It happens all the time: A homeowner logs on to the Internet site of a mortgage lender and fills out an application to refinance her home loan. She provides the lender with her Social Security number, her date of birth, her income, and the value of her mutual fund portfolio and IRA. Seconds later, a loan offer appears on her computer screen. She decides to pass on it for now and shop around.
But the financial institution still has all of her financial information -- a "financial profile," in the words of Chris Larsen, founder of E-Loan Inc., the Pleasanton, Calif.-based online lender.
Federal law prohibits the company from selling that data to another company. But nothing stops the lender from using the financial profile, gleaned from that brief online transaction, for other internal purposes. It's just one of the aspects of modern mortgage lending of which consumers should be aware.
Today, mortgage lenders usually are part of major, diversified financial companies, with credit card, insurance and banking divisions. Larsen, during a recent conference on information privacy, said these firms are using information repositories to create financial profiles to "narrow their loan default rates."
He said, "The industry just doesn't want to know about how well you've paid your bills in the past. They want to have predictive data about what you will do in the future. There's no transparency to this, and that's what scares people."
When a major institution buys another financial titan, such as the recently completed merger of Bank of America Corp. and FleetBoston Financial Corp., or the planned merger of J.P. Morgan Chase & Co. and Bank One Corp., federal laws that prohibit sale of information from one firm to another no longer apply because the sharing is now in-house.
"When a big company buys a smaller company, and each has a different system of values, the next thing you know, companies have much more information about us than we want," said Nan Andrews Amish, a management consultant and faculty member at the University of San Francisco. "The fear is that they could use it in an inappropriate way. If you apply for a mortgage, they know your financial profile. If you are turned down for a loan, they may send you to their low-brow affiliates, and soon you will be getting pitch letters in the mail from marketers treating you like you just got out of jail."
A leading banking lawyer, David C. Kenny, a partner with Squire, Sanders & Dempsey LLP in San Francisco, said that Congress has let financial institutions share such data among affiliates because the institutions argued that the individuals being profiled were already customers.
"They were trying to save them the cost of scrubbing their databases, purging the data and starting over from scratch," said Kenny.
Under the law, consumers receive opt-out notices in the mail from banks, allowing them to prevent the sharing of their information among affiliates, but are "confused about the rules, and don't know how to opt out of the lists that they may be on," Kenny said. The Federal Reserve Board is looking into the issue. It has developed model notices for financial institutions, which if adopted would give consumers more control over their financial data.
"The idea is to give consumers a meaningful way to opt out of these lists," said Kenny. "There is a confusion over the rules. If the revisions come through, the rules will be standard forms for people to check off once a year to opt-out of the lists."
Having data captured and used internally by a financial institution is just one of the concerns that mortgage holders face online these days. If an account is not properly managed, the data could be misused, or misapplied, causing you financial difficulties in the future, for example.
Fairfax County resident Kevin Decker recently had a run-in with his lender.
"I have managed as many as four [accounts] online with a single servicer," said Decker. But then he "found out they had misapplied a payment, doubled up on one account, and left one unpaid."
