August 12, 2014
On July 1, 2014, the federal regulatory agencies for financial institutions – the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the National Credit Union Administration (the agencies), along with the Conference of State Bank Supervisors – released supervisory guidance (“Guidance”) concerning management by regulated entities of home equity line of credit (HELOC) portfolios approaching their end-of-draw (EOD) periods. The Guidance outlines risk management principles and expectations for managing the risks associated with these portfolios.
As home values were rising rapidly in the mid-2000s, millions of homeowners obtained HELOCs to leverage the growing equity in their homes. Ten years on and after the worst housing crisis in the nation’s history, many of these lines are approaching their EOD periods beginning this year. An estimated $50 billion in lines are expected to reset over the next three years.1
Implementation of these EOD programs exposes financial institutions to a variety of risks, including credit, operational and reputational risks. A key concern of many institutions is retaining customers throughout the process. Given the variety of risks, institutions are being encouraged to design comprehensive programs to manage the risks associated with HELOC portfolios based on the risk management principles set forth in the Guidance. Borrowers who have been making interest-only payments may be facing the prospect of significantly higher payments as lines begin to amortize, or even a balloon payment. For many of these borrowers, the value of their homes may have declined and they may be attempting to renew or rewrite their lines under more stringent credit conditions than they experienced in the past.
The Guidance lays out five overarching risk management principles on the basis of which supervisors will be reviewing EOD programs:
- Prudent underwriting for renewals, extensions and rewrites
- Compliance with pertinent existing guidance, including but not limited to the Credit Risk Management Guidance for Home Equity Lending and the Interagency Guidelines for Real Estate Lending Policies2
- Use of well-structured and sustainable modification terms
- Appropriate accounting, reporting and disclosure of troubled debt restructurings (TDRs)
- Appropriate segmentation and analysis of EOD exposure in allowance for loan and lease losses (ALLL) estimation processes
The Guidance further suggests that institutions should consider the following as they design and implement the risk management programs to manage their EOD portfolios:
- Developing a clear picture of scheduled EOD period exposures.
- Ensuring a full understanding of EOD contract provisions.
- Evaluating near-term risks.
- Contacting borrowers through outreach programs.
- Ensuring that refinancing, renewal, workout and modification programs are consistent with regulatory guidance and expectations, including consumer protection laws and regulations.
- Establishing clear internal guidelines, criteria and processes for EOD actions and alternatives (renewals, extensions, and modifications).
- Providing practical information to higher-risk borrowers.
- Establishing EOD reporting that tracks actions taken and subsequent performance.
- Documenting the link between ALLL methodologies and EOD performance.
- Ensuring that control systems provide adequate scope and coverage of the full EOD period exposure.
Challenges and Strategies for Managing an EOD Program
While institutions have always had to manage HELOCs reaching maturity, more robust programs are needed to manage the accelerating wave of maturities. The issuance of this Guidance elevates the regulatory scrutiny around these programs.
In this Flash Report, we share the challenges we have observed and the strategies we have seen effective in managing these programs.
Effective Coordination and Awareness Across Numerous Functions
Management of an effective EOD program requires coordinated execution across a number of functions of the company, including:
- Information systems
- Business analytics
- Loss mitigation
- Call center
- Loan operations
- Complaint management
- Loss forecasting
- Quality control and quality assurance
- Risk management
Given the number of stakeholders involved, timely identification of issues and communication of strategy can be challenging. We have observed as best practice that institutions should establish a project management office (PMO) or a “process champion” who has the ability to communicate and serve as a central point person for the EOD program across all functions. This individual and/or function must have line-of-sight to all activities, allowing them to anticipate issues and communicate with responsible stakeholders to resolve issues timely. This individual and/or function could also be well-positioned as a central point of contact to communicate with regulators on all aspects of the program. Some institutions have also taken the approach of establishing dedicated committees consisting of executives from various stakeholder groups in order to provide comprehensive oversight and enable key decision-making during the process.
Similarly, institutions that have outsourced servicing of their HELOC portfolio must ensure their service providers have adequate oversight in place to operate an EOD program in compliance with all aspects of the Guidance.
Another important element of effective coordination is training and awareness. All staff, from call center to collections to complaints, must be trained with a consistent message to address customers’ specific concerns in navigating the EOD process. This includes staff of any outsourced vendor(s).
Accuracy and Completeness of Data
The first step for many institutions in managing their EOD portfolio is identification of the full population of loans impacted by the program. Once identified, careful segmentation of the population is required to identify higher-risk segments. Accurate segmentation is critical not only for the purposes of determining TDRs and adequate levels of reserves, but also for designing an effective outreach strategy. Given that many institutions have grown through mergers and acquisitions, with loan data spread across disparate systems, identification and segmentation may be challenging. There may either be gaps in the data or data may be mapped differently among systems. Further complicating the matter, accounts in the portfolio may have been originated under different borrowing agreements. Accordingly, we recommend institutions consider:
- Developing and documenting a methodology for identifying the complete loan population. Steps in this process include:
- Compiling a complete inventory of products that may contain EOD features.
- Reviewing contractual requirements associated with these products that may impact management of these accounts (e.g., post-draw characteristics).
- Testing servicing systems with mock cases to understand impact on account processing (e.g., customer statements) of different contractual requirements.
- Involving information technology partners early in the process to secure timely access to robust data.
- Developing and documenting a methodology for segmenting the population. As suggested by the Guidance, factors to consider include:
- Origination channel
- FICO score
- Combined loan-to-value
- Utilization rates
- Payment history
- Origination vintage
Companies can leverage intelligence gained from the segmentation to develop a tailored strategy for customer outreach.
Customer Outreach Strategy
For customers who have grown accustomed to low interest-only payments, reaching their EOD period may come as a shock. Consequently, an effective customer outreach strategy is important to manage customers effectively as they reach their end of term. Both the timing and nature of outreach are critical.
Outreach as early as possible provides for a smoother transition into the EOD period and improves the likelihood of customer retention. Customers need time to understand what is happening and to prepare financially. The Guidance recommends six to nine months or more. Customers pursuing refinancing options are doing so in an environment much different than the one they experienced a decade ago.
Nature of Outreach
As best practice:
- Institutions must leverage all manner of outreach to customers to help them prepare for the EOD period: phased and repeated mailing, calling, articles on institution’s website, etc.
- Messaging must be clear with respect to timing, whom to contact and potential options available to the borrower. This is particularly important for higher-risk customers. Compliance can be a helpful partner in reviewing materials for clarity and consistency with legal and regulatory requirements.
- Managing customer feedback, such as complaints, plays an important role in the outreach strategy. Management can use customer feedback to identify opportunities for improving execution of the program.
While implementing an effective outreach program is challenging, companies may reap benefits through improved customer retention and the associated revenue. Thinking more broadly, intelligence gained through an EOD program can also be leveraged to implement a data-enhanced outreach strategy. Protiviti will soon be publishing a white paper outlining approaches to implementing such a strategy.
The Guidance emphasizes the importance of reporting in effectively managing an EOD program. Because of the breadth of activities involved in implementing an EOD program, reporting must be designed to inform senior management from a variety of perspectives, including impact on risk profile, operations and financial results. Comprehensive reporting is designed to answer a variety of questions, including:
Credit and Operational Risk
- What is the risk profile of the portfolio as it reaches its EOD period?
- What is the risk profile of loans being renewed/rewritten? Are significant exceptions to underwriting standards being made? What controls are in place to ensure the organization’s stated risk appetite and tolerances are continuing to be followed in the EOD program?
- Based on risk reporting, such as delinquency and loss forecasts, what operational considerations, such as capacity planning, does the company need to take into account in order to process accounts effectively?
- What is the distribution of accounts reaching their EOD over the next several years?
- Are outreach activities being executed timely to provide customers adequate time to react to their EOD?
- Are any system modifications necessary to handle increased volumes of account processing?
- Are customers being retained through the process?
• Does the portfolio in run-off include significant levels of TDRs and is the reserve for the EOD portfolio adequate at this time?
• Are the results of portfolio segmentation activities consistent with financial reporting?
While the purpose of each type of reporting is different, a centralized approach to developing reporting can facilitate efficiency, consistency and effectiveness. Moreover, a comprehensive reporting approach allows stakeholders across the various functions to understand both risks and successes of the EOD program.
Next steps for executives implementing EOD programs:
- Identify key stakeholders involved in the implementation of the EOD program.
- In concert with these key stakeholders, perform a gap assessment of current practices
- to the detailed requirements of the Guidance.
- Prioritize resolution of gaps identified with careful focus on the four areas discussed above:
- Coordination and awareness across numerous functions
- Complete and accurate data
- Customer outreach
- Comprehensive reporting
How We Help Companies Succeed
Our Risk and Compliance practice helps organizations by working with managers to assess, design and implement comprehensive strategies for strategic and risk management initiatives. We do this by assisting in design and execution of customer outreach strategies, performing portfolio data analytics, establishing project management functions and developing comprehensive executive-level reporting. We can also help institutions identify gaps that may exist in their current strategies compared with the regulatory expectations set forth in the Guidance. We work with former regulators and risk managers within Protiviti in order to benchmark an institution’s current practices relative to leading practices. Our team works collaboratively with our clients to assess and develop effective, firm-wide strategies that are tailored to the size and complexity of the institution.
Content Contributed by:
2FRB: 12 CFR 208, subpart E and appendix C to subpart E (state member banks). OCC: 12 CFR 34, subpart D and appendix A to subpart D (national banks); and 12 CFR 160.101 and appendix to 160.101 (federal savings associations). FDIC: 12 CFR 365, subpart A and appendix A to subpart A (state nonmember banks); 12 CFR 390.265 and appendix (state savings associations). The NCUA is not a participant in this guidance.