For those in the title and legal industries, it can be more than a little annoying to have one’s role in representing lenders characterized as merely that of “third-party service provider.” Title agencies and law firms perform the same trusted services for the lending community today—handling confidential bank client information and millions of dollars of lenders’ funds, as they have day after day for the last half century!
That being the case, why are title agencies and law firms now being required to jump through hoops to prove they are in compliance with either newly imposed bank standards or ALTA Best Practices? Can anyone point to an explosion of cases where title agencies and law firms providing services to bank clients have been repeatedly harmed?
The short answer is “no”—currently there is no extensive list of data breach cases that could give rise to the conclusion that any sort of crisis has arisen from dealing with title agencies and law firms. For those two specific industries, there is almost nothing that lenders can point to and say, “That’s why we need to make every one of you prove that you are following existing law.” To the contrary, many in the title and legal industry want to tell the lending community, “We are doing a good job, and there is no reason to make us prove compliance when there is no proof of non-compliance.”
Unfortunately, there are some highly visible examples of other bank service providers who have caused the banking industry huge losses. The following is a list of fines that were levied on financial institutions, not because of what they did, but as a result of the compliance violations committed by third-party vendors hired by those financial institutions. The blog “Regulators Go After Banks for Vendor Management,” by Reed White, an associate in Bryan Cave’s Atlanta financial institutions practice, outlines the following examples of some of the levied fines:
- Consumer Financial Protection Bureau (CFPB): Discover Bank, $14 million civil penalty (September 2012)
- Office of the Comptroller of the Currency (OCC): American Express Bank, estimated $6 million in restitution (September 2012)
- CFPB: J.P. Morgan Chase, $309 million in restitution and $20 million civil penalty (September 2013)
- CFPB: American Express, $59.5 million in restitution and $9.6 million civil penalty (December 2013)