Uncovering the hidden danger of inaccurate data
Even the most diligent compliance teams can make reporting errors — issues that often remain undetected until a regulatory exam or public disclosure. These aren’t just technical or operational missteps. They reflect data integrity gaps that can erode public trust and compromise fair lending outcomes.
A few high-risk fields have been linked to HMDA and CRA violations from 2020 through 2024. Knowing where these errors lie — and how to fix them — is the first step to minimizing risk and strengthening your compliance.
-
HMDA: Application date – Misalignment with regulatory definitions
The application may seem straightforward, but examiners have flagged inconsistencies in this field over the past five years. The report must reflect when an application was received, not when it was keyed into the system or when final action was taken.
Errors often occur due to unclear policies, missing timestamps for online submissions, or incorrect reporting of purchased loans.
Best practice: Train staff to recognize when an application is considered “received” under Regulation C and require verifiable documentation to support the reported date.
-
HMDA: Preapprovals – Incorrectly reporting prequalifications
HMDA only requires reporting for preapprovals, not prequalifications. When these two terms are conflated, it results in invalid data and regulatory scrutiny.
Confusion arises when policies don’t define the difference between the two, which may result in staff inconsistently applying their own definitions across teams and systems.
Best practice: Configure loan origination systems (LOS) to validate and track preapprovals separately from prequalifications, supported by clear policy definitions and regular file reviews.
-
HMDA: Universal loan identifier (ULI) – Includes personal information
While the universal loan identifier (ULI) uniquely identifies each loan or application, it should follow a strict format to protect applicant privacy. Violations occur when institutions include personally identifiable information (PII), such as a borrower’s name or birth year.
There must be procedures or controls to prevent staff from manually entering information that could be used to directly identify the borrower.
Best practice: Use the CFPB’s Check Digit Tool or integrate automation to generate and validate ULIs and follow the required structure that begins with your Legal Entity Identifier (LEI).
-
HMDA: Loan purpose – Misclassification of multi-purpose loans
Loan purpose must be reported accurately to support fair-lending analysis and regulatory reporting, but errors occur when institutions misclassify these on the Loan/Application Register (LAR). For example, lenders may mark a loan as “home improvement” when it’s a mix of refinance and home improvement.
These violations often stem from manual entry mistakes, weak secondary reviews, or unclear internal definitions, particularly around cash-out refinances.
Best practice: For multi-purpose loans, follow Regulation C guidance by prioritizing refinance or cash-out refinance over home improvement unless the loan is also a home purchase.
-
HMDA: Action taken – Confusing “withdrawn” for “file closed”
The action taken on a loan application determines how it is evaluated for fair-lending compliance. Accurately reporting this requires a precise understanding of borrower behavior and documentation.
Manual entry errors, incomplete borrower communications, and inconsistent reviews often result in misreporting. For instance, some lenders reported loans as “approved but not accepted” when they were denied, or “withdrawn” when an application should have been closed for incompleteness.
Best practice: Record borrower communications and application activity thoroughly to support the reported action and reduce the risk of misclassification.
-
HMDA: Gross annual income – Incorrect figures or missing data
HMDA requires reporting only the income relied on for the credit decision. Misreporting occurs when institutions rely on initial, self-reported figures rather than the final income.
Common issues include reporting employee income instead of “NA,” failing to update preliminary figures after underwriting, or including income types that should be excluded under Regulation C.
Best practice: Train staff to report only the final income used in underwriting decisions and implement quality control checks to catch discrepancies before submission.
-
HMDA: Co-applicant demographic information – Errors, especially with multiple co-applicants
Institutions often misreport co-applicant demographics such as ethnicity, race, sex, or age, especially when there are multiple co-applicants. In these cases, only the first co-applicant’s information should be reported.
These errors stem from unclear policies and insufficient training on demographic collection methods across different application channels.
Best practice: Report demographic data only for the first co-applicant and clearly document procedures for how this data is collected and verified.
-
HMDA and CRA: Census tract information – Physical location vs. mailing address
For HMDA, census tract codes must reflect a property’s physical location, not a mailing address or placeholder code. Under CRA, census tract reporting must reflect the location of the business facility, farm, or where loan proceeds will be applied, not the business owner’s residential address.
Errors typically arise from poor system mapping, inadequate staff training, and a lack of secondary review processes.
Best practices: Verify census tract data with reliable tools such as the FFIEC geocoding site. Regularly test automated systems and establish secondary reviews to catch and correct location errors before submission.
-
CRA: Small business loan amount – Using incorrect figures
This field must reflect the original loan amount, not renewed balances or available credit.
Inaccuracies occur when systems pull data from incorrect fields or when reporting requirements are misunderstood, resulting in understated lending activity and compliance risk.
Best practice: Establish precise data mapping and system controls, provide staff training on CRA reporting rules, and centralize documentation to ensure consistent reporting.
-
CRA: Gross annual revenue – Misapplied codes
CRA evaluations assess how well institutions serve small businesses, which are defined in part by annual revenue size.
Institutions often leave this field blank or use incorrect codes due to staff uncertainty, unclear guidance, or system defaults that override proper data entry.
Best practice: Include revenue indicator accuracy in compliance reviews and audits, and configure systems to prompt for required revenue data or proper use of “NA.”
Compliance best practices across all data fields
Addressing individual violations is only part of the solution. While each field has its own pitfalls, a strong, proactive data integrity framework can help institutions improve compliance outcomes and reduce systemic risk.
Clarify internal definitions: Align your institution’s interpretation of key HMDA and CRA terms to match regulatory expectations, and document them thoroughly.
Strengthen training programs: Provide consistent education and onboarding to ensure that staff apply definitions consistently across all loan types and channels.
Audit high-risk data fields regularly: Focus on fields most prone to violations, such as application date, loan purpose, and action taken, to ensure data accuracy.
Document and update procedures: Standardize best practices and keep them current with evolving regulatory guidance.
Establish cross-functional review cadence: Bring compliance, operations, and lending teams together regularly to review and track data trends and blind spots.
Leverage automation for validation: Use technology to identify inconsistencies, reduce manual errors, create a defensible audit trail, and improve scalability of compliance reviews.
Close the gaps with smarter, expert-backed solutions
Small details can have a significant impact on HMDA and CRA data – and how your institution will be evaluated for equitable lending. By addressing these root causes and strengthening your data governance strategy, your institution can reduce violations, protect its reputation, and prepare for evolving HMDA, CRA, and Section 1071 requirements.
Our Data Integrity Advisory Services provide expert-driven, purpose-built solutions to simplify data processes, improve accuracy, and minimize regulatory risk — empowering your institution to move from reactive fixes to proactive compliance readiness.
