Presentation is loading. Please wait.

Presentation is loading. Please wait.

NCHER Compliance Track Third‐Party Servicing Requirements

Published byLeonard Wood Modified over 6 years ago

Similar presentations

Presentation on theme: "NCHER Compliance Track Third‐Party Servicing Requirements"— Presentation transcript:

1 NCHER Compliance Track Third‐Party Servicing Requirements
Dino Tsibouris Attorney Tsibouris & Associates, LLC Rick Buckingham USA Funds Wanda Hall Edfinancial Services

2 Overview Background: Third Party Servicers (“TPS”)
Dear Colleague Letter GEN (August 18, 2016) Contract requirements Guide for Audits (September 2016) Parallels to private loan servicing The session will delve into the U.S. Department of Education’s recent guidance on third‐party servicers, which significantly expanded the types of activities, functions, services, and roles that organizations provide to institutions that will now fall under the third‐party servicer rules. We will review requirements that must be included in each contract. Additionally, we will compare how the guidance follows industry trends by imposing requirements that are similar to, and overlap with, compliance and contract obligations imposed on private student loan servicers by their respective regulators.

3 Background GEN (April 26, 2012) Disbursing funds through a Contractor GEN (January 9, 2015) Listed functions that resulted in TPS classification but prompted a number of questions to ED Previous DCLs addressed the use of third party servicers

4 GEN-12-08 Disbursing Funds through a Contractor
Q1. What is the regulatory definition of a third-party servicer? A1. 34 CFR “An individual [not including an employee of the institution] or a State, or a private, profit, or non-profit organization that enters into a contract with an eligible institution to administer, through either manual or automated processing, any aspect of the institution’s participation in any title IV, HEA program.”

5 GEN-12-08 Disbursing Funds through a Contractor
Q2: Examples of functions by TPS A2: Processing student financial aid applications Performing need analysis Determining student eligibility and related activities Certifying loan applications Loan servicing and collections Included contract requirements

6 NCHER Comments on the Issue
November 4, 2014 NCHER Letter Concern that the proposed TPS form includes content that does not comport to Department’s longstanding interpretation of a third-party servicer. Addressed supplemental student support services, including counseling, delinquency, and default aversion. January 6, 2015 NCHER Letter Concern the draft letter further expanded list of services that exceeds the current regulatory authority. Many NCHER members, including state agencies and state-designated authorities, also provide higher education access, outreach and financial literacy programs, counseling and delinquency, and default aversion services. In addition, a number of our members currently service Federal Direct Loans…. NCHER was concerned that the proposed form includes some content that does not comport to the regulatory schema and the Department’s longstanding interpretation of a third-party servicer. Wanted to ensure there are no unintended negative consequences to schools (and the students and borrowers they serve) who may wish to obtain supplemental student support services, including but not limited to counseling, delinquency, and default aversion

7 GEN January 9, 2015 Purpose to clarify TPS institutional requirements and responsibilities

8 GEN-15-01 TPS Activities Processing aid applications
Collecting, reviewing, maintaining documents to process Title IV funds  Awarding, certifying, disbursing funds Delivering refunds Aid counseling Default prevention management/outreach Preparing reports

9 GEN TPS Activities If an entity assists in the “development, implementation, and/or maintenance of the written policies and procedures” they are considered a TPS Distinguish the difference, especially on the term “maintenance” which could cross into the review or revise piece that isn’t a TPS defined function. As provided in the regulations, an institution’s Title IV responsibilities include, but are not restricted to, performing one or more of the following: Financial aid consulting, including financial aid staffing, interim management, processing support, and/or development and maintenance of written policies and procedures;

10 GEN-15-01 TPS Exclusions Ability to benefit tests
Financial and compliance auditing Mailing documents Records warehousing – Physical storage Computer services or software (Limited) Some functions excluded – Records warehousing – Physical storage. Portals are TPS. Computer services or software - Note: Exclusion doesn’t apply if software not UNDER CONTROL OF THE INSTITUTION and IF INVOLVES STUDENT LEVEL INFO

11 GEN-15-01 TPS Requirements
Schools must report use of a third-party servicer to ED  TPS must be in good-standing  TPS must comply with FERPA requirements (PII protection)  FTC Safeguards Rule compliance Another piece here is the school must require and maintain from the TPS a signed Certification By Lower Tier Contractor. Rick could opine on what it means to be in “good-standing” Might opine that using PII obtained from a school for the TPS contracted functions does not permit using school provided data to cross-sell other services the TPS offers. This could come later in the FERPA discussion below.

12 GEN-15-01 TPS Requirements
Contracts must include: Promise to comply with law Refer to OIG for fraud/misconduct Joint and several liability with the institution for title IV violations Confirm student eligibility/return of funds Termination language that covers return of all records or funds TPS must also abide by special arrangements institutions have including limitations and suspensions.

13 GEN-15-01 TPS Requirements
Annual independent audit Protection of PII Attestation may be submitted in lieu of audit if not specifically covered in ED’s Guide Attestation includes: Description of services provided Contract includes all required pieces Internal controls are sufficient and written procedures exist New guide issued, but nothing defined further for the expanded categories of TPS qualification.

14 GEN-15-01 TPS Requirements
Performing default prevention/management functions for federal loan programs Cohort default analysis Enhanced loan counseling Delinquency assistance Development/implementation of a default management plan, and/or other default prevention outreach activities Guarantor colleagues thought that perhaps the default prevention activities we are required to perform fall under the definition of a TPS. Audience question.

15 GEN-15-01 TPS Requirements
Prompted a number of questions submitted to the Department related to third-party servicer requirements

16 GEN (August 18, 2016) Listing of activities performed by a third party that determines its status as a TPS Institutional requirements for reporting third-party servicer information Third-party servicer contract requirements FERPA requirements Security information program requirements Third-party servicer compliance audits The servicer must comply with all requirements of the Family Educational Rights and Privacy Act (FERPA), as well as the information security requirements established by the Federal Trade Commission (FTC) for maintaining appropriate safeguards in respect to the education records and student information it has access to.

17 GEN (August 18, 2016) Broader list of activities, functions, services, and roles organizations may provide to institutions that are subject to the TPS rules Serves to clarify January 2015 Dear Colleague Letter 3P servicer is based upon facts with reporting and contract obligations

18 GEN (August 18, 2016) DCL “does not make any changes to the regulations related to third-party servicers” DCL “does not change or reverse any guidance provided in Dear Colleague Letter GEN 15-01, which is still in effect” Attachment to DCL GEN-15-15 Despite an extended period of regulatory uncertainty, the DCL may show an increased potential for enforcement. Guidance to schools regarding third-party servicer institutional requirements and responsibilities relating to any aspect of the school's participation in the Title IV programs.

19 Are you a TPS or not? What is a TPS? What is not a TPS?
What should you do? Without expanding ED policy, the DCL provides further specificity about what is and what is not considered Servicer activity. Responds to questions: The definition of third-party servicer and examples of functions and services performed by third-party servicers. Clarifies how it defines a third-party servicer and provides a series of tables outlining the various services that institutions outsource, creating a third-party servicer relationship. The tables also include common functions that would not render an entity as a third-party servicer. Third-party servicer contracts. Third-party servicers and safeguarding student information. Third-party servicer data form issued by the Office for Management and Budget. Third-party servicer audits. The Department affirmed this interpretation in Medtech College. Breached its fiduciary duty to the Department by failing to report placement verifying contractor as a Servicer Failed to include the required contractual provisions in services agreement, which otherwise would have given the Department further recourse. Institution demonstrated a lack of administrative capability Moved to deny the institution's recertification. Although fines may occur, ED may deem compliance key to retaining eligibility for Title IV funding. Provide some examples of activities that does not make an entity a TPS under the new guidance.

20 Questions and Answers: What makes a TPS
Administers activities central to Title IV processing Helping institution to remain eligible to participate in the Title IV programs To determine a student’s eligibility for Title IV funds To account for Title IV funds To deliver Title IV funds to students To perform any other aspect of the administration of the Title IV programs. Department will look at each case individually and focus on the specific services or functions being provided to an institution as opposed to the nomenclature used to describe the services. Examples address generally understood services such as processing or administering Title IV funds, but more clearly addresses the outsourcing of any required consumer information, such as job placement rates, gainful employment disclosures, annual security reports required by the Clery Act, or graduation and transfer rates. D&E Q1 and Q2. The current regulation defines a third-party servicer as an entity or individual (other than an employee) that administers any aspect of an institution’s participation in the Title IV programs, including, but not limited to, services and functions necessary for the institution to remain eligible to participate in the Title IV programs. For the institution to remain eligible to participate in the Title IV programs, To determine a student’s eligibility for Title IV funds, To account for Title IV funds, To deliver Title IV funds to students, or To perform any other aspect of the administration of the Title IV programs. To protect the interest of institutions, taxpayers, and students, an institution may not contract with a third-party servicer to perform any aspect of the institution’s participation in a Title IV program if the servicer (or its subcontractors) is located outside of the United States and/or is owned or operated by an individual who is not a U.S. citizen or national, or a lawful U.S. permanent resident. This prohibition applies to both foreign and domestic institutions. Includes other activities falling under the definition of a third-party servicer including preparing and submitting required applications or reports

21 Questions and Answers: What makes a TPS
Categories of Q & A’s: In General Type of employment Student/Institutional eligibility Financial Aid counseling/application activities Consumer information preparation Default aversion Delivery of Title IV funds Computer services/software/records

22 Questions and Answers: What makes a TPS
Includes other activities falling under the definition of a third-party servicer including preparing and submitting required applications or reports: Application for Approval to Participate in the Federal Student Financial Aid Programs (E-App) Integrated Postsecondary Education Data System (IPEDS) reports Campus Safety and Security data reports and/or enrollment status Gainful employment reporting to NSLDS Department will look at each case individually and focus on the specific services or functions being provided to an institution as opposed to the nomenclature used to describe the services. Examples address generally understood services such as processing or administering Title IV funds, but more clearly addresses the outsourcing of any required consumer information, such as job placement rates, gainful employment disclosures, annual security reports required by the Clery Act, or graduation and transfer rates. D&E Q1 and Q2. The current regulation defines a third-party servicer as an entity or individual (other than an employee) that administers any aspect of an institution’s participation in the Title IV programs, including, but not limited to, services and functions necessary for the institution to remain eligible to participate in the Title IV programs. For the institution to remain eligible to participate in the Title IV programs, To determine a student’s eligibility for Title IV funds, To account for Title IV funds, To deliver Title IV funds to students, or To perform any other aspect of the administration of the Title IV programs. To protect the interest of institutions, taxpayers, and students, an institution may not contract with a third-party servicer to perform any aspect of the institution’s participation in a Title IV program if the servicer (or its subcontractors) is located outside of the United States and/or is owned or operated by an individual who is not a U.S. citizen or national, or a lawful U.S. permanent resident. This prohibition applies to both foreign and domestic institutions. Includes other activities falling under the definition of a third-party servicer including preparing and submitting required applications or reports

23 Questions and Answers: What makes a TPS
Preparing required consumer information disclosures Clery Act Annual Security Report (including crime statistics, timely warnings and emergency notification, crime log, and emergency response and evacuation procedures) Biennial review of drug and alcohol abuse prevention programs Graduation and transfer rates Job placement rates Gainful employment disclosures Institutions need to undertake an evaluation of the persons or entities that provide Title IV program related services to the institution to make a determination of whether that person or entity should be reported to the Department as a third-party servicer.

24 Department will look at each case individually and focus on the specific services or functions being provided to an institution as opposed to the nomenclature used to describe the services. Institutions need to undertake an evaluation of the persons or entities that provide Title IV program related services to the institution to make a determination of whether that person or entity should be reported to the Department as a third-party servicer.

25 Consequences of Being a TPS
Reporting and contractual obligations, including: Contract Reporting Requirements TPS Audit (ADT) We will discuss later, but for now: Contract Reporting Requirements – Institutions must report the names of any individual or entity that performs for, or on behalf of, the institution any of the Title IV functions. This information must be reported within 10 calendar days of the date an institution enters into, modifies or terminates a contract with a servicer to administer any aspect of its participation in the Title IV programs. 34 C.F.R. § (e). Third-Party Servicer Audit (ADT) – A third-party servicer must have an independent auditor conduct a compliance audit of its administration of the functions or services that it performs on behalf of eligible institutions, unless: (1) the servicer contracts with only one participating institution and (2) the attestation engagement of that institution’s participation involves every aspect of the servicer’s administration of the Title IV programs. A servicer must submit its compliance audit or audit letter annually no later than six months after the last day of the servicer’s fiscal year. Audits or audit letters are normally due no later than six months after the last day of the Servicer's fiscal year. The DCL sets different deadlines for Servicers who have not submitted audits for one or more years because either they did not believe they were a Servicer or because they believed they were not covered by the OIG Audit Guide. If a Servicer's functions are covered by the Audit Guide, audits are due no later than December 31, If the Servicer's functions are not covered by the Audit Guide, audit letters are due no later than six months after the last day of the Servicer's fiscal year that begins on or after December 31, 2016.

26 Attachment to the institution’s PPA
CNT-Q7:  Does an institution need to require a third-party servicer to sign a Certification By Lower Tier Contractor form?   CNT-A7: An institution is required to obtain a signed Certification By Lower Tier Contractor form from all of its third-party servicers, as well as any subcontractors Attachment to the institution’s PPA An institution is required to obtain a signed Certification By Lower Tier Contractor form from all of its third-party servicers, as well as any subcontractors that perform work for the institution on behalf of a third-party servicer. A Lower Tier Contractor includes any contracted individuals not considered employees of the school, who participate in the school’s administration of the Title IV programs. The school must make copies of the form and obtain the signatures of any and all Lower Tier Contractors on copies of the certification. The signed certification(s) are to be retained in the school’s files. The Certification By Lower Tier Contractor form is included as an attachment to the institution’s PPA. The school must make copies of the form and obtain the signatures of any and all Lower Tier Contractors on copies of the certification.

27 CNT-Q3: What must be included in a third-party servicer contract?
CNT-A3: Institutions must ensure that its contracts accurately and specifically detail the functions that the servicer (or its subcontractor(s), if applicable) performs on behalf of the institution, and those functions that are required to be completed by the institution.  In GEN-16-15, under QNT-Q&A #3, Can actually be satisfied by The Servicer Information Sheet included in CH 3 (D.8-8. pg 174) in the Audit Guide. The school must include when submitting their audit to ED.   Institutions must ensure that its contracts accurately and specifically detail the functions that the servicer (or its subcontractor(s), if applicable) performs on behalf of the institution, and those functions that are required to be completed by the institution.  The contract must identify the third-party servicer by its legal name and include any other name the servicer does business as (d/b/a).  The contract must provide the physical address and primary phone number of the servicer’s primary location, as well as the name, title, phone number, and address of the president or chief executive officer of the entity.  If a third-party servicer subcontracts any of its contractual responsibilities, the contract must identify the subcontractor and clearly describe the functions performed on behalf of the servicer and institution by the subcontractor.   CNT-Q3:  What must be included in a third-party servicer contract? CNT-A3: Institutions must ensure that their third-party servicer contracts contain language that requires the servicer to agree to: Be jointly and severally liable with the institution for any violation of Title IV requirements resulting from the functions performed by the servicer; Comply with all applicable statutory, regulatory, and other Title IV requirements; Refer any suspicion of fraudulent or criminal conduct in relation to the institution’s Title IV program administration to the Department’s Office of the Inspector General; Confirm student eligibility and return Title IV funds (if required) when a student withdraws if the servicer disburses funds; and Return all records related to the servicer’s administration of the institution’s participation in the Title IV programs to the institution, and if the servicer disburses or releases Title IV funds, return all unexpended Title IV funds to the institution, if the contract with an institution is terminated, or the servicer ceases to perform any functions prescribed under the contract. Institutions must ensure that its contracts accurately and specifically detail the functions that the servicer (or its subcontractor(s), if applicable) performs on behalf of the institution, and those functions that are required to be completed by the institution. The contract must identify the third-party servicer by its legal name and include any other name the servicer does business as (d/b/a). The contract must provide the physical address and primary phone number of the servicer’s primary location, as well as the name, title, phone number, and address of the president or chief executive officer of the entity. If a third-party servicer subcontracts any of its contractual responsibilities, the contract must identify the subcontractor and clearly describe the functions performed on behalf of the servicer and institution by the subcontractor. In addition, institutions are subject to the information security requirements established by the Federal Trade Commission (FTC) for financial institutions. Institutions must take reasonable steps to select and retain service providers that are capable of maintaining appropriate safeguards to protect customer information and require service providers by contract to implement and maintain such safeguards. Finally, the institution must require the third-party servicer to agree to comply with all aspects of the Family Educational Rights and Privacy Act (FERPA) with regard to the third-party servicer’s receipt and use of any education records provided by the institution. Institutions are strongly encouraged to include provisions in its contract with a third-party servicer to terminate the contract immediately, without penalty, if the institution is notified that the Department has imposed an emergency, limitation, suspension, or termination action with regard to a servicer’s ability to contract with the institution to administer any aspect of its participation in the Title IV, HEA programs or the servicer has been debarred, suspended, or voluntarily excluded government-wide from participation in covered transactions.     

28 Can actually be satisfied by The Servicer Information Sheet included in CH 3 (D.8-8. pg 174) in the Audit Guide. The school must include when submitting their audit to ED.  

29 Can actually be satisfied by The Servicer Information Sheet included in CH 3 (D.8-8. pg 174) in the Audit Guide. The school must include when submitting their audit to ED.  

30 TPS Data Form Must submit TPS Data Form to the Department and update any information within 10 days of the date that: The TPS changes its name; The TPS changes the address or contact information for its primary location or additional location; The TPS adds or terminates a contract with an eligible Title IV institution; or The servicer buys, sells or merges with another TPS.

31 What to Include In Contracts
Joint and several liability with institution for violation of Title IV requirements by TPS TPS compliance with all applicable statutory, regulatory and Title IV requirements Refer suspicion of fraudulent or criminal conduct to ED Inspector General BOTH institution and TPS liable for compliance Regardless of whether an entity is considered a third-party servicer for Title IV purposes, the institution has a fiduciary responsibility to ensure the policies, procedures, products, and systems that the servicer utilizes are compliant with applicable laws and regulations Should describe service levels and not just a general compliance warranty. Institutions must ensure that its contracts accurately and specifically detail the functions that the servicer (or its subcontractor(s), if applicable) performs on behalf of the institution, and those functions that are required to be completed by the institution. The contract must identify the third-party servicer by its legal name and include any other name the servicer does business as (d/b/a). The contract must provide the physical address and primary phone number of the servicer’s primary location, as well as the name, title, phone number, and address of the president or chief executive officer of the entity. If a third-party servicer subcontracts any of its contractual responsibilities, the contract must identify the subcontractor and clearly describe the functions performed on behalf of the servicer and institution by the subcontractor.

32 What to Include In Contracts
Confirm student eligibility and return Title IV funds when a student withdraws if the servicer disburses funds Return all unexpended Title IV funds upon termination or if TPS ceases to perform any functions prescribed under the contract

33 What to Include In Contracts
Compliance with FERPA Requirements – May disclose personally identifiable information In connection with financial aid that was requested or applied for If disclosure of the information is necessary for specific purposes FTC Safeguards Rule compliance The Family Educational Rights and Privacy Act (FERPA) (34 C.F.R. § 99.31(a)(4)) permits institutions to disclose personally identifiable information (PII) from an education record of a student to a third-party servicer without consent, if it is in connection with financial aid that was requested or applied for, if disclosure of the information is necessary for specific purposes. Institutions must ensure that its third-party servicers use PII only for the purpose(s) for which the PII was disclosed. For a third-party servicer, that purpose is the Title IV function the servicer contracted to perform on behalf of the institution. Servicers are prohibited from using PII for any other purpose.

34 What to Include In Contracts
TPS must remain compliant with FERPA recordation requirements For for each request or disclosure, record must: include the parties who have requested or received PII from the education records, and Party’s legitimate interests in requesting or obtaining the information If the institution discloses PII from education records with the understanding that further disclosures will be made, the educational institution’s record of disclosure must include the names and legitimate interests of the additional parties. Thus, if an institution discloses education records to a third-party servicer under this exception, it must be compliant with the recordation requirements under FERPA and, for each request or disclosure, the record maintained by the institution must: (1) include the parties who have requested or received PII from the education records, and (2) the legitimate interests the parties had in requesting or obtaining the information. If the institution discloses PII from education records with the understanding that further disclosures will be made, the educational institution’s record of disclosure must include the names and legitimate interests of the additional parties.

35 What to Include In Contracts
Clause stating that access to information in Department of Education systems can be only used for the Title IV services performed by the TPS Return all of Institutions records upon termination The data contained in Department systems, such as the National Student Loan Data System (NSLDS), the Common Origination and Disbursement (COD) System or the Central Processing System (CPS) are confidential and are protected by the Privacy Act of 1974, as amended, and other applicable statues and regulations. An institution must exercise caution in selecting third-party servicers, financial aid consulting services, financial aid management systems (software), and/or the electronic data storage systems it utilizes to assist in the administration of the Title IV programs. Regardless of whether an entity is considered a third-party servicer for Title IV purposes, the institution has a fiduciary responsibility to ensure the policies, procedures, products, and systems that the servicer utilizes are compliant with applicable laws and regulations. This includes the requirement that an institution be able to access all records (paper or electronic) created or maintained by a third-party servicer and make those records readily available to the Department for review. The institution must also implement appropriate safeguards to protect student records and ensure any information shared from education records is only used for the purpose(s) for which the information was disclosed. The institution will be held responsible for any liability incurred as a result of software deficiencies, incorrect consulting advice, lost or damaged records, and/or third-party servicer violations.

36 What to Include In Contracts
Immediate Termination by Institution Without Penalty if TPS: Limited by ED from administering the institution’s participation in Title IV; or Debarred, suspended, or voluntarily excluded government-wide from participation in covered transactions Institutions are strongly encouraged to include provisions in its contract with a third-party servicer to terminate the contract immediately, without penalty, if the institution is notified that the Department has imposed an emergency, limitation, suspension, or termination action with regard to a servicer’s ability to contract with the institution to administer any aspect of its participation in the Title IV, HEA programs or the servicer has been debarred, suspended, or voluntarily excluded government-wide from participation in covered transactions.     

37 OFFICE OF INSPECTOR GENERAL 2016
GUIDE FOR AUDITS OF PROPRIETARY SCHOOLS AND FOR COMPLIANCE ATTESTATION ENGAGEMENTS OF THIRD-PARTY SERVICERS ADMINISTERING TITLE IV PROGRAMS Section 487(c)(1)(C)(i) of the HEA requires an annual compliance attestation engagement of a servicer with regard to any contract the servicer may have with an eligible school, lender or guaranty agency for administering or servicing any aspect of the Title IV programs. According to 34 C.F.R. § , all servicers must have an audit (attestation engagement) of their administration of Title IV programs for participating schools, unless (1) the servicer contracts with only one participating school, and (2) the audit of that school’s participation involves every aspect of the servicer’s administration of the Title IV programs. The definition of a third-party servicer is at 34 C.F.R. § 668.2(b). All school servicer attestation engagements should be performed in accordance with Chapters 1 and 4 of this Guide. Services provided to lenders and guaranty agencies are markedly different from those offered to schools participating in the Title IV program. The servicer reports for lenders or guaranty agencies must be prepared in accordance with the Lender Servicer Financial Statement Audit and Compliance Attestation Guide for Lender Servicers that Service Federal Family Education Loan Program Loans (issued January 2011 by ED/OIG). U.S. DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 2016

38 School/Servicer Audit Guide
Chapter 1 – General Requirements Engagement periods, due dates, waivers Professional standards Required coverage Auditor qualifications Confidentiality Audit retention requirements Engagement letter

39 School/Servicer Audit Guide
TPS examination level engagement in accordance with AICPA’s Attestation Standards and GAGAS Management assertions: TPS was an eligible servicer Internal compliance controls Servicers must obtain an examination level engagement performed in accordance with the AICPA’s Attestation Standards and GAGAS. The servicer should provide its management’s assertions and representations in a letter to you. In their letter, servicer management should assert that it – • Was an eligible servicer, and • Has established systems of internal control to assure compliance with those services which it provides.

40 School/Servicer Audit Guide
Chapter 4 – School Servicer Compliance Attestation Engagements Systems and internal control Institutional eligibility Reporting Student eligibility Disbursements Report findings of noncompliance Follow up on resolution of prior findings of noncompliance Corrective action plan

41 Third-Party Audits/Audit Letters
TPS must submit a compliance audit or audit letter no later than six months after the last day of the TPS fiscal year If TPS provides services included in OIG audit guide, missing audits due no later than December 31, 2016 If TPS provides services not included in OIG audit guide, audit letter due for fiscal year beginning on or after 12/31/2016 FY end 12/31/2017, letter due to ED by 6/30/2018 ADT-Q2:  What is the deadline for a third-party servicer to submit its annual compliance audit? ADT-A2: A third-party servicer must submit its compliance audit or audit letter annually no later than six months after the last day of the servicer’s fiscal year. ADT-Q3: What is the deadline for a third-party servicer that has not submitted its annual compliance audit(s) for one or more years due to an incorrect assessment of whether the entity meets the regulatory definition of a third-party servicer and/or based on the omission of specific audit procedures in the OIG Audit Guide? ADT –A3: For third-party servicers that provide services or functions that are included in the Department of Education's Office of the Inspector General’s (OIG’s) current audit guide, the third-party servicer must submit its missing compliance audit(s) no later than December 31, The audit(s) submitted must include all unaudited periods for the three most recently completed fiscal years (except for close-out audits). Subsequent audits must be submitted annually no later than six months after the last day of the servicer’s fiscal year. Third-party servicers that provide services or functions that are not included in the OIG’s audit guide must submit an audit letter containing all of the items outlined in ADT–A1 above, no later than six months after the last day of the servicer’s fiscal year, that begins on or after December 31, 2016.  For example, if a third-party servicer’s fiscal year end is December 31, 2016, its audit letter must be submitted on or before June 30, Subsequent audit submissions must be submitted no later than six months after the last day of the servicer’s fiscal year end.

42 Implementation Tips Do not limit your consideration of TPS coverage to only those listed Re-review existing agreements under the new DCL The Department's broader interpretation of Servicer provider functions is provided in the context of its position that it will not base its determinations on an exclusive list of Servicer or non-Servicer functions Department will "look at each case individually" based on the functions and services being performed in each contractual relationship. Institutions that have previously determined they do not have third-party servicer arrangements should re-review each arrangement under the new DCL ADT-Q3: What is the deadline for a third-party servicer that has not submitted its annual compliance audit(s) for one or more years due to an incorrect assessment of whether the entity meets the regulatory definition of a third-party servicer and/or based on the omission of specific audit procedures in the OIG Audit Guide? ADT –A3: For third-party servicers that provide services or functions that are included in the Department of Education's Office of the Inspector General’s (OIG’s) current audit guide, the third-party servicer must submit its missing compliance audit(s) no later than December 31, 2016. The audit(s) submitted must include all unaudited periods for the three most recently completed fiscal years (except for close-out audits). Subsequent audits must be submitted annually no later than six months after the last day of the servicer’s fiscal year. Third-party servicers that provide services or functions that are not included in the OIG’s audit guide must submit an audit letter containing all of the items outlined in ADT–A1 above, no later than six months after the last day of the servicer’s fiscal year, that begins on or after December 31, 2016.  For example, if a third-party servicer’s fiscal year end is December 31, 2016, its audit letter must be submitted on or before June 30, Subsequent audit submissions must be submitted no later than six months after the last day of the servicer’s fiscal year end.

43 Implementation Tips Create a list of the entities or individuals providing Title IV-related services Examples in the DCL include TPS “preparing required consumer information disclosures” in connection with Security Reports, graduation and transfer rates, job placement rates and gainful employment disclosures ED should provide further clarity on what level of participation in the preparation of these reports triggers coverage

44 Parallels to Private Loan Servicing
Obligations attach upon transfer of/access to borrower data to a TPS Verification of controls Identify the categories of personal data you collect Limit access Gramm Leach Bliley privacy and security Shared compliance liability

45 Questions & Answers Rick Buckingham USA Funds Dino Tsibouris
Tsibouris & Associates (614) Wanda Hall Edfinancial Services (865)

Download ppt "NCHER Compliance Track Third‐Party Servicing Requirements"

Similar presentations

FERPA - Sharing Student Information

FERPA - Sharing Student Information
Protection of privacy for all Students!

Protection of privacy for all Students!
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
Version 6.0 Approved by HIPAA Implementation Team April 14, 2003 1 HIPAA Learning Module The following is an educational Powerpoint presentation on the.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
Byron Scott | Nov. 2012 U.S. Department of Education 2012 Fall Conference Foreign Schools Consumer Information Session 37.

Byron Scott | Nov U.S. Department of Education 2012 Fall Conference Foreign Schools Consumer Information Session 37.
The Department of Education & Third-Party Servicers: An Evolving Landscape Dennis Cariello DLA Piper, LLP (US) NCHER.

The Department of Education & Third-Party Servicers: An Evolving Landscape Dennis Cariello DLA Piper, LLP (US) NCHER.
U.S. Small Business Administration

U.S. Small Business Administration
COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.

COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.
Institutional Eligibility Issues Every Aid Administrator Should Know About Blain B. Butner Aaron D. Lacey Eastern Association of Student Financial Aid.

Institutional Eligibility Issues Every Aid Administrator Should Know About Blain B. Butner Aaron D. Lacey Eastern Association of Student Financial Aid.
Presented by: Heather Ward and Jason Cook Date: October 28, 2011 Presented by: > Proprietary and Confidential. For FAA Use Only. The Value of Private Loan.

Presented by: Heather Ward and Jason Cook Date: October 28, 2011 Presented by: > Proprietary and Confidential. For FAA Use Only. The Value of Private Loan.
Copyright 2010 NSLP Upcoming Federal Disclosures July, 2010.

Copyright 2010 NSLP Upcoming Federal Disclosures July, 2010.
Confidentiality and Public Information Act LISD Special Education Department Training SY 2012-2013.

Confidentiality and Public Information Act LISD Special Education Department Training SY
Cost Principles – 2 CFR Part 200 Subpart E U.S. Department of Education.

Cost Principles – 2 CFR Part 200 Subpart E U.S. Department of Education.
1 Supplemental Regulations to 34 CFR Part 300 Assistance to States for the Education of Children with Disabilities and Preschool Grants for Children with.

1 Supplemental Regulations to 34 CFR Part 300 Assistance to States for the Education of Children with Disabilities and Preschool Grants for Children with.
Unusual Enrollment History

Unusual Enrollment History
HOOVER CITY SCHOOLS In-Service Training: Annual Review of.

HOOVER CITY SCHOOLS In-Service Training: Annual Review of.
Health Insurance Portability and Accountability Act (HIPAA) CCAC.

Health Insurance Portability and Accountability Act (HIPAA) CCAC.

Similar presentations

Ads by Google