Credit Signal Methodology

1. Executive summary

LO Radar surfaces credit-improvement flags as one of seven trigger categories in its past-client intelligence layer. This document explains exactly what data feeds those flags, why our approach falls outside the definition of a consumer reporting agency under the Fair Credit Reporting Act (FCRA), and how the originating loan officer's existing permissible-purpose framework remains the system of record for any actual credit-related decision.

Three claims are operationally true and architecturally enforced:

1. LO Radar does not pull credit reports. We do not have, and do not seek, a contractual relationship with Experian, Equifax, TransUnion, or any other consumer reporting agency as a reseller or downstream provider of consumer reports.
2. Credit-improvement flags are derived exclusively from non-FCRA-regulated soft-pull aggregations and borrower-volunteered updates. Soft-pull data, by definition, does not affect a consumer's credit score, is not visible to other lenders, and is collected under a permissible purpose held by an upstream vendor whose data product is structured as marketing-eligibility data — not a consumer report.
3. Any decision a loan officer makes based on a LO Radar credit-improvement flag is followed by a permissible-purpose credit pull through the LO's existing originator workflow. LO Radar surfaces the signal; the LO's lending institution pulls the file under its own FCRA compliance.

2. Why this is the right design

The mortgage industry's relationship with credit data has historically taken two shapes:

(a) Direct pull, full report. A lender with a permissible purpose under FCRA §604(a)(3)(A) — typically the "review or collection of an account" or "extension of credit" basis — pulls a full tri-merge consumer report. This is the model for any actual underwriting decision.

(b) Third-party trigger lead. A lender or marketing vendor receives notifications from the credit bureaus when a consumer's credit file is "triggered" — typically by an inquiry from another lender. This historically powered the mortgage trigger-lead industry until the Homebuyers Privacy Protection Act (HPPA) restricted it in March 2026.

LO Radar does neither. Credit-improvement flags occupy a third category: aggregated soft-pull signal data, derived from sources that do not constitute a consumer report under FCRA, used exclusively to identify candidates for further outreach by the originating LO.

This is the right design for three reasons:

• It works post-HPPA. The HPPA restrictions on third-party trigger leads do not apply to data sources that aren't consumer-report-triggered inquiries. The data sources we use were never structured as trigger leads.
• It keeps us out of FCRA-regulated activity. We are not a consumer reporting agency, we do not assemble consumer reports, and we do not regularly engage in the practice of assembling or evaluating consumer credit information for the purpose of furnishing consumer reports to third parties (FCRA §603(f)). The signal we produce is not a consumer report.
• It keeps the LO cleanly in charge of the actual credit decision. When an LO acts on a credit-improvement flag — initiating a refinance conversation, pulling a credit file for underwriting — they do so under their lender's existing FCRA framework. LO Radar's role is upstream of any credit decision and downstream of any FCRA-regulated data movement.

3. What feeds the credit-improvement flag

Three input sources, in priority order:

3.1 Soft-pull aggregator data

We license aggregated, anonymized soft-pull data from vendors whose product is structured for marketing-eligibility use (not for consumer credit decisions). The vendor's contractual permissible purpose under FCRA — typically FCRA §604(c)(1)(B), the prescreened-firm-offer-of-credit basis with consumer opt-out registry checks — covers the underlying data collection. The vendor produces aggregated score-tier-change signals (e.g., "this matched contact moved from 680-700 to 720-740 tier in the last 90 days") without surfacing the underlying tradelines, balances, or specific events that drove the change.

LO Radar's contractual relationship with the soft-pull vendor explicitly prohibits us from re-selling, re-aggregating, or providing the signal data to third parties. The signal feeds the LO's per-borrower flag and is never exposed in aggregate to anyone outside the originating LO's account.

3.2 Borrower-volunteered updates

Past borrowers may volunteer credit updates in conversations with the LO — for example, "I just paid off the truck" or "my Experian shot up to 760 last month." When the LO records this in the LO Radar contact notes, the system extracts the score-change context and surfaces a credit-improvement flag without needing any external data source. Volunteered updates are tagged as such and do not enter our soft-pull data pipeline.

3.3 Public-records signal

Certain public records correlate with likely credit improvement and are surfaced as low-confidence pre-flag signal. Examples: bankruptcy discharge entering its 4-year-old window (Chapter 13) or 7-year-old window (Chapter 7), public-records tax-lien releases, judgment satisfactions. These are not credit-bureau data and not FCRA-regulated. They appear as "investigate" prompts rather than as confirmed flags.

4. What never feeds the credit-improvement flag

The following data types are explicitly excluded and architecturally rejected at the ingestion layer:

• Full credit reports (tri-merge or single-bureau). We do not accept these as inputs, and the CSV importer rejects rows containing FICO scores embedded as numeric fields with a credit-bureau provenance.
• Hard inquiry data. Inquiry-trigger data is the asset class HPPA restricted; we do not source from it and our pipeline does not have a path to ingest it.
• Social Security Numbers, government IDs. Not collected, not stored. Importer rejects.
• Bank account numbers, balances. Not collected, not stored.
• Adverse-action data. If an upstream vendor exposes an adverse-action-style attribute, we strip it before the signal reaches the LO.

5. The "we surface, you pull" boundary

LO Radar surfaces a credit-improvement flag as a decision-support signal. When an LO acts on the flag, the actual credit pull — the moment that requires FCRA permissible purpose and consumer authorization — happens through the LO's existing originator workflow at their lending institution. The LO Radar interface never shows a FICO score, never quotes a specific tradeline, and never surfaces any data element that would constitute a "consumer report" under FCRA §603(d).

This boundary is enforced architecturally:

• The credit-improvement flag presents as a tier-band signal (e.g., "Moved up one or more credit tiers in the last 90 days"), not as a numeric score.
• The outreach draft generated for a credit-improvement flag is rate-and-product-scenario-based, never tied to a specific approved rate.
• The LO must initiate the actual loan application and credit pull through their lender's normal originator workflow — LO Radar has no integration into pricing engines or AUS systems that would produce a credit-conditioned quote.

6. Why this matters for HPPA

The Homebuyers Privacy Protection Act, effective March 4, 2026, restricted third-party access to consumer mortgage inquiry data from the credit bureaus. The intent of the rule was to end the third-party trigger-lead industry — companies whose business model was monetizing the inquiry-trigger data of consumers who had not affirmatively engaged with them.

LO Radar is structurally aligned with the HPPA intent. We are not a third-party intermediary repackaging credit-bureau inquiry data. We operate on past-client data the LO already legally possesses as the originator, augmented by soft-pull aggregator data that exists outside the inquiry-trigger system the HPPA addressed. The credit-improvement flag specifically does not depend on inquiry data of any kind — it depends on tier-band movement signals from a marketing-eligibility data source.

We expect the HPPA's downstream effects (additional state-level legislation, CFPB guidance, FTC enforcement) to continue shaping the mortgage-data landscape over the next 12-24 months. LO Radar's data architecture was designed in 2026 with the post-HPPA regulatory direction explicitly in scope.

7. Audit + verification

Every credit-improvement flag generated for any LO is logged with:

• The signal source (soft-pull aggregator, borrower-volunteered, or public-record)
• The date the underlying signal was received
• The signal's confidence band (high / medium / low)
• The downstream draft the flag fed into (if any)
• The LO who viewed it and when

Enterprise customers receive a quarterly aggregated audit report. Bank and credit-union mortgage divisions can request access logs at any time. The full per-flag audit detail is available to the LO Radar account owner via Settings → Audit → Credit Signals.

For compliance officers conducting a vendor review: we will provide, under NDA, the specific soft-pull vendor name, the contractual permissible-purpose basis, the data dictionary, and the architectural separation between the soft-pull signal pipeline and any other LO Radar data flow. Request via your account manager or hello@techstackllc.info.

8. What we will not represent

We will not represent that LO Radar:

• Constitutes a "consumer report" within the meaning of FCRA §603(d)
• Is a permissible substitute for an FCRA-compliant credit pull when underwriting a loan
• Eliminates the need for the LO's lender to maintain its own FCRA, ECOA, and adverse-action compliance frameworks
• Provides credit-decision-grade accuracy on any individual borrower's current credit profile

We are a decision-support layer. The decision — and the FCRA-regulated activity surrounding it — remains the LO's and their institution's responsibility.

9. Document control

This whitepaper is the canonical methodology document for LO Radar's credit-improvement signal. Material changes (data sources, architectural boundaries, permissible-purpose representations) are versioned and the prior version is preserved in the document history. Compliance officers reviewing this document for vendor approval should reference Version 1.0, published 2026-06-13. Subsequent versions will note the specific change and the effective date.

Questions, document requests, or vendor-review correspondence: hello@techstackllc.info.