Here in Park City, at the annual mortgage ski trip, some of the banter is social, and some is focused on business. On the business side of things, one topic is the nearly 1 million people impacted by hackers attacking Figure Technology Solutions, a blockchain-focused fintech lender. U.S. financial institutions are increasing cybersecurity vigilance amid the escalating war with Iran, with industry leaders warning that geopolitical conflict often brings a rise in digital threats. Todd Klessman, managing director for financial services cyber and technology at SIFMA, said, "The industry remains vigilant and ready to respond to cyber threats at all times, and especially when global cybersecurity risks are heightened." While we’re on technology, the industry continues to wonder if there will be any limits on artificial intelligence (AI), and in an Insellerate webinar today at 10AM PT (1PM ET) they will discuss how top lenders are pre-positioning for refinances with AI and how to prepare for the next refi cycle without over hiring, overreacting, or missing the window. (Today’s podcast can be found here and this week’s ‘casts are sponsored by Feewise, which turns mortgage compliance from bottleneck to business accelerator. Handle all the complexities involved with establishing TRID compliant fees and disclosures, achieve sign off, and deliver packages to your consumers for review or signature. Hear an interview with Feewise’s Rob Withers on enhancing tech stacks through a disclosure manufacturing solution that works at the speed of sales.)

Products, Services, and Software for Brokers and Lenders

Less back-and-forth. More first-time-right verifications. Truework replaces manual verification waterfalls with a single automated platform, so underwriters, LOs, and ops can cut down the document chasing, conflicting numbers, and last-minute corrections. Lenders see up to 50 percent cost savings on verifications, with faster turn times, higher accuracy, and stronger R&W relief. Trusted by 4 of the top 5 lenders in the U.S., Truework gives your team verification results they can rely on. Learn more.

Significant process changes for Fannie Mae loans are on the horizon. To comply with regulations, servicers need to rethink their core processes and procedures ahead of new rules for escrow reporting in 2026, default reporting in 2027 and financial reporting in 2028. ICE has broken down these complex changes, highlighting what is new and outlining how servicers can prepare to help them adapt their operations and technology platforms for the new regulations. Based on close communication with government-sponsored enterprises and direct feedback from servicers, ICE is updating the MSP loan servicing system to specifically address changes in each area: escrow, default, and financial/remittance. Read the blog post for a deeper dive into the changes ahead of the first deadline later this year.

In a new case study, Tyler Anderson, Director of Secondary Marketing at First National Bank of Omaha (FNBO), describes how they transformed their hedge strategy and operational efficiency with MCT. By leveraging MCT’s solutions, FNBO modernized workflow, expanded execution mix, and reduced manual processes, driving a +25 BPS year-over-year profitability lift. With AOT automation, the bank unlocked more than $20K in annual savings, while competitive TBA trading delivered an additional $11K per year. Agency cash window integrations now save 2 to 3 hours per day on single cash commitments, and process automation through the Lock Desk saves 12 hours per month. As Tyler shares, “MCTlive! makes hedging conventional pipelines about as easy as it gets. It has allowed me to focus on strategy rather than the small details of entering prices into a system.” Read the full case study to discover how FNBO elevated execution, efficiency, and profitability with MCT.

Get lucky with Kwikie this Spring! Because speed + control = more green in your pipeline. This St. Patrick’s Day, skip the guesswork and go straight to the gold with Kwikie, the broker portal built to move at your speed. Kwik Pricer is “Price in a Flash.” No chasing rates. No waiting. Just fast, accurate pricing when you need it. Kwik Pipeline Access: Your Loans, On Demand. Real-time visibility. Full control. Manage your deals anytime, anywhere. Kwik Marketing: Content Ready When You Are. Customizable materials that keep your brand sharp and your borrowers engaged. Kwik Resources: Everything You Need, Right Now. Guidelines, tools, support - all in one place. No scavenger hunt required. This season, don’t rely on luck.

Rely on speed, simplicity, and total control. Log in, price fast, and let Kwikie help you strike gold. Log into Kwikie here! Not an approved partner? Let’s change that! Join the Kind movement here

The Chrisman Marketplace is a centralized hub for vendors and service providers across the mortgage industry to be viewed by lenders in a very cost-effective manner. We’re adding new providers daily, so check back often to see what’s new. To reserve your place or learn more, contact us at info@chrismancommentary.com.

Phishing, Data Breach, or Hacked?

Did you know that there is a Cybersecurity and Infrastructure Security Agency?

Mortgage banking, and banking in general, is where the money is, right? Literally. Being hacked is every company’s nightmare, and a review of the four largest recent mortgage-industry data breaches (at Bayview Asset Management / Lakeview, 2021), Flagstar Bank, 2021–2023, Mr. Cooper Group, 2023, and LoanDepot, 2024) shows that while more than 40 million consumer records were exposed, the financial fallout varied dramatically, totaling over $116 million in regulatory penalties and class-action settlements.

Bayview and Flagstar faced the heaviest relative consequences, with Bayview incurring $46 million in combined penalties and settlements amid findings of systemic IT weaknesses and slow regulatory cooperation, and Flagstar paying $35 million following multiple incidents and misleading disclosures. By contrast, Mr. Cooper and LoanDepot, despite affecting far more customers (14.7 million and 16.9 million, respectively), have so far faced significantly lower per-customer costs and limited regulatory enforcement.

The stark differences point to a clear pattern: post-breach response drives ultimate liability more than the breach itself. Rapid detection (within one day for Mr. Cooper and LoanDepot), swift SEC and regulator notification, transparent public disclosure, and proactive customer remediation, such as immediate credit monitoring, substantially reduced enforcement risk and reputational damage. Conversely, delayed detection, slow or inaccurate disclosures, and poor regulator cooperation sharply increased penalties, as seen with Bayview and Flagstar. The overarching lesson for mortgage firms is that while prevention remains critical, the speed, transparency, and credibility of the response ultimately determine the scale of legal and financial consequences.

Figure, on its part, reminded the industry that its incident was not a “breach” because the scope did not reach that threshold/designation. In the earnings call, the “recent security incident” was “… not a blockchain or protocol-related event. The incident involved a targeted phishing attack that affected our loan inquiry records and a limited number of customer accounts in our loan products. There was no compromise of our blockchain infrastructure or core transaction processing systems.

“The impacted information includes names, loan account numbers, addresses, and dates of birth, as well as Social Security Numbers for approximately 12,400 individuals. We began notifying individuals on February 24, 2026, and are offering appropriate support. We moved quickly to contain the incident, and implemented additional safeguards, including enhanced authentication controls, expanded employee training, and further monitoring, to reduce the likelihood of similar events in the future. We take information security extremely seriously, and we will continue investing in our controls and processes. At this time, the incident is not expected to have a material impact on our financial results.”

Brad Ketcher with Ignite Integration Solutions writes, “On the heels of Mexico being in the spotlight, hackers recently used Anthropic’s Claud to steal over 150GB of sensitive Mexican government data. This serves as an opportunity for lenders and financial institutions to evaluate their data centers and mirror what Ignite has created with triple-layer safeguards including: strict access controls, real-time export monitoring, anomaly detection in access logs, and encrypted data at rest and in transit. If your data matters, protect it with infrastructure designed for security-first automation.

“A hacker exploited Anthropic PBC's artificial intelligence chatbot to carry out a series of attacks against Mexican government agencies, resulting in the theft of sensitive tax and voter information. The hacker used the chatbot to find vulnerabilities in government networks, write computer scripts to exploit them, and determine ways to automate data theft, according to cybersecurity researchers at Gambit Security. The attack resulted in the theft of 150 gigabytes of Mexican government data, including documents related to taxpayer records, voter records, government employee credentials, and civil registry files. The hackers use Claud to repeatedly ping the Mexican government for vulnerabilities. In essence, they used Claud as the expert assistant to think better, faster, and deeper until they finally found the answer.

“Here in Long Island, Suffolk County was hacked where police records were unavailable for nearly a month and the tax recorder couldn’t take payments for nearly two months. This is just one county, one microcosm. The reach for hacking is infinite, which requires everyone to partner with the right resources to protect themselves else it’s just a matter of time.” Thank you, Brad!

Capital Markets

Gone are the days when a “flight to quality” involved buying U.S. securities. Futures traders are scaling back expectations for Federal Reserve interest rate cuts as the war with Iran raises concerns about inflation. The spread between December 2026 and December 2027 Secured Overnight Financing Rate contracts has dropped to a new low, reflecting fears that a spike in oil prices could drive inflation. Goldman Sachs CEO David Solomon said markets have reacted calmly so far to the escalating conflict involving Iran but warned it could take weeks for the full economic and financial impact to be reflected in asset prices. While oil has risen and equities have edged lower, he said broader fallout will depend on how the conflict evolves and whether it begins to weigh more heavily on growth and investor sentiment.

Escalating conflict in the Middle East has pushed energy prices sharply higher, which is dominating the macro narrative currently, yet the market response has been unusually counterintuitive. Treasury yields have risen primarily through higher real rates and the yield curve flattening rather than reflecting stronger inflation expectations. 10-year inflation expectations have stalled near 230-basis points while the front end of the curve has sold off sharply, with 2-year yields jumping roughly 23-basis points as markets scale back expectations for Fed easing to about 41-basis points of cuts by year-end (down from more than 60-basis points last week). This reaction is puzzling because energy-driven price spikes are more likely to act as a consumer tax (or drag) than generate sustained core inflation, suggesting limited reason for a more hawkish Fed. At the same time, persistent demand for longer-duration Treasuries has driven a continued flattening trend in the curve, now occurring in 13 of the last 15 sessions. Geopolitical uncertainty (and developments in oil prices), equity market weakness, and shifting policy expectations should be the primary drivers of near-term rate moves.

Affordability pressures in the residential housing market have eased somewhat as rate volatility has moderated, but housing costs remain elevated enough to keep the issue politically and economically salient, especially with mortgage rates not expected to decline materially from current levels. Home price appreciation is projected to reaccelerate modestly as supply constraints persist and home sales slowly improve from recent lows. On the supply side, limited existing inventory will continue to underpin prices, even as single-family construction activity cools from prior peaks. The multifamily sector appears to be transitioning back toward growth after a period of adjustment, while the home equity market is expected to remain robust as homeowners increasingly invest in existing properties rather than moving.

Government shutdowns don’t impact stats from private sources. Yesterday brought a strong ADP Employment Change report for February (+63k) and an impressive February ISM Services Index. This morning we saw the regularly scheduled data of Challenger job cuts for February. U.S.-based employers announced 48,307 job cuts, down 55 percent from the 108,435 job cuts in January and down 72 percent from the 172,017 cuts announced during the same month last year. Through February, employers announced 156,742 job cuts, the lowest January-to-February total since 2022, when 34,309 cuts were recorded in the first two months of the year. It is the fifth-highest January-February total since 2009.

In more labor news, Morgan Stanley is laying off 3 percent of its workforce. We also had weekly jobless claims (213k, as expected; 1.868 million continuing) and the previously delayed import and export prices for January (+.2 percent, about as expected), along with preliminary Q4 productivity (+2.8 percent) and unit labor costs. After some short-duration Treasury auctions, Freddie Mac will release its Primary Mortgage Market Survey, and markets will receive remarks from Fed Vice Chair for Supervision Bowman. We begin the day with Agency MBS prices worse than Wednesday’s close by about .125, the 2-year yielding 3.58, and the 10-year yielding 4.13 after closing yesterday at 4.08 percent.