In January, the American Land Title Association (ALTA) announced the publication of the ALTA Best Practices Framework ver. 4.0, with an effective date of May 23, 2023. The updates represent a much-needed fine-tuning of escrow and security processes in response to the increasing threats to consumers personal information, as well as wire fraud and other malware threats.
It’s interesting to note that the ALTA Best Practices framework has been in place now for more than a decade.
Approved by the ALTA Board of Governors on December 20, 2012, the best practices were in direct response to the passage of The Dodd–Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act), which completely overhauled financial regulation and established the Consumer Financial Protection Bureau (CFPB).
The new regulations attendant to the Dodd-Frank Act put a tremendous amount of liability on lenders to verify their third-party providers in the course of funding mortgages for real estate purchases. ALTA stepped in quickly to create a best practices framework to help title agents provide reliable assurances to their lender partners that they were adhering to practices that would protect the consumer.
These assurances have become an even more critical requirement for lenders, as they face increasing attempts from cybercriminals who are trying to access consumer NPI or intervene in the transaction itself.
Agents are encouraged to begin implementing version 4.0 immediately to ensure heightened protection for their customers.
Best Practices Assessments
One of the most important aspects of the updated version to note is that best practices assessments, renewals and certifications which are performed after the effective date of May 23 must use the version 4.0 framework.
If you are in line for your first assessment or contemplating a renewal, it may be important to visit the updates sooner rather than later to ensure your processes are properly aligned to the new standard prior to entering into the assessment process.
Overview of Changes
For this most recent update, ALTA focused on Pillar 2: Escrow and accounting; Pillar 3: Privacy and information security programs to protect NPI; and Pillar 4: Settlements.
Pillar 2 includes updates to the treatment of non-settled funds and outstanding file balances, use and treatment of fintech applications, escrow funds training, use of the ALTA Outgoing Wire Preparation Checklist, and the use of wire verification services.
Pillar 3 changes address updates to the physical protection of NPI, inclusion of network and cloud security of NPI, further details on coverage of business continuity and disaster recovery plans, further details on the required oversight of service providers and third-party systems, use of the ALTA Cybersecurity Incident Response Plan Template as a reference document for the written incident response plan, and requiring processes for addressing breaches or unauthorized access to NPI.
Pillar 4 establishes consumer objectives for the training of staff, updates disclosures for Affiliated Business Arrangements, establishes procedures related to closing documents, updates requirements for internal and external signing professionals and selection of Remote Notarization Platforms, and updates standards for recording procedures.
ALTA has also published three new reference documents, including The Best Practices Assessment Procedures, the Internal Assessment Report and Letter, and the Third-Party Assessment Report.
More information can be accessed at https://www.alta.org/best-practices/.