participate in appraisal workflows for the purpose of committing further fraud.
    3. A rogue entity intercepts a transmission between an appraiser and a lender and is able to capture access identity credentials or account access information used by an authorized appraiser for the purpose of committing further fraud.
    4. A lender has limited means of authenticating the identity of an appraiser, and therefore has an inability to trust the appraisal information received resulting in inaccurate information being used to close the loan and potential appraisal fraud.
    5. A rogue lender could take advantage of poor identity credential practices to obtain an electronic identity credential that allows the person to participate in appraisal workflows for the purpose of committing further fraud.
    6. A rogue lender could take advantage of poor account establishment practices to obtain account access that allows the person to participate in appraisal workflows for the purpose of committing further fraud.
    7. A rogue entity intercepts a transmission between an appraiser and a lender and is able to capture access identity credentials or account access information used by an authorized lender.
    8. An appraiser has limited means of authenticating the identity of a lender, and therefore an inability to trust the lender as one authorized to receive and process appraisal information, which can lead to lender fraud.

Second topic is the Financial Crimes Enforcement Network (FinCEN) from April 2006 – March 2007

  • Identity fraud and identity theft associated with mortgage fraud increased over 95% from the previous study.

Activities Reported in Sampled SAR Narratives

Activity No. of SARs % of Sampled SARs
Misrepresentation of income/assets/debts 761 43.02%
Forged/fraudulent documents 496 28.04%
Occupancy fraud 255 14.41%
Appraisal fraud 232 13.11%
ID fraud 180 10.18%
Straw buyers 100 5.65%
ID theft 61 3.45%
Flipping 48 2.71%
  • ID Fraud (10.18%). Identity fraud, the unauthorized and illegal use of another person’s Social Security Number or a fraudulent (invented) Social Security Number not yet issued by the Social Security Administration, was nearly always classified as fraud for housing. Mortgage brokers reportedly originated 40% of the loans that were reported for identity fraud.
  • ID Theft (3.45%). Identity theft involved the actual theft of another person’s true identity with the intention of obtaining a loan. All of the SARs reporting identity theft were classified as fraud for profit. Mortgage brokers originated the loans on 63.93% of the reports of identity theft. Victims informed filers of identity theft activity in 65.57% of these reports. Filers identified the activity prior to funding the loan on 18.03% of the reports.

This is interesting from the aspect that the Appraiser Risk evaluation is concerned with B2B or business relationships. While the FBI SARs reference to ID Fraud and Theft is directed to customers (borrowers) identity. The other item worth noting is the definition of ID Fraud; unauthorized or illegal use of a social security number (SSN). This appears to be something that can be solved without a major expense to Lenders. There are a number of commercially available tools that can verify name and SSN for less than a dollar.

While I don’t know have any specific ideas for ID Theft there is still value in a discussion. This issue appears to be related to the “Red Flag ID Theft” regulations and that maybe the tie in.

Red Flag ID Theft

Another area for discussion.

SOAP

Final area of discussion is the impact SOAP will have on MISMO security and potential for ISWG guidance. For example, do we recommend a standard for payload integrity (signature), use of PKI for authentication; don’t use passwords, and what level of encryption. Should recommendation be different for internal (enterprise) or external communications?

May 6, 2008 - MISMO eSigning Document

MISMO eMortgage WG‘s “eSigned PDF Guidelines” .

May 15, 2008

Received the follow questions after the 05/14/08 call:
  1. How is the WG defining Data Purity & Data Quality?
  2. What are the high-level goals & topics relating to these that the WG is planning to pursue?

May 21, 2008

Some of the other groups working the issue have had a problem with the “Data Purity & Quality” concept and renamed the activity. The Data space domain does not uses the term Data Purity and Data Quality, rather the concept is a subset of a sound Data Management practice. The terms have been replaced with the more well-known “Enterprise Data Management” category. List below is the Wikipedia  definition for Enterprise Data Management:
  1. Problem Statement
  2. Benchmarking a company’s Data Management maturity level
  3. Data Governance
  4. Data Stewardship
  5. Data Security
  6. Data Standards
  7. Creating a BI Competency Center

September 29, 2008

This activity morphed into the V3 Security Engineering I-Guide actitity.

Last modified at 8/12/2010 6:14 PM  by PROD-SPOINT\administrator