Talk about birth by fire. Four days, two shows, about 500 photos and two notebooks crammed with notes. And out of the notes I took during the third-annual F&I Conference and Expo in Las Vegas, the one comment that stood out was the one made by this one brave soul who grabbed the microphone at the conclusion of a panel discussion on compliance and uttered, “I’m afraid to go back to my dealership.” By the nervous laughter that followed, the quote definitely captured the moment.

From what panelists said at the magazine’s November conference, the regulations dealers face and the lawsuits they hope never reach their doorstep aren’t going away. In fact, insiders say they will increase in 2007 and beyond, with data security definitely being the flavor of the day.

The good news is that technology is quickly moving to improve the way dealerships do business. And while quickening the transaction is the obvious benefit, technology also promises to help dealers with compliance issues. However, according to panelists participating in a discussion on e-contracting, the road to a totally electronic transaction is still a ways away. Industry insiders predict e-contracting will be ubiquitous by 2010, although most dealers believe the time frame is a lot longer than that.

Technology, however, is already making its presence felt. We heard from AmeriCredit in our November issue that technologies like LexisNexis’ InstantID are speeding up nonprime financing by cutting down on the amount of “stips” dealers need to collect. And I don’t think I have to talk about how the electronic menu has helped dealers remain compliant while providing a nice marketing tool for F&I products. However, as panelists said at the magazine’s conference, dealerships cannot rely on technology alone to keep them in compliance.

Making sure your desking tools aren’t crediting vehicle service contracts (VSC) in the first pencil is a good start, as some still may offer that option. So make sure to turn that feature off. Why? That’s payment packing. Dealerships should also make sure to set all computers containing customer data to lock after hours or when the F&I manager steps away from his or her desk.

There are other controls you can put in place as well. You can set up user logs when it comes to accessing consumer data, and do this for both paper and electronic. Bottom line: You need to know who accessed what, and why it was accessed, because, if you haven’t heard it before, 60 percent of ID theft cases are committed by either people the victim knew, or someone within an organization.

Take a recent case in Central Florida, where several dealerships learned that their salespeople were stealing their customers’ data to make credit purchases. In one case, two weeks after bringing home their new car, the victims received a letter from a powersports dealership congratulating them on their new motorcycle — a purchase their salesperson made under their name. Once tracked down, the salesperson told investigators that he learned how to steal identities from a salesperson he worked with at another dealership. And when investigators caught up with that guy, they uncovered reams of credit reports, purchase agreements and drivers’ licenses in that salesperson’s home and inside the vehicle he purchased under the name of one of his customers.

Protecting your dealership doesn’t stop there, however. Continually updating your dealership’s computer systems with the latest virus protection is a good practice. You should also make sure to cut off access to DMS vendors you’ve employed in the past. You should also limit what new employees can access, and make sure employees aren’t taking consumer data off premises to complete paperwork at home. And remember not to trust e-mail when trying to send sensitive information. Use a telephone.

Laptops and personal data assistants also threaten your dealership’s ability to protect your customers’ information. In fact, DealerTrack’s Randy Henrick relayed a story about a healthcare provider in the state of Oregon paying more than $70 million in damages after a company laptop was stolen. In it was the personal information of more than 300 individuals. You get where I’m going with this. The more controls you put in place, the better.

I think David Robertson, executive director of the Association of Finance and Insurance Professionals, said it best when he told the audience at the magazine’s conference: “There’s no glory in getting shot with your own bullet. If you’re working F&I and doing it right, the odds of someone getting you decreases.”