NAICU Washington Update

Department Alerts Colleges of Reporting Requirements for Third-Party Servicers

February 11, 2015

Concerned that “a significant number of institutions have failed to report, update, and/or have incorrectly reported third-party servicer information,” the Department of Education issued guidance to clarify the reporting responsibilities institutions have when using outside servicers. The Department delineated which activities performed by a third-party servicer fall under the reporting requirements.

The following are considered reportable third-party activities: Reportable third-party servicer activities are related to various aspects of processing the FAFSA and Title IV funds and refunds, default management, loan counseling, Perkins Loan servicing, enrollment reporting, and preparation and dissemination of a variety of consumer information disclosures.

The following activities DO NOT create a regulatory third-party servicer relationship: Activities such as preparing financial statements, mailing institutional documents, physical warehousing of records, and provision of certain on-campus computer services or software are not viewed as creating a regulatory third-party servicer relationship.

Using the Department’s E-App process, institutions must report the names, and other identifying information, of any individuals or entities the institution contracts with to perform the enumerated Title IV functions. The information must be reported within 10 calendar days of an institution entering into, or substantially modifying, a contract with the third-party.

A third-party servicer contract must specify that the third-party servicer will comply with the relevant regulatory requirements applicable to the institution for those activities, including reporting possible fraud to the Inspector General, complying with relevant FERPA requirements, and accepting joint and several liability with the institution for violations in the provision of Title IV services.

Third-party servicers are also subject to the customer information security requirements established by the Federal Trade Commission for financial institutions. Third-party servicers must submit an annual compliance audit to the Secretary. The Department is aware that some servicers have not submitted their audits because of faulty assessments that they did not meet the regulatory definition of a third-party servicer.

Additional guidance on audit requirements will be forthcoming from the Department.