ENG ESP

Jun 1, 2022 2022-10

Important reminders: 1) Document transmission protocols 2) System user and administrator responsibilities

All MFA participating lenders are required to have an electronic security policy.

Each lender’s respective IT departments are responsible for ongoing implementation, monitoring, and enforcement of security protocols applicable to systems and company employees, however, everyone in the workplace has a responsibility to minimize risk by protecting sensitive information.

We respectfully remind all participating lenders to comply with the following:

1. Document transmission protocols:

  • Do not email documents to MFA employees.
    • All borrower documents required by MFA must be uploaded to MFA’s secure document management system, VirPack. When uploading loan documents to MFA, include only those that are requested on the compliance file checklist and those which are specifically requested by a compliance reviewer.
  • Ensure your company’s employees have access to encrypted emails.
    • MFA employees frequently communicate to lenders via encrypted email. Ensure that all employees can open and view these types of messages. Anyone having trouble accessing these emails should consult with their supervisor or IT department.

2. System user and administrator responsibilities:

  • Do not share passwords.
    • Any employee that requires access to PowerLender, VirPack and/or Lender Connection MUST log in using only their personal credentials.
  • Two-factor authentication.
    • PowerLender utilizes a two-factor authentication for added security. Please comply with the instructions posted within the PowerLender portal.
  • System administrators:
    • System administrators must regularly audit their users’ accounts and adjust permissions or deactivate as needed.
    • MFA strictly prohibits the creation and/or use of generic or group credentials, the sharing of credentials, and access to our systems through any means other than by a person who is individually and explicitly authorized.
    • Companies must ensure that enough administrators have been designated and that they are prepared to readily assist employees with access issues.

Failure to comply with these policies may result in corrective actions up to and including the suspension of eligibility as a participating lender.

We appreciate your cooperation and ongoing diligence in these matters.

Should you have questions please contact a member of the Homeownership Department at 505.843.6880.

Thank you for participating in MFA programs.