Pub. 19 2020-21 Issue 3


Compliance Is Critical To Maintaining Dealership Operations

Hopefully, all dealerships have made the appropriate investment in training and reviewing their staff’s behavior to ensure all personal and non-public information is protected as required by Federal Privacy and Safeguard Rules. Written policies and procedures should consistently go hand in hand with employee actions. However, the gaps between what is expected and what actually happens in showrooms still vary greatly from dealership to dealership. Let’s consider some facts.

  • Compliance is not optional
  • Training is temporary
  • Turnover is consistent
  • Speed and transparency are a necessity today to stay
  • Fraud is on the uptick
  • The new landscape includes “virtual” remote deals

Transactions could conceivably begin on three different platforms (walk-in, web applications and Digital Retailing), yet the compliance steps are consistent regardless of where the engagement starts. As a result, the behavior is sometimes inconsistent or incomplete. Let’s go through a typical vehicle sales process, and identify some of the risks, as well as real-life results of non-compliance.

The Meet and Greet

A dealership employee engages with a customer and, at some point, asks for a driver’s license and maybe an insurance card. Upon collection, the dealership immediately has the responsibility to safeguard that information per the Safeguards Rule’s requirements. Dealers must also retain this information for the subscribed period of time, depending on the engagement outcome. So what are the risks to the dealership in this simple process?

  • The license could be fraudulent
  • The license could be expired
  • The copy could be lost, misplaced, stolen, thrown away (all of which violate your Privacy Statement and Federal Safeguards requirements).
  • How is this info requested and received “remotely”? Are images stored in a salesperson cellphone or personal email account?

Possible outcomes — (1) A dealership in Pennsylvania settled a class-action lawsuit, where 150 victims had their identities stolen, for $2.45 Million. (2) A New Jersey theft ring stole more than 30 cars in July 2020 using fraudulent identification. How many other thefts are getting through without being caught in time?


Credit Application

When the sales team starts a credit application (and hopefully the Privacy Statement), what are the risks?

  • If the dealership still has customers complete a paper credit application, they create a document that could become a $42,380 liability if left unprotected under the Safeguards Rule. Even if the application is printed from the CRM platform, it still creates that paper liability.
  • Handwritten credit apps can be inconsistent, incomplete or illegible, creating problems when the consumers’ credit information is pulled.

Possible liability — There have been instances where the information on the Credit App “changed” or was modified. In some cases, this is legitimate, while others have unfortunately led to fraud. On Sept. 8, 2020, the FTC issued a $7.3 million judgment against Tate Auto Group for precisely this reason. How long would it take your dealership to generate $7 million in net profit?

Credit Check

To pull a consumer’s credit, dealerships are faced with the regulatory responsibility of the Fair Credit Reporting Act (FCRA) Red Flags Rule to verify the individual’s identity and obtain their authorization before pulling their credit. What could possibly go wrong with this?

  • Is your desk verifying each customer’s paperwork, ID, and consent before running credit to support FCRA requirements?
  • Is your desk giving the same level of administrative attention to the deals that DON’T cross the finish line in the collection, protection, and retention to support the requirements under the Fair and Accurate Credit Transaction Act (FACTA)?
  • Is your desk clearing/resolving ALL open Red Flags, OFAC requirements and Notice requirements (Privacy Notice, Credit Score Disclosure Notice and Adverse Action Notice)?
  • Are you checking for synthetic fraud when pulling credit?

Possible liability — Three examples come to mind for non-adherence. The first dealt with 16 boxes of dead deal jackets from a dealership being recovered during a drug house bust. Another similar case involved an undercover officer approaching a janitor at a dealership and paying $50 each for 100 credit apps provided by the janitor. The third example included a dealership that settled for $270,000 with an attorney over the inability to prove they had consent on “ONE” dead deal. Is your dealership capable of putting their hands on every consumer you ran credit on over the last five years? Your Privacy Statement guarantees your customer that level of protection.

Contracts In-Transit And Collecting Information

In many cases, the deal needs customer information in order to get funded after the vehicle has been delivered. In deals where the lender requires STIPS, how do dealerships collect and protect this sensitive information in a secure and immediate platform?

STIPS and/or IDs, insurance cards and more are frequently being texted to a salesperson’s phone or emailed to their private email account. STOP!!!!! This is a major violation of your Privacy and Safeguards Policy.

On top of all that was discussed above, add to the mix web leads and your Digital Retailing game plan. Multiply that by the number of dealership locations and it becomes a daunting challenge. The collateral damage to your brand could easily trump the temporary financial pain of a fine or penalty.

The time for technology to control and administer this mind-numbing maze is long overdue. Without automating and enforcing the entire process, these liabilities will continue. Platforms currently exist that empower real-time actionable intelligence to enforce, monitor, eliminate rogue behavior and maintain a compliant environment. Every other department in the dealership is already automated, yet the risks to brand and profitability are still largely manual. If your dealership struggles with some of these behaviors and hasn’t already searched for a platform to put your showroom on autopilot, now is the time. There are tools to address all the above in a very affordable and more accessible way.

NJ CAR has partnered with Dealer Safeguards Solutions to offer its dealer members the ability to leverage an innovative, comprehensive control and protection platform for compliance and fraud. Many New Jersey dealers have already found the platform beneficial to addressing many of the issues discussed in this article.

If you would like more information, please contact Gail Caputi at (609) 883-5056 or Judy Vann at (732) 492-1818 to learn more about this valuable program.

Doug Fusco is CEO of Dealer Safeguard Solutions. He can be reached at 972.740.8638 or

This story appears in Issue 3 2020-21 of the New Jersey Auto Retailer Magazine.