When last we discussed this issue, we looked at technology — specifically, the internet, smartphones, and social media — as the prime drivers of compliance awareness for dealers as well as agents (“When Compliance Met Technology,” Agent Entrepreneur, March/April 2018, Page 28). This time, we will examine the topic from the other direction: How can technology help accomplish compliance?
To answer this question, it is helpful to think of technologies within the dealership environment as being intrinsic to dealership operations or extrinsic. Intrinsic technologies are part of what dealerships do every day as a matter of course. Think the dealership management system for tracking inventory, financial, and transaction functions.
Extrinsic technologies are those that dealers employ to achieve specific ends that are not strictly essential to your business. For example, take EasyCare’s SAVY program. Its dealer-facing suite tracks the location of inventory, monitors the fuel and battery level of each vehicle on the lot, and detects if any vehicle has been driven outside of a predefined geographic area. Such tools are useful and desirable, but not strictly necessary to the sale or repair of motor vehicles.
It is possible for an extrinsic technology to become intrinsic. Consider financing portals, such as Dealertrack and RouteOne. It is still possible to use fax machines to transmit credit applications one at a time to individual finance sources, but who wants that level of inefficiency? While once a cutting-edge novelty, such portals are now in use at virtually every dealership. They have migrated upstream, from extrinsic to intrinsic technology. So too have online credit report pulls.
Intrinsic Compliance Technologies
At the core of dealership operations is your DMS. It can track everything from employee timekeeping to your parts inventory. So why not compliance? Good question.
A DMS already can calculate APR and the arithmetic necessary to fill in the TILA box and populate the various lines on a RISC. The problem is that fraud, if it exists, has usually already taken place before its results are recorded — accurately — in the deal paperwork.
But what if the payment elements embodied in the first pencil quote were tied to the actual average APR for financed deals at the dealership over, say, the past six months? That data is available in the DMS right now. It just isn’t being used for this level of compliance oversight. But it could be. So, too, could the DMS detect if quotes presented after a credit report has been pulled reflect the actual APR the customer actually qualifies for.
The deal parameters from the final pencil could be accurately tracked to the top of the menu, the prices of F&I products and their impact on monthly payments accurately reflected, and the final impact of F&I products selected documented at the end of the menu presentation.
All that data does, or could, exist within the DMS. Making the various elements talk to one another to ensure transparency, accuracy, and documentation is either a current feature or a possible evolutionary step. The DMS, brain of the dealership that it is, can be brought to bear to detect and prevent fraud. It is only a matter of time before it is required to do so.
Credit reporting agencies (CRAs) aren’t a technology per se, but their functionalities and online access to them certainly are. One item of great current interest is the confirmation of the Military Lending Act’s “covered borrower” status. Whether one thinks GAP may be legally sold to covered borrowers or not, if GAP is financed at all to anyone, a process must be in place to determine if the GAP customer is a covered borrower.
One way to do it is “by hand,” typing in the GAP customer’s name, date of birth, and SSN at the MLA's website. But another way is to click the "MLA" option when pulling a credit report online through one of the major CRAs. For the cost of a quarter or so, a report showing the covered borrower status of the customer can be determined easily and quickly.
Another compliance function CRAs provide is Office of Foreign Asset Control, or OFAC, checks. It is mandatory to confirm no dealership customer (finance, lease, and yes, even cash) is on OFAC’s “specially designated nations” list. Doing this by hand is a pain in the neck; adding it to the credit pull is a breeze.
CRAs are also in a better position to detect red flags than the dealership, at least with respect to the contents of a credit file, so using them to highlight those red flags and rate their significance is a no-brainer. It can be a consistent, inexpensive tool in support of a dealership’s Red Flags Rule compliance program.
Extrinsic Technologies and Compliance
Then there are those technologies that aren’t core to dealership operations — yet. Take DealershipSafeguardSolutions, who provides a platform to assure a consistent, compliant and paperless process from meet-and-greet to the TO to F&I. The platform embodies business rules to stop a dealership employee from doing the wrong thing. It requires the appropriate documents and steps be processed and monitored while the sale is taking place. In the event of a misstep, it notifies the user and prompts a correction before the sale can proceed. This gives dealers a proactive approach to driving compliance, rather than reactive.
MaximTrak provides compliance tools that help automate processes that once required manual steps, if they were done at all. ComplianceTrak helps dealers with an all-inclusive process for submitting OFAC and Red Flags verification, Risk-Based Pricing, and adverse action disclosures so dealers can be sure those mandatory steps occur every time — and their occurrence is documented.
Dealertrack has developed a suite of tools that promote compliance in the F&I office. To support implementation of the Safeguards Rule, Dealertrack offers electronic deal jackets that store all the sensitive nonpublic personal information that has historically been stored in paper files. In addition, they make providing Risk-Based Pricing and adverse action notices an easy part of the financing process.
700Credit has created a software program that runs alongside a dealership’s DMS or CRM. Called the Compliance Dashboard, it can track Red Flag alert status, OFAC checks, adverse action notices and Risk-Based Pricing notices.
eCredit Express has the distinction of earning a U.S. patent for its software platform, which is shot through with compliance technologies. The eCredit Express Platform takes the customer’s credit application, documents and gives the customer the mandated privacy notice, performs a debt-to-income ratio, evaluates the correct collateral that will be sent to the finance source, selects the best credit tiers available from those finance sources, lets the dealer pick the most advantageous term, displays dealer specific back-end products and allows creation of a customer-specific F&I menu.
eCredit’s platform also auto-fills all state, dealer, and finance source-specific forms to eliminate the possibility of human error in loading that data. By automating the initial evaluation steps and selection of appropriate APR, this process eliminates both allegations of discrimination and the starting point for potential payment packing.
Several laws, including Red Flags, Safeguards, and the MLA, require training with respect to their terms and the policies that implement them. Common sense dictates that all dealership personnel receive effective training on the legal requirements of their specific job descriptions. In-person training is costly and often inconvenient. So naturally, there is a technology solution.
That solution is called a learning management system, or LMS. An LMS is a web-based software platform that deploys instruction electronically, at the end user’s convenience. Systems tailored for dealerships, and the training content it delivers, are available from my company and others, including Compli and KPA.
Finally, there is even technology to keep an eye on technology — specifically, your computer infrastructure. Data breaches, malware attacks, and computer viruses can afflict dealerships as easily as they afflict the likes of Equifax. Companies like CyberSequr provide solutions that establish perimeter security controls to protect external connections to the internet such as adequate firewall management and other, more advanced, tools like intrusion detection systems, unified threat management, and defined patch-management strategies to ensure new vulnerabilities don’t crop up among your computers over time.
This brief survey of the variety of extrinsic compliance technologies is not meant to be exhaustive, and it isn’t. But it should serve to demonstrate that the problems of manmade noncompliance can in large measure be prevented or corrected by currently-available technology solutions. All that is lacking is dealers’ will. We’ll know that will has been manifested when these extrinsic compliance technologies become intrinsic, and casual fraud has gone the way of fax machines.
James S. Ganther Esq. is the co-founder and CEO of Mosaic Compliance Services. He is a dealer compliance expert and a prolific writer and speaker. Email him at [email protected].