Every year, 5-7 million mortgages are originated in the United States. Obtaining a mortgage sounds simple enough when understood at an abstract level. The steps involved can be summarized as: (1) completing the mortgage application, (2) submitting the application for processing and underwriting, (3) receiving the loan decision, and hopefully (4) going to a closing procedure.
Unfortunately, however, those who have even a passing familiarity with mortgages know that this seemingly parsimonious formula betrays reality. The actual process is often cumbersome, inefficient, and complex. The potentially vast number of manual tasks involved is one major reason for these hurdles. Just a few examples of potentially cumbersome manual tasks include: (1) collecting information from disparate sources (e.g., in connection with tax forms, employer paystubs, tax transcripts, court documents such as divorce decrees, etc.), (2) employment status and income verification (e.g., in connection with online services such as the Work Number, manual calls, employer paystubs, etc.), (3) obtaining bank information (e.g., involving at least two months of bank statements), (4) obtaining asset information (individual holdings, brokerage accounts, etc.), and (5) obtaining liability information (credit cards, mortgages, etc.). In addition to the time and effort involved in the collection of all necessary components, there is also a concern about the validity of the information obtained. Manual collection of data by human hands is prone to accidental errors, inaccuracies, and omissions. The potential for intentional misconduct, such as fraud or negligence, is present as well. Current approaches used for transferring information from mortgage lender to applicant create the risk of these issues on all sides, i.e., both internal and external to the mortgage lender.
The amount and type of information involved can require a significant amount of coordination between the applicant and the lender. In this regard, one 2014 study found that total loan production expenses average $6,769 per loan, with $4,401 of that being in the form of personnel expenses. In addition to the large amount of money required by mortgagees, mortgagers only make on average $897 profit per loan—which translates into an average production profit of 42 basis points.
Curiously, the amount of coordination and communication that can be required between the applicant and the lender can be both frustratingly high and frustratingly low. An instance of the former case is when numerous “back-and-forth” communications between the applicant and the lender may be needed to resolve issues that arise during the underwriting process. For example, a lender might need to know where a large gift came from, why there is a gap in employment, etc. Such questions may require more verification than usual, with the applicant generally having some idea of what information is being requested and why it is being requested.
On the other hand, applicants oftentimes have no insight into what happens once a mortgage application is submitted. An applicant might not be made privy, for example, to the following: (1) that a processor and an underwriter are engaged in conversations about details of the applicant's financial profile, (2) questions raised while completing the review, (3) the processor/underwriter's reasons for why clarification of existing information is warranted, (4) the processor/underwriter's reasons for needing additional information from the applicant or (5) the processor/underwriter contacts the applicant with a urgent and/or last minute request for additional information that presents real challenges for the applicant to provide rapidly. Consequently, an applicant typically has little-to-no insight into, much less control over, the process once an initial application is submitted. More specifically, applicants are often occluded from knowledge of what is done with the (potentially very sensitive) data they provide or have granted the lender access to, how often the data is accessed, or what data was actually received or reviewed.
The issue with opaque procedures involved in handling an applicant's data is exacerbated after the mortgage is approved and executed. This is because after the mortgage execution, other parties may become involved, and they also may require access to the borrower's data. One instance of this further issue would occur if the mortgage is acquired in the secondary mortgage market from the originator or another secondary mortgage lender. There typically is a laundry list of verifications the new holder needs to perform to evaluate the mortgage, and many of these verification include reviewing the borrower's data. For example, some of the possible analytics performed on the mortgage include: (1) verifying that the borrower's information is accurate and was properly acquired, (2) assessing whether the borrower's financial situation was properly reviewed, (3) ensuring that any identified issues were appropriately resolved, (4) reviewing for correctness any calculations that were performed (such as debt to income ratio, cash flow analysis, etc.), (5) analyzing the underwriting process in general to check for any procedures not up to standard, (6) determining whether there have been any material changes in the borrower's financial situation since the origination that could affect loan repayment, and (7) additional information which may be needed by the acquiring parties specific and evolving underwriting standards. Consider also the case of ongoing monitoring, which arises in a number of instances. For example, in many cases, a borrower may not qualify for a loan under traditional underwriting scenarios, but a lender may be able to originate a loan and a third party may be willing to acquire the loan if the consumer consents to ongoing monitoring of their financial situation. This creates similar strains. Similarly, traditional credit scoring and evaluation methods do not always truly portray a borrower's ability to repay. For example, there are cases where a borrower who is knowledgeable in how a credit score is derived is able to successfully manipulate their financial behaviors to ensure that their credit score remains in a range that meets underwriting guidelines. Such behaviors can more easily be detected by analyzing all disclosed accounts and information, as well as other information sources available based on the consumer's consent to identify those behaviors (e.g., paying one debt by getting cash advances from their credit card). Conversely, the consumer may have a low credit score, either because of some situation that occurred a couple of years ago, or situations such as seasonal employment leading to recurring late payments for 1 or 2 months per year. A more in-depth and potentially ongoing analysis of the financial situation (e.g., including a review of all disclosed accounts and information as well as other information sources available based on the consumer's consent) may allow the lender to determine that this person may indeed be able to receive a mortgage, especially if they have secured the consumer's permission for ongoing access.
There are several other instances of the data handling issue that demonstrate how quickly issues proliferate. In addition to the initial verification steps done by the mortgage acquirer, there is also a need in certain instances to monitor the loan continuously to ensure that it remains viable throughout its life or at least until certain critical stages in the loans lifecycle have been achieved and the originator's underlying liabilities have been reduced (e.g., in some cases a mortgage originator's liabilities for assessing a borrower's assets and liabilities goes away after a loan has been paid as agreed for a period of N years). Often the mortgage holder will engage a mortgage servicer to accomplish this task and others. There is also the possibility that a loan modification could be triggered automatically (e.g., as a result of an adjustable rate mortgage needing to be adjusted or because of a shift in the loan-to-value ratio such that it no longer requires private mortgage insurance) or because of actions undertaken by the borrower or lender, which would require a re-examination of data. Investors who invest in mortgage-backed securities also sometimes desire access to certain data to evaluate the potential efficacy of their investment. As should be clear by now, there are many entities who either require or desire access to certain pieces of information associated with a mortgage. As already stated, one area of concern here is that the borrower/applicant is often not made aware of all of the entities that have access to their data. This is a technical problem related to data security, privacy data integrity, auditing, etc. Another issue, already alluded to, is that the process of data collection (for all parties involved) is usually cumbersome, confusing, time-consuming, sometimes inaccurate, and open to fraud. This is a technical problem associated with the ingesting of data (including sensitive data) from a plurality of different sources and in a plurality of different formats. Still another problem to consider is that the processes of data transference between interested parties is usually opaque and inefficient, meaning the receiver may have no guarantee that the information is correct or complete. This is a technical problem relating to those areas discussed above, as well as issues of provenance, etc.
Certain example embodiments address the above and/or other concerns.
Certain example embodiments relate to a workflow management system. The system comprises processing resources including at least one processor and a memory coupled thereto, and a non-transitory computer readable storage medium. The processing resources are configured to control the workflow management system to at least: provide a user interface to a user of the workflow management system, the user interface being configured to present to the user information concerning a status of a multi-step workflow being managed by and under control of another entity, the multi-step workflow including processing, on a computing platform remote from and inaccessible to the user, user data, the user data including user provided data and/or documents shared from the non-transitory computer readable storage medium and data and/or documents authorized by a user to be provided; and responsive to a termination message received from the user and/or a predefined time period elapsing, transmit a signal to the computing platform of the another entity that the workflow is to be terminated, the signal causing the computing platform to terminate the workflow regardless of what step in the workflow is being processed, including regardless of whether responsibility for processing the current step in the workflow resides with the user, the another entity, or a further entity that has partnered with the another entity by request of the another entity. Other information may be considered in some instances, even though it may not be provided by a consumer nor specifically authorized for consideration by a consumer. This may include, for example, public records data, data provided by the lender, data sources that the system may contract with that do not need consumer authorization/consent, data that has been built up by the system (e.g., related to risk tolerance, local effect data, and/or the like), etc.
In certain example embodiments, a data management system comprises processing resources including at least one processor and a memory coupled thereto, and a non-transitory computer readable storage medium. The processing resources are configured to control the data management system to at least: enable a user to define a plurality of different logical containers over time, each logical container being backed by the non-transitory computer readable storage medium; receive sensitive information from the user; retrieve sensitive information from external data sources where authorized by the user; store an electronic representation of received sensitive information to the non-transitory computer readable storage medium; associate received sensitive information with one or more logical containers; store, for each logical container, a set of rules identifying one or more other parties that have access to the sensitive information associated with the respective logical container, and conditions under which those one or more parties are granted access to the sensitive information associated with the respective logical container; grant electronic access to a given logical container, and the sensitive information associated therewith, to a given party, conditioned on the set of rules associated with the given logical container; record data representative of direct and indirect accessions of logical containers and/or the sensitive information associated therewith; and responsive to a user request for a given logical container, present to the user an indication of the party or parties that has or have accessed the given logical container associated with the user request. Each said logical container is reusable over time by different parties based at least in part on corresponding updates to the at least one set of rules. Each of (a) the collection of sensitive information and (b) the content of each said logical container, is updatable over time.
In certain example embodiments, there is provided a data analysis system comprising processing resources, including at least one first processor and a first memory operatively coupled thereto. A first data store comprises sensitive data about a user, as well as a set of data sharing rules, with the set of data sharing rules indicating what sensitive data is sharable and one or more conditions identifying when such sensitive data is shareable, and the sensitive data comprising information elements. A second data store (which may be the same as or different from the first data store) comprises at least one set of analysis rules, with the at least one set of analysis rules being system defined and/or defined by an external party separate from the user. The processing resources are configured to control the data analysis system to at least store, to the first data store, sensitive information received from the user and/or electronically retrieved from a data source external to the data analysis system in response to the user providing appropriate credentialing information for the external data source; receive, from the external party, a request to process a first predefined set of sensitive information; and responsive to a request to process a first predefined set of sensitive information: determine one or more sets of analysis rules to be applied to sensitive information in the first predefined set of sensitive information, based at least in part on the received request; automatically and programmatically attempt to apply each rule from each determined set of analysis rules to sensitive information in the first predefined set of sensitive information; store, to the second data store, information about an outcome of the rules that are successfully applied, the information being associated with the sensitive information on which the rules are run; and for each rule or set of rules that indicates that further action is required, re-assess an outcome of a respective rule or an outcome of a set of rules, responsive to at least one of: (a) automatic retrieval of further information from the user performed in connection with applicable data sharing rules, (b) application of a heuristic to sensitive information already in and/or added to the first predefined set of sensitive information, (c) electronic receipt of further information from the user or the external party in response to a system-initiated electronic prompt for responsive information, and (d) a determination as to whether the indication that further action is required for the respective rule or set of rules can be ignored based on input from the external party; and store, to the second data store, information about an outcome of the respective re-assessed rule or set of rules, the information being associated with the sensitive information on which the respective rule or set of rules is run.
According to certain example embodiments, notifications may be sent under a variety of different circumstances and to a variety of different parties and under a variety of different communication channels. For example, remote termination of a workflow, completed rule application or rule re-application, updates made with respect to flagged issues, successful linkages to external data sources, successful uploads of new documents, etc., may trigger notifications. Such notifications may be sent to consumers, other parties to a transaction or potential transaction, third parties, and/or others, depending on the circumstances. Such notifications may be sent via email messages, SMS messages, instant messages, system-to-system messages, over application programming interfaces (APIs), and/or the like.
Non-transitory computer readable storage mediums tangibly storing instructions for performing the above-summarized and/or other approaches also are provided by certain example embodiments, as well as corresponding computer programs. Corresponding methods of operating, making, and/or configuring such systems also are contemplated herein.
Certain example embodiments may help achieve some or all of the following and/or other technical advantages:                A reduction in data acquisition times, e.g., from days/weeks to minutes, and the ability to potentially better understand what data is needed and in at least some instances automatically retrieve fully responsive data without direct human intervention, e.g., based on predefined and user-configurable rules as to what data can be shared, with whom, and when;        The enabling of secure collaboration between two or more parties in real time, or at least near real time;        The ability to refresh data on demand from internal and/or external sources, e.g., regardless of whether provided once or multiple times and potentially in accordance with predefined and user-configurable rules as to what data can be shared, with whom, and when;        An ability to conduct analysis that would be impossible or at least impractical to be done by a human;        The creation and maintenance of essentially tamper-free data, e.g., sensitive data resistant to tampering by an applicant, lender, or other party involved with a lending or other related process;        Facilities for digitally-signed documents delivered to lenders and/or other parties to protect against tampering and provide verification;        Provision of ongoing monitoring when authorized by a consumer;        Enabling the sharing of access to consumer data with fine grained control (e.g., the consumer gives the system access to their online accounts, and the consumer shares what financial accounts they are willing to share, while a lender does not get access to their credentials so they can only see what consumer shares; potentially enabling a consumer to only share native and/or computed data elements such as, for example, e.g., cash flow, current monthly rent, net worth, etc.);        Holistic data analysis (e.g., analysis across all information available);        Machine learning/heuristic analysis, e.g., to help define and/or refine analysis rules;        Containerization of data, e.g., to facilitate easy maintenance, sharing, collaboration, etc.        And/or the like.        
These features, aspects, advantages, and example embodiments may be used separately and/or applied in various combinations to achieve yet further embodiments of this invention.