NEWS: Recently, the NCUA, CFPB and other federal financial regulators released a final rule on the use of Automated Valuation Models (AVMs) – sophisticated computerized models that rely on artificial intelligence to estimate real estate values.
The Dodd-Frank Act required the regulators to issue these regulations.
The League expects that the rule will take effect on July 1, 2025. (Technically, the effective date will be the first day of a calendar quarter following the 12 months after the rule is “officially” published in the Federal Register.)
In the meantime, we’ll work to update The League’s ii Release No. B008 – “Appraisals and Evaluations” – to add material on the new rule.
What the rule says
The rule will apply to mortgage originators or secondary market issuers that use AVMs in determining the value of collateral for a loan to be secured by the consumer’s principal dwelling in connection with making a credit decision or covered securitization determination regarding a mortgage or mortgage-backed security.
This includes decisions about originating, modifying, or terminating mortgages but excludes AVMs used solely for portfolio monitoring. The rule also covers AVMs used by servicers working on behalf of mortgage originators or secondary market issuers in loan modifications.
The rule will apply regardless of whether the loan is primarily for consumer purposes or business purposes, and whether the credit is closed-end or open-end.
Definitions
The phrase “automated valuation model” means any computerized model used by mortgage originators and secondary market issuers to determine the collateral worth of a mortgage secured by a consumer’s principal dwelling.
A “mortgage originator” means any person who, for direct or indirect compensation or gain, or in the expectation of direct or indirect compensation or gain (i) takes a mortgage application, (ii) assists a consumer in obtaining or applying to obtain a mortgage, or (iii) offers or negotiates terms of a mortgage.
A “secondary market issuer” is any party that creates, structures, or organizes a mortgage-backed securities transaction. When a secondary market issuer, such as Fannie Mae or Freddie Mac, uses an AVM to offer an appraisal waiver, the secondary market issuer must comply with the final rule, and not the mortgage originator.
A “covered securitization determination” means a determination regarding:
- Whether to waive an appraisal requirement for a mortgage origination in connection with its potential sale or transfer to a secondary market issuer; or
- Structuring, preparing disclosures for, or marketing initial offerings of mortgage-backed securitizations.
The term “credit decision” means a decision regarding whether and under what terms to originate, modify, terminate, or make other changes to a mortgage, including a decision whether to extend new or additional credit or change the credit limit on a line of credit. Other uses of AVMs, such as for portfolio monitoring, are outside the scope of the rule. Additionally, the rule will not cover AVMs used to develop an appraisal by a certified or licensed appraiser, nor in the review of the quality of already completed determinations of collateral value.
“Control systems” means “the functions (such as internal and external audits, risk review, quality control, and quality assurance) and information systems that are used to measure performance, make decisions about risk, and assess the effectiveness of processes and personnel, including with respect to compliance with statutes and regulations.”
Five quality control standards
Credit unions that use covered AVMs in their credit decisions will have to adopt policies, practices, procedures, and control systems to ensure that the AVMs meet five quality control standards:
- Ensure a high level of confidence in estimates: Institutions must ensure that AVMs produce reliable and accurate property valuations.
- Protect against data manipulation: Safeguards must be in place to prevent any tampering with the data used by AVMs.
- Avoid conflicts of interest: Institutions must implement measures to prevent conflicts of interest in the valuation process.
- Require random sample testing and reviews: Regular testing and reviews of AVMs are required to ensure ongoing accuracy and reliability.
- Comply with applicable nondiscrimination laws: Institutions must ensure that AVMs comply with all relevant nondiscrimination laws, such as the Equal Credit Opportunity Act and Fair Housing Act.
The CFPB said that the rule gives institutions flexibility to adopt approaches that reflect their individual business models and risk profiles. It wrote:
Different policies, practices, procedures, and control systems may be appropriate for institutions of different sizes with different business models and risk profiles, and a more prescriptive rule could unduly restrict institutions’ efforts to set their risk management practices accordingly.
Existing guidance
Appraisal bias has long worried federal regulators, as highlighted in this CFPB blog post and this one.
In issuing this new rule, the regulators recommended that institutions review and apply existing guidance to help meet their AVM quality control obligations.
Since 2010, the FDIC, OCC, Fed, and NCUA have provided supervisory guidance on the use of AVMs by their regulated institutions in Appendix B to the Interagency Appraisal and Evaluation Guidelines. Those Guidelines recommend that institutions establish policies, practices, and procedures governing the selection, use, and validation of AVMs, including steps to ensure the accuracy, reliability, and independence of an AVM.
In addition to Appendix B of the Guidelines, the FDIC, OCC, and Fed have issued guidance on model risk management practices that provides supervisory guidance on validation and testing of computer-based financial models. While the NCUA is not a party to that Model Risk Management Guidance, the agency monitors the model risk management efforts of federally insured credit unions through by confirming that the governance and controls over AVMs are appropriate based on the size and complexity of the transactions, the risk the transactions pose to the credit union, and the capabilities and resources of the credit union.
League had suggested changes to AVM proposal
Last summer, The League filed a comment letter on a proposed version of the rule, voicing issues raised by several Wisconsin credit unions. While our letter pointed out many ways the proposal could be improved, we stressed our overarching concern:
[T]his proposal is directed at the wrong parties. Those who design, program, and sell AVMs should be the targets of the new rules, not credit unions, which have no control over how AVMs are created. AVM vendors know that their products will be used by, and relied upon by, end-user lending institutions. And AVM vendors know that those institutions have obligations to comply with Fair Housing and other nondiscrimination laws. Requiring those institutions to police the internal functioning of AVM systems they did not create is inefficient and misguided.
Regardless, the final AVM rule is largely identical to what the agencies proposed. The agencies brushed aside commenters (like The League) who suggested that the rule should apply to AVM developers and vendors. The regulators wrote:
A banking organization’s use of third parties does not diminish its responsibility to meet these requirements to the same extent as if its activities were performed by the banking organization in-house. To operate in a safe and sound manner, a banking organization establishes risk management practices to effectively manage the risks arising from its activities, including from third-party relationships.
***
[F]inancial institutions should be able to work with AVM developers and vendors to assist them with their compliance obligations under the rule, as they do with other third-party vendors in order to comply with relevant regulatory requirements. … As long as financial institutions meet the obligations provided in the final rule, they are free to work with third parties to assist them with their compliance obligations.
In other words, covered credit unions will need to work with AVM vendors to ensure compliance. As one law firm observed, “It is likely that third party AVM testing entities will emerge to assist with these obligations. Vendor management oversight will be important. Institutions will need to start thinking through their existing policies, practices, procedures, and control systems now to identify what changes are necessary to ensure compliance on or before the rule’s effective date.”