A panel discussion on mortgage banking cybersecurity risks included a reminder that regulators are watching.
The panel, pictured above, included from left to right: Tracy Ashfield, president, Ashfield and Associates, Tim Segerson, deputy director, Office of Examination and Insurance for NCUA, Todd Hougaard, product manager with Mortgage Cadence, William Burding, Jr., executive vice president and general counsel for Orange Coast Title Company
Tim Segerson, deputy director, Office of Examination and Insurance for NCUA, led off the panel discussion risks by stating, “Consumer privacy and security is the responsibility of the entire organization. There needs to be a culture of security throughout the organization.”
Todd Hougaard, product manager with Mortgage Cadence, agreed, saying, “The IT department can only go so far. Everyone says they follow procedures, but if you question them closely they will acknowledge making exceptions.”
Tracy Ashfield, president, Ashfield and Associates, said time and performance pressures can cause some people to cut corners.
“We tell mortgage officers to follow the employee handbook, but sometimes it is Sunday morning and we need a document, so members scan their W-2 and e-mail it. That is something we cannot control.”
According to NCUA’s Segerson, the credit union industry is going to have to move in the direction of greater consciousness of security – and figure out a way to do so without retraining or stifling innovation.
According to Ashfield, there are a cornucopia of vendors and third parties involved in the mortgage process, especially for credit unions that lend in multiple states. And, as William Burding, Jr., executive vice president and general counsel for Orange Coast Title Company, reminded, “It only takes one person in a title company to screw up the entire process.”
For more, click here