Why does LO Radar need employer authorization?

Past-client data held by a loan officer typically remains the property of the employing lender (or the lender that originated the loan, if the LO has moved). The Gramm-Leach-Bliley Act treats this data as non-public personal information subject to safeguarding by the institution. Employer Authorization gives the lender's compliance team a documented, audit-trail-backed sign-off that LO Radar is an approved data processor — closing the GLBA data-ownership question that vendor-management reviews open with.

What does the employer actually sign?

A standard Data Processing Agreement (DPA) addendum tailored for mortgage past-client intelligence. It specifies: (1) the categories of data LO Radar processes (no SSN, credit reports, government IDs, or bank account numbers), (2) the processing purposes (refinance / ARM / anniversary / equity / credit-improvement signal generation and outreach drafting), (3) data residency (US only), (4) security controls (encryption at rest + transit, least-privilege access, audit logging), (5) sub-processor disclosure, and (6) breach notification timelines. The DPA template is built around the standard SaaS DPA structure used in financial services.

What if the employer's compliance team wants edits to the DPA?

We accept reasonable edits via DocuSign redline. Common edits we've accepted in past engagements include: specific data-residency commitments, deeper SOC 2 evidence requirements, customized breach-notification windows, and lender-specific audit cadence. Edits that materially expand our liability or require capabilities we don't have (e.g., on-premises deployment) we will discuss directly.

What does authorization status look like inside the LO Radar app?

Every page of every LO's LO Radar interface carries an 'Authorized by [Employer Name] since [Date]' status indicator at the top. The full authorization audit trail — DPA version, signature date, signer name, signer email, signer title — lives in Settings → Compliance → Employer Authorizations. Revocations are equally visible and immediately gate further processing.

Can an LO have authorizations from multiple employers?

Yes. The common case is an LO who originated loans at Lender A (now departed), currently works at Lender B, and has past-client data legitimately accumulated from both engagements. Both employers can authorize LO Radar; the system tracks consent_entity per contact (see Consent Management) so outreach to each past borrower references the correct authorizing entity.

Can an employer revoke authorization?

Yes, at any time, by emailing notice of revocation. We process revocations within 24 hours: outreach drafting for contacts tied to the revoking employer is gated, the LO sees a 'Revoked by [Employer]' status on relevant contacts, and the LO must obtain alternative consent (employer re-authorization or direct borrower re-consent) before further outreach. Past audit records are preserved.

Security / Compliance Module

Available

Employer Authorization Module

How the lender's compliance team signs off on LO Radar as an approved data processor — without leaving the LO waiting weeks for procurement review.

The problem this solves

When a loan officer brings LO Radar into a regulated lender, the first compliance question is always the same: "You're processing our past-client data — what authorizes that?" The Gramm-Leach-Bliley Act treats past-client mortgage data as non-public personal information that the originating institution is responsible for safeguarding. Even when the data physically lives in the LO's own systems (their email, their notes app, the CSV they exported from the LOS), the lender remains the GLBA-responsible entity.

Without a documented authorization framework, every LO Radar deployment at a regulated lender becomes a one-off vendor-management exercise that can take weeks. With Employer Authorization, it's a single DPA signature followed by a real-time status indicator the compliance team can audit at any time.

How the workflow runs

The LO initiates authorization. From inside LO Radar (Settings → Compliance → Connect Employer), the LO enters their employing lender's name and the email address of their compliance contact. LO Radar sends a branded authorization invitation to the compliance contact.
The compliance officer reviews the DPA. The invitation lands as an email from compliance@loradar.com with a secure unique link. The DPA is presented in a clean readable format with the standard sections (data categories, processing purposes, residency, security controls, sub-processors, breach notification). Redline edits are supported via DocuSign integration on the Enterprise tier; smaller deployments use a click-through accept flow.
The compliance officer signs. Electronic signature is captured with timestamp, IP address, and signer attestation. The authorization becomes effective immediately on signature.
The LO's interface updates. A persistent header bar on every LO Radar page now reads "Authorized by [Employer Name] since [Date]". The LO can see the same audit trail the compliance officer has access to.
The compliance officer retains visibility. The compliance officer receives a quarterly summary email and can access the Branch Compliance Dashboard at any time to see every outreach draft generated by every authorized LO under their authorization.

What the DPA covers

The DPA template is structured around the standard SaaS Data Processing Agreement framework used in financial services, with mortgage-vertical specifics:

Data categories processed — borrower name, contact info, loan terms (rate, balance, term, ARM type, reset date, property address), loan history. Explicitly excluded: SSN, government IDs, full credit reports, bank account numbers.
Processing purposes — refinance opportunity analysis, ARM reset workflow, anniversary triggers, HELOC and cash-out signal detection, credit-improvement signal surfacing, outreach draft generation, attribution reporting. No purpose beyond what the LO opts into.
Sub-processors — Hostinger (US hosting), Supabase / AWS (US database), Stripe (billing only — no past-client data), Resend (transactional email to the LO — no past-client outreach passes through us).
Security controls — AES-256 encryption at rest, TLS 1.2+ in transit, SSO with mandatory 2FA on internal access, least-privilege role-based access, per-record access logging.
Data residency — United States only. No EEA, UK, or APAC sub-processing.
Breach notification — 72-hour notification standard; configurable down to 24 hours on Enterprise tier.
Sub-processor change notice — 30 days advance notice for any material sub-processor change.
Audit rights — annual SOC 2 evidence (or equivalent control documentation) on request; lender-led audit rights with reasonable notice.
Term and termination — coterminous with the LO's LO Radar subscription; revocable by the employer at any time with 24-hour effect.
Liability — capped at 12 months of subscription fees; standard exceptions for confidentiality, IP, and gross negligence carved out.

Multi-employer support

The common case for a mid-career LO is past-client data legitimately accumulated across multiple employers. Three scenarios are explicitly supported:

(a) Single current employer, no historical. The LO works at Lender A today. Past-client data is from loans the LO originated at Lender A only. One authorization, one DPA.

(b) Current employer + prior employer(s) with historical data. The LO works at Lender B today but legitimately retained contact-level past-client information from their time at Lender A (and possibly Lender C before that). All three employers' authorizations are captured separately; each past-client contact is tagged with its consent_entity. Outreach to a contact references the correct authorizing entity. If a prior employer revokes (uncommon but possible), the contacts under that authorization are gated.

(c) Branch / lender holds the authorization on behalf of its LO bench. For enterprise deployments where the branch is the paying tenant, the branch's compliance officer signs one authorization that covers all current and future LO employees. New LOs joining the branch inherit the authorization automatically.

Audit trail

Every authorization, every signature event, every status change, and every revocation is permanently recorded in the LO Radar audit log. The audit log captures:

Authorization event (issued / signed / revoked / re-authorized)
DPA version at time of event
Signer identity (name, email, title, IP, timestamp)
Employer organization details (name, NMLS company ID if provided, address)
Scope of authorization (LO accounts covered)
Subsequent processing summary (count of contacts, count of drafts generated under this authorization, last activity)

The audit log is exportable to CSV by the LO at any time, and is provided as a quarterly summary to the authorizing compliance officer automatically. For lender audits, we will provide the full audit log in a format suitable for the lender's audit-trail repository on request.

What happens if the LO never gets authorization

LO Radar continues to operate. Drafts are generated. Calls are surfaced. The LO sees a soft banner in the interface indicating "Employer authorization not yet on file — recommended for compliance posture." The functional posture is identical, but compliance officers reviewing the system will see the LO has not yet captured the employer sign-off. For independent LOs without a single employer (most common: 1099 mortgage brokers), the system supports an "Independent LO" attestation in lieu of employer authorization.

For LOs at a regulated lender who do not have authorization on file, certain Enterprise-tier features (Branch Compliance Dashboard, advanced audit exports, RESPA opinion letter distribution) remain locked until authorization is captured.

For compliance officers reviewing this document

If you are a compliance officer evaluating LO Radar for vendor approval, the documents most relevant to your review are:

This page (Employer Authorization framework)
Privacy Policy (data handling, retention, third-party processors, user rights)
Terms of Service (commercial framework, data ownership, drafts-never-sent principle, liability)
Security & Compliance overview (regulatory pillars, technical summary)
Credit Signal Methodology Whitepaper (FCRA posture)
Consent Management (TCPA posture)
State Disclosure Engine (state advertising compliance)

For documents typically requested under NDA — DPA template, SOC 2 evidence, breach notification procedures, sub-processor list with executed DPAs, the in-progress RESPA opinion engagement scope — please email hello@techstackllc.info with your NDA template or ours.

Ready to authorize LO Radar for your branch?

Book an enterprise call