It is getting increasingly easy to run afoul of state and federal regulations while trying to run your dealership While the marine and RV industries have not received the scrutiny given to auto dealers, there has been a recent surge in reported cases of marine and RV dealer mis-steps.
In the vast majority of these cases, the issues were error by ignorance – but remember, ignorance is no excuse for the law.
Running a dealership today is more complicated than ever. That said, you don’t want to simplify your day-to-day experience by taking an extended vacation in a federal hotel with bar covered windows where your wardrobe choices consist of which stripes to wear.
It can be that serious. Regulatory Compliance is no joking matter. Enforcement is getting tougher and the reach is extending to more and more businesses, even very small businesses.
In this post, we will review both specific F&I compliance issues as well as more general potential illegal practices. In all cases, engaging in any of these activities, or failing to comply with the law can result in consequential fines and financial liabilities and may land the dealer in jail.
Before we get to very specific finance and credit related practices, let’s look at other behaviors that can get you in trouble.
With websites now offering special “e-prices”, it is easy to fall into the “bait and switch” violation. If you offer a vehicle online at a given price, you have to offer that vehicle, and all equivalent vehicles, in your store at that price. Equivalent vehicles means just that – not VIN number equivalent, but Make, Model and option package equivalent. Beyond that, if you offer a vehicle online for $30,000 and then sell that in your store for $40,000, there had better be a legitimate $10,000 of additional options and accessories. If it can be demonstrated that your online price differs from you in-store price, the consumer is entitled to the difference and if it goes before a judge, punitive damages and legal fees.
Backend products can be very lucrative. In fact, the profit on those products can trump finance reserve profit. It is illegal to offer someone a better finance rate or a special rate if they purchase a particular backend profit. We do see dealers doing this and it is illegal.
In a recent case, several people at a dealership received significant fines and jail time for doing some or all of the following:
- Altering documents to show inflated incomes (including altering proof of income documents)
- Submitting false and or altered documents to “prove residency”
- Listing accessories not on the vehicle to increase the loan amount
These were intentional acts. It should go without saying that these kinds of activities are always a very bad idea.
Now we can move on to very specific F&I processes and procedures.
This is not just about Red Flag rules, although clearly they are a big part. There is the Fair and Accurate Credit Transactions Act (FACTA), Risk-Based Pricing, Fair Credit Reporting Act (FCRA), Office of Foreign Assets Control (OFAC), Gramm-Leach-Bliley Act (GLB Act), Equal Credit Opportunity Act (ECOA) and more. So, with all these, just how bad can it get?
Well, the Consumer Financial Protection Bureau (CFPB, just to add another acronym), when enforcing the FCRA has the authority to impose fines of:
- $5,000 per day for “negligent” violations
- $25,000 per day for “reckless” violations
- $1,000,000 per day for “knowing violation
Moreover, in cases of “unauthorized disclosure” of personal information, criminal penalties of up to two years in prison plus fines and penalties may be sought.
Violations of the Gramm-Leach-Bliley Financial Privacy Rule (what, you never heard of this?) could involve imprisonment for up to five years. Similarly, failing to enforce the GLB Safeguards Rule might cost you as much as $100,000 and, perhaps, another five years behind bars.
You probably won’t end up in jail for failing to enforce the Red Flags Rule, but it could cost you $3,500 per violation, plus the potential for individual lawsuits from damaged individuals.
Of course, you are well versed with Form 8300, right? If you receive cash in excess of $10,000 for a single or two or more related transactions, you have to file Form 8300 by the 15th day after the date of the transaction. Don’t do it and, well, you guessed it, a fine of $250,000 dollars (or $500,000 for a corporation) and/or up to five years in the federal hoosegow.
How about this for a nightmare scenario (with credit to MicroBilt)? A customer comes into your store looking at your top of the line vehicle fully loaded. This particular customer is a highly paid and very successful attorney. He is in a hurry to get the deal done, so he doesn’t negotiate very much on the price. Oh, and he wants to finance through you.
Your Finance Manager is understandably excited. The credit app looks great and the FICO comes in at 800+. Instant approval, instant delivery – what a great day.
Sixty days later the other shoe drops. Mr. In A Hurry Attorney turns out not to be who he said. It was someone who had stolen his identity. Now, whoever it really was, has elected not to make payments. The bank sends the paper back to you because you violated the Red Flag Rules by not verifying the identity of the customer, which is a violation of your agreement with the bank. Insurance doesn’t cover the loss.
Your prized vehicle is safely ensconced in South America. You eat $100,000. The actual attorney sues you with the help of the CFPB because you violated the Red Flag rules.
I assume you would think that this was a pretty bad run of luck…and it could have been avoided.
Every dealership has to have a written Identity Theft Prevention Program. This program must be employed consistently for every non-cash transaction. It can and should include items such as:
- Asking for the physical production of items in the persons wallet (credit cards, Driver’s License, etc.
- Careful scrutiny and the Credit Application and Credit Report, looking for suspicious gaps, mismatched addresses
- Questions about personal information that go back beyond the seven year limit on credit reports
Whatever your program is, follow it.
It is so easy to run afoul of the regulations. Let me count a few of the ways:
- Failure to clearly define and enforce the processes for detecting “red flags” in identity verification
- Failure to properly enforce privacy rules
- Failure to have a written security plan, under the Safeguards Rule, to protect the confidentiality and integrity of customer and employee data
- Failure to appoint and rely on a real Compliance Officer
- Failure to identify and enforce processes regarding the disposal of information in consumer reports
- Failure to provide proper notice to customers when their credit report is run and/or when adverse actions are taken (by the way, this also includes cases where your Finance Manager runs a credit report and makes an independent decision not to even try to finance the customer, or substantially change the terms of the deal
- Failure to file Form 8300 on time or at all
I could go on, but I think you have the idea.
So, what can you do? One option is to just throw up your hands and elect to never offer financing. That will probably work from a regulatory perspective, but it is not a great business decision.
A second choice is to offer financing exclusively through a reputable third party financial services provider. This will cost you some on the profit side of the equation, but you shift the regulatory compliance issues away from your dealership. You also eliminate the risks associated with having consumer information sitting around on desks in your store that often may not be the most secure.
Your third choice is to take it all on yourself. You definitely can do this…but don’t do it halfway. Once you are committed, go all in. Create all of your written policies and documentation and enforce them rigorously. Hand-in-hand with this is the appointment of a Compliance Officer as a serious and senior position.
Finally, you can blend the second and third choices and use third party expertise to inform your in-store actions. Contract your third party provider to serve as your Compliance Officer. You still carry some risk, but you capitalize on external expertise to mitigate your exposure.
Or, you can do just some of what you are supposed to do and turn a blind eye to the gaps. You can adopt the attitude that you are “not big enough” to care about, or that your violations are not really that consequential. This is a fine choice too…just let me know when you would like me to bring you a cake for your federally imposed, striped attired vacation (oh…there won’t be a file in it-sorry.)