N.D. Cent. Code § 13-13-09

Current through 2024 Legislative Session
Section 13-13-09 - Corporate governance

This section applies to large servicers as defined in section 13-13-01.

1. Large servicers shall establish and maintain a board of directors responsible for its oversight. For large servicers that are not approved to service loans by a government-sponsored enterprise, or where these federal agencies have granted approval for a board alternative, an institution may establish a similar body constituted to exercise oversight and fulfill the board of directors' responsibilities in subsection 2.
2. The board of directors shall be responsible for:
a. Establishing a written corporate governance framework, including appropriate internal controls designed to monitor corporate governance and assess compliance with the corporate governance framework.
b. Monitoring and ensuring institution compliance with the corporate governance framework and this chapter.
c. Reporting, accurately and timely, regulatory reports, including the requirements for filing the mortgage call report as required by section 13-13-23.
d. Establishing internal audit requirements that are appropriate for the size, complexity, and risk profile of the servicer, with appropriate independence to provide a reliable evaluation of the servicer's internal control structure, risk management, and governance.
3. Licensees subject to this section shall obtain an external opinion audit, including audited financial statements and audit reports conducted by an independent public accountant annually, including at a minimum:
a. Annual financial statements, including balance sheet, statement of operations or income statement, cashflows, notes, and supplemental schedules prepared in accordance with generally accepted accounting principles.
b. Assessment of the internal control structure.
c. Computation of tangible net worth.
d. Validation of mortgage servicing rights valuation and reserve methodology, if applicable.
e. Verification of adequate fidelity and errors and omissions insurance.
f. Testing of controls related to risk management activities, including compliance and stress testing, where applicable.
4. Licensees subject to this section shall establish a risk management program under the oversight of the board of directors that identifies, measures, monitors, and controls risk sufficient for the level of sophistication of the servicer. The risk management program must:
a. Have appropriate processes and models in place to measure, monitor, and mitigate financial risk and changes to the risk profile of the servicer and assets being serviced.
b. Be scaled to the complexity of the organization, but be sufficiently robust to manage risks in several areas, including:
(1) Credit risk. The potential that a borrower or counterparty will fail to perform on an obligation.
(2) Liquidity risk. The potential that the servicer will be unable to meet its obligations as they come due because of an inability to liquidate assets or obtain adequate funding or that it cannot easily unwind or offset specific exposures.
(3) Operational risk. The risk resulting from inadequate or failed internal processes, people, and systems or from external events.
(4) Market risk. The risk to the servicer's condition resulting from adverse movements in market rates or prices.
(5) Compliance risk. The risk of regulatory sanctions, fines, penalties, or losses resulting from failure to comply with laws, rules, regulations, or other supervisory requirements applicable to the servicer.
(6) Legal risk. The potential that actions against the institution that result in unenforceable contracts, lawsuits, legal sanctions, or adverse judgments can disrupt or otherwise negatively affect the operations or condition of the servicer.
(7) Reputation risk. The risk to earnings and capital arising from negative publicity regarding the servicer's business practices.
5. Licensees subject to this section shall conduct a risk management assessment on an annual basis, concluding with a formal report to the board of directors. Evidence of risk management activities throughout the year must be maintained and made part of the report, including findings of issues and the response to address those findings.
6. Licensees subject to this section must maintain the audits, policies and procedures, and assessment results as part of their books and records available to the commissioner upon request.

N.D.C.C. § 13-13-09

Added by S.L. 2023 , ch. 139( HB 1068 ), § 1, eff. 7/1/2023.