The Housing Scene by Lew Sichelman

Servicing Your Loan Can Be Tough

There are at least three things in life you cannot choose: your parents, your neighbors and the company that administers your mortgage.

That company collects your house payments, and also pays your homeowner’s insurance and property taxes. Known as “servicers,” these outfits work on behalf of your lender -- or the investor who purchased your loan from your lender -- to make sure you make your payments and that those other bills are paid.

Sometimes a lender services its loans itself. Sometimes it sells the servicing aspect of your mortgage, but keeps the loan on its books. Sometimes the lender sells the loan and the rights to service it. And sometimes one servicer will sell the right to administer your loan to another servicer.

Whichever way it goes, you have no choice. You’re stuck.

According to Mike Seminari of the Stratmor Group, an industry advisory firm, of the 52% of all borrowers who had contacted their servicers, only 6% said they were likely to recommend the company. That’s not exactly a strong vote of confidence.

Of course, it could be that these unhappy customers simply didn’t receive the help they were looking for. Or maybe their discontent is related to a billing mistake -- 6% of all loans held by lenders have billing errors, according to Seminari -- or another error, perceived or legitimate.

Whatever the reason, servicers have now figured out that it costs them a lot less money to reach out to their customers rather than wait for calls to come in.

“’Don’t poke a sleeping bear’ is no longer the philosophy,” said Dave Vida of SLS Enterprise Sales at a recent conference. Servicers now realize that “outreach is vital. We need to find out what’s going on” with borrowers before they feel the need to call in.

In that regard, you should expect to receive a clear, concise welcome letter from your servicer -- one “written by a human being,” said Jason Kwasny of The Money Source Inc., not a computer. Call it a “warm transfer.”

The letter should explain everything you need to know about how your loan will be administered, and include all pertinent phone numbers, should you ever experience a problem. And the letter “should be followed up by a welcome phone call” that walks the borrower through the process, added Kwasny.

“If you spend time up-front, you eliminate problems later,” said Kwasny. “Give them a white-glove experience.”

Meanwhile, in another conference session, experts in cybercrime described how the financial services business -- and the mortgage sector, in particular -- has become a favored target of hackers looking to tie up their systems and demand big money to unlock them.

The health care field is hackers’ No. 1 target, reported Gretchan Francis of Proctor Financial, but financial services is a close second. Even off-the-shelf software is being peddled online to novice hackers looking to make a quick buck, she said.

“The bad guys really are out there,” added Rich Hill of the Mortgage Bankers Association, which sponsored the conference. “They’re all over the place, trying to find new ways to get in.”

Over the last 12 months, Evan Bredahl, a cybersecurity engineer with the Richey May advisory firm, has worked on 20 ransomware cases in the mortgage space, many of them involving servicers. He can’t talk about the details because of nondisclosure agreements, but he did say that half the problems emanated from malware contained in emails.

Truth be told, though, the malware could have been delivered weeks, months or even years ago, with the hacker just biding their time, waiting to flip the switch, Francis said.

Lenders and servicers are taking whatever precautions they think necessary to protect themselves and their data. Cybercrime is both “preventable” and “defendable,” said the MBA’s Hill.

But sometimes, a hacker manages to get in no matter what. When that happens, their targets’ businesses can be stopped in their tracks.

On average, companies that report being hacked say their systems are down for 16 days, Hill reported. But the true duration could be longer, because not all attacks are reported -- largely because of the public relations nightmare that kind of news could generate.

If companies can restore their systems in a few days, or if only part of their business is taken down, they often ignore the ransom demands. But if the entire company is shut down, the ransom paid by servicers can be huge. In one case cited by Francis, a company paid $8.5 million to get back in business.

And why not? If you can’t operate, it’s often cheaper to pay the ransom and be done with it. “If you can’t access your accounts, you can’t service your loans,” said Bredahl, who is a “certified ethical hacker” -- a tech expert who looks for security vulnerabilities. “Being out of business just one week could be more damaging than paying a hacker millions.”

Ironically, though, once the ransom money is paid, most hackers make sure their marks manage to get back up and running without any hitches. Some even give their targets a 30-day guarantee that they will become operational and remain that way.

“Their customer service is so unreal, it’s shocking,” said Hill. “It’s their business; it’s how they make money,” he explained. “Otherwise, no one would pay the ransom.”