The Federal Housing Finance Agency can further mitigate the risks posed by Fannie Mae’s and Freddie Mac’s reliance on their counterparties’ information on origination and servicing compliance by directing them to assess the cost/benefit of whether counterparties should obtain independent, third-party attestations on a risk-focused basis that considers such things as counterparty size, product line and other characteristics.

This is the finding of the latest FHFA Office of Inspector General report.

“Through such robust attestations and independent oversight, FHFA can increase its assurance that enterprise-owned and -guaranteed loans are originated and serviced in compliance with requirements,” the report concludes. “Such a control can complement existing risk-based controls and provide broad compliance coverage to those counterparties that would otherwise not receive oversight. In this regard, one enterprise prepared and FHFA received a proposal to consider independent, third- party attestations of counterparty compliance but has not acted on the proposal.”

The report says that compliance with selling requirements is particularly important in light of FHFA’s new representation and warranties framework that now limits to three years the length of time the enterprises have to perform quality control activities on loans being acquired.

As such, increased reliance is being placed on controls at the sellers, the OIG finds.

Obtaining independent, third-party assurance could not only help provide the enterprises with more reliable evidence about the accuracy and timeliness of data that counterparties report, but also help manage the risks associated with their delegated underwriting business model.

“Finally, other federal agencies require annual assertions and independent, third-party attestations that allow them to identify problems with counterparty compliance. Since many of these counterparties also do business with the Enterprises, similar deficiencies could have been identified if the Enterprises had similar requirements for independent compliance attestations,” the report concludes.

OIG previously concluded that the Enterprises could require independent assurance that counterparties are complying with their selling and servicing requirements as a complement to other monitoring controls already in place. As examples of best practice, federal agencies involved in the mortgage market, such as the Securities and Exchange Commission and the Department of Housing and Urban Development, and private investors in mortgage-backed securities commonly require independent assurance of counterparty compliance.