DSNews delivers stories, ideas, links, companies, people, events, and videos impacting the mortgage default servicing industry.
Issue link: http://digital.dsnews.com/i/970068
66 A FIRM HAND I N D U S T R Y I N S I G H T / H A R R I S O N T R O P P Each year, mortgage servicers design new audit provisions to assist law firms in risk mitigation. While the intent of such initiatives is designed to be favorable, they often leave firms struggling to accommodate cumbersome requests, ranging from extensive pre-audit questionnaires to the composition of monotonous quality control, capacity, and business continuity plans. e audit inquisition has become a routine, and frequently unfortunate, phenomenon for most firms. In the past, the request for such microscopic detail only pertained to components of the firm, such as actions primarily related to the processing of client referrals. However, it is evident by trends in the industry over the last few years that compliance requirements are no longer an isolated nuisance of days past; these standards now incorporate various sectors of a firm, disseminating through the ranks. One area that shares this heightened sense of scrutiny pertains to a practice known as "compliance mandated insurance." Mandated insurance includes requirements presented by clients such as professional and employment practice liability, as well as cyber and crime coverages. A FORMIDABLE THREAT Law firms in the current mortgage banking climate closely monitor their costs while being aware of what is required to remain operational. In "Cyber reat is Huge for Small Businesses," which appeared in USA Today, writer Steve Strauss, citing the Verizon Data Breach Investigation Report, notes that 61 percent of cyber breaches hit small business in 2016, a 13 percent increase from the previous year. Later in the article, Strauss shares data from UPS Capital that found cyber-related attacks cost small businesses between $84,000 to $148,000 on average. It is not uncommon for law firms, particu- larly those with affiliated title companies, to fall victim to what is known as "social engineering." An example of this is when a hacker accesses an employee's email account—in many cases that of a managing partner's—to send out fraudulent wiring instructions to individuals within the firm. In many instances, the stolen funds are unrecoverable. For a nominal premium and a large corresponding sublimit, social engineering is Does compliance mandated insurance protect small to mid-sized law firms, or present an unnecessary burden?