Let me start by saying that the overuse of tired clichés is one of my pet peeves. I detest them in sportscasts, and I’ve grown a little tired of those clichéd lists magazines put out each year with predictions for the coming year. So, I apologize upfront for the list I’m about to share with you now.

Just so I can live with myself, I’m calling my compilation a checklist. I’ll cover the top compliance concerns for 2013 and offer solutions or process improvements you can implement at your store. So, let’s get to it.

1. Identity-Theft Deterrence
Identity theft is a crime that’s easy to perpetrate but difficult to prosecute. That’s probably why the crime remains one of the top complaints received annually by the Federal Trade Commission (FTC), impacting nearly one in four people.

The Federales have even deputized dealers to help in its fight against identity theft and armed them with laws such as the Privacy, Safeguards and Red Flags rules. And the requirements these rules put in place can be voluminous for any dealer. My gut feeling is that regulators will turn up the heat this year on businesses they require to detect and prevent identity theft. So, here are some common, ongoing violations you should review and address immediately:

  • If you are still using the five-paragraph, half-page privacy notice, you are outdated and out of compliance. So make sure you have the 2009 version provided by the Securities and Exchange Commission (SEC).
  • Confirm you have a written Safeguards policy, and that all new employees are trained on it. Also document results of periodic Safeguards audits, as well as any corrective actions taken to ensure compliance.
  • Confirm you have a policy for the Red Flags Rule. You also must have a written report produced annually on the sufficiency of your Red Flags policy. It should be addressed to the owner or your operation’s board of directors.

2. Deceptive Acts and Practices
Times are improving in our industry, which means more work and potentially harried employees. That means corners will be cut in the sales and F&I process. It may also mean that some of those old-schoolers will revert to their old-school ways, or what we now refer to as “felonies.”

Class action lawyers love the Deceptive Trade Practices Acts because the language describing what’s required or prohibited is vague. That allows the Dark Side to translate these acts to fit the case they are bringing against you. These fraud statutes also allow for a longer statute of limitation, which allows the Dark Side to build the size of the class. And damages can be multiplied under fraud statutes if you are found guilty.

I’ve noticed an uptick in the number of lawsuits alleging deception, and I believe the trend will continue. So, here are some items to review or implement to help deflect charges of deceptive practices:

  • If you quote payments in the sales process, have a solid desking process that includes a consistently applied first-pencil APR to avoid claims of payment packing and discriminatory pricing. If you still buy cases of Sharpies, consider investing in an electronic desking tool. Just make sure the settings don’t include a “leg” in the payment quote.
  • Menus are not required by statute in most states, but you should consider the use of these tools as a best practice. So, throw out those Sharpies and any homemade Excel menus and invest in a web-based system that discloses the base payment terms and the final agreed-upon terms.
  • Establish pricing guidelines for unregulated F&I products. I’m not necessarily suggesting that you go with a one-price strategy; I’m merely recommending that you establish maximum pricing for the F&I products you sell.

3. Bank Fraud
Within the last five years, the Federales got a taste of how bank fraud can potentially damage the economic ecosystem, and they didn’t like it. That’s why federally insured institutions are required to file a top-secret report with their regulators whenever they believe they’ve been victimized by fraudsters. It’s called a Suspicious Activity Report (SAR), and lenders who fail to file one can be sanctioned and penalized.

The reason I call it a top-secret report is because the finance institution can’t tell you when such a report is filed. However, one way you can tell if an SAR was filed is if the lender asks you to pay off a deal or kicks back a deal in funding. And not only is your dealership named in that report, you are, too. And because lenders are becoming more vigilant during the booking process or whenever an account defaults, the likelihood of an SAR being filed increases. To avoid an SAR filing, eradicate these four practices:

  • Powerbooking: Only report the actual options on a vehicle to the lender.
  • Income: Accurately report the customer’s income as provided by the consumer. Do not combine two incomes or give customers raises.
  • Application: Do not fudge the time on job or address, and do not give your customer a promotion.
  • Straw Purchases: Tell the lender the truth about who the vehicle is for.

Many dealers will file the handwritten credit app along with the one submitted through credit aggregation systems so they can compare and confirm the information provided to the lender.

Timing of Required Disclosures
The Dark Side loves disclosures. Otherwise, you wouldn’t have to be reminded by a certain fast food chain that its coffee is hot and may burn you if you pour it on your leg. We also have a number of disclosure requirements levied upon us by various statutes, such as the Truth in Lending and Truth in Leasing acts. The Privacy, Used Car and Risk-Based Pricing rules also require that we provide a disclosure to consumers in certain transactions.

Additionally, other regulations require that we vet consumers against databases, such as the Red Flags Rule and OFAC. Some states may also require overreaching vetting. In Michigan, for example, there’s a statute that prohibits repeat DUI offenders from registering a vehicle.

Keep in mind that, for some of these requirements, consumers can sue if disclosures are left out or are inaccurately stated. On others, a consumer’s recourse is to file a complaint with a regulating body. In either case, some people just won’t go away until they’ve been compensated or reimbursed for a perceived wrong. So be sure to add the following review points to your compliance checkup:

• Print a dummy retail and a dummy lease transaction from your DMS and review the documents to ensure the proper disclosures are being made. Pay special attention to how the form is printed, making sure that items appear in the appropriate box or on the line. You also need to be sure nothing is printed over pre-printed language on the form, and that premiums for all F&I products appear on the documents.

• Confirm that your customer is receiving a Privacy Notice as soon as his or her nonpublic personal information is obtained, whether in person, over the Internet or over the phone.

•  Verify that your customer is receiving a Credit Score Disclosure Notice as soon as a credit bureau report is pulled.

• Make sure your adverse action notification process is delivering notices to consumers within 30 days of accepting a credit application.

• Make sure your 8300s are submitted within 15 days of the receipt of a qualifying transaction, and that the form date is July 2012. Previous versions of the Form 8300 may cause FINCen to consider your filing as not officially filed.

• Validate that customers who purchase a used vehicle are provided a Used Car Buyer’s Guide with the correct, federally provided safe harbor language disclosing the warranty provided as part of the vehicle sale.

• Before a vehicle is delivered, ensure that you are reviewing consumers who finance or lease a vehicle against the Red Flags identified in your policy or by the vendor from which you pull a credit report.

• Vet all consumers against the Federales’ OFAC list before you deliver a vehicle. It’s also a good idea to run your list of wholesalers you do business with against the OFAC list on a quarterly basis. Make sure to retain copies of those checks.

• Make sure to handle state-required disclosures with the same care.

Odds and Ends
While the areas covered in this section have a lower risk of occurrence than something like ID theft or bank fraud, they do happen. And you can bet the Dark Side is watching.

Let’s start with forging someone’s name on a document, which is a crime. Unfortunately, too many employees consider signing someone else’s name to be akin to speeding; they just don’t see the harm. But just ask a certain dealer in the Denver market how it feels to have the local TV station hounding him for an interview because documents were allegedly forged on his watch.

Signatures on file should also be treated as forgeries. It’s not a federal crime to use signatures on file, but allowing a customer to sign a blank document is simply bad business. You have enabled a nefarious or harried manager to fill in whatever information deemed necessary to get the deal bought or improve his or her paycheck.

That’s why you need to consider a recontract as a new transaction, which means you’ll need a new menu, Buyer’s Order, Retail or Lease Contract and product enrollment forms. Additionally, retail transactions must be dated when the forms are resigned, not the date the vehicle was delivered. And unless your state frowns on one, consider obtaining an Acknowledgement of Rewrite — even in states that don’t require it, such as Nevada and Oregon.

Additionally, do not permit a sales manager to increase the agreed-upon price of the vehicle for any reason, even if it’s done to cover the cost of a subprime acquisition fee. Also monitor all manufacturer rebate programs to ensure that vehicles are sold in compliance with the program dates and that the customer qualifies for the rebate. You should also make sure customers receive the benefit of the rebate. Lastly, consider implementing a checklist to help your billing clerk when stripping deals.

Last year, the Federales went on a fishing expedition and requested information from some dealers regarding yo-yo transactions. The dealers were asked to provide a copy of any and all policies and procedures. They were also asked to provide their policy and procedure manuals required by the Safeguards and Red Flags rules.

So, the final must-do in your compliance check-up is to freshen your sales and F&I policy and procedure manual. If you don’t have one, now is probably the time to develop and implement one. Good luck and good selling! Sorry, I couldn’t help myself.

Gil Van Over is the President and Founder of gvo3 & Associates, a national compliance consulting firm that specializes in F&I and sales compliance. E-mail him at [email protected].

About the author
Gil Van Over

Gil Van Over


Gil Van Over is the executive director of Automotive Compliance Education (ACE), the founder and president of gvo3 & Associates, and author of “Automotive Compliance in a Digital World.” Email him at [email protected].

View Bio