Mortgage fund managers run a recurring set of questions on the subservicing framework. This article answers the questions on the diligence framework, the Subservicing Agreement framework, the SOC report framework, the audit-rights framework, the trust-account framework, and the investor-reporting framework.

What diligence runs against a subservicer?

The fund runs diligence on the subservicer against four documents — the SOC 1 Type II report, the SOC 2 Type II report, the certificate of insurance with errors-and-omissions and cyber-liability coverage, and the GLBA Safeguards Rule written information security plan. The fund runs the diligence framework on the subservicer’s license framework against the state-by-state servicer license requirements — the NMLS company record, the state-licensed mortgage-servicer record, and the California Department of Real Estate broker record on a California broker subservicer. The fund runs the diligence framework on the subservicer’s litigation history, regulatory-enforcement record, and complaint log.

What does the Subservicing Agreement run?

The Subservicing Agreement runs four operational frameworks. The service-level framework runs payment posting on a twenty-four-hour standard, call answer on a two-minute standard, payoff-statement turnaround on a five-to-seven business-day standard, and 1098 and 1099 issuance against the IRS deadline. The trust-account framework runs the fiduciary discipline against the fund as beneficiary, the three-way reconciliation cycle, and the audit-record framework. The records framework runs the original-note custodian framework against the fund’s collateral custodian and the working-copy framework against the subservicer. The termination framework runs termination for cause on the immediate cycle and termination without cause on the thirty- to ninety-day notice with the deboarding fee schedule and the records-transfer protocol.

Why does the fund need SOC 1 Type II?

The fund runs SOC 1 Type II as the baseline audit framework against the subservicer. SOC 1 Type II runs the Internal Controls over Financial Reporting framework across the six- to twelve-month operating-effectiveness period. The fund’s financial-statement auditor runs the SOC 1 Type II report into the fund’s own audit framework under AS 2601 service-organization audit standards. A qualified opinion on the SOC 1 Type II report runs into the fund’s audit framework as a service-organization finding and runs the fund’s auditor into extended audit procedures against the subservicer.

Is SOC 2 Type II required?

SOC 2 Type II runs as the table-stakes data-security framework against a fund subservicing engagement after the 2024 GLBA Safeguards Rule notification amendment under FTC 16 CFR §314. SOC 2 Type II runs the Trust Services Criteria — security, availability, processing integrity, confidentiality, and privacy — across the operating-effectiveness period. The fund runs the SOC 2 Type II framework against the subservicer’s data-security framework, against the GLBA Safeguards Rule written information security plan, and against the FTC thirty-day notification framework on a notifiable data security event.

What audit rights run against the subservicer?

The Subservicing Agreement runs an audit-rights framework against the subservicer’s loan files, trust-account records, and compliance documentation on a five-business-day access standard. The standard runs an annual on-site or virtual audit. The fund runs the audit framework against a defined sample of loan files — performing, delinquent, modified, and in-foreclosure — and runs the finding framework against the Subservicing Agreement’s remediation framework. The audit framework runs against the subservicer’s trust-account three-way reconciliation, the investor-reporting remittance file, and the compliance covenants under federal and state frameworks.

How does the trust account run on a fund engagement?

The subservicer holds borrower funds in a fiduciary trust account on behalf of the fund. The fund runs as the beneficial owner of the trust account; the borrower runs as the source of the trust funds; the subservicer runs the fiduciary administration against the trust-fund framework. The subservicer runs the three-way reconciliation framework on the trust account monthly — bank statement against control record against beneficiary ledger. A California broker subservicer runs the trust-account framework under §10145 of the Business and Professions Code and the Title 10 §2830 through §2835 regulation framework. A non-California subservicer runs the trust-account framework under the equivalent state-level fiduciary framework.

How does the fund handle investor reporting?

The fund runs the investor-reporting framework against the lender-investor base on two cycles. The monthly cycle runs the loan-level performance framework — principal received, interest received, escrow analysis, delinquency, and reserve framework. The quarterly cycle runs the waterfall distribution against the preferred-return framework, the catch-up framework, and the carried-interest split. The fund runs the K-1 framework against the lender-investor base on the annual cycle under partnership tax rules. The subservicer runs the loan-level remittance file into the fund’s investor-reporting framework, and the fund’s fund administrator runs the waterfall distribution and the K-1 issuance.

Related Topics

This article is educational and does not constitute legal advice. The mortgage fund subservicing framework runs under 12 CFR §1024.31 — RESPA Regulation X — and runs against federal frameworks including the GLBA Safeguards Rule under FTC 16 CFR §314 and the Investment Company Act §3(c)(5)(C) real-estate exception. State frameworks run against the California Department of Real Estate §10145 trust-fund framework and the equivalent state-level frameworks against the subservicer’s licensure. Consult qualified legal counsel and a qualified fund administrator on any specific fund portfolio.

Sources