Although it may not be a topic discussed on an everyday basis, compliance is always on the back of dealers’ minds while conducting day to day business. Throughout my automotive career, I’ve always been on the receiving side of dealer audits – whether I was working in the accounting office, an assistant to sales management, or in finance – and although it may not be fun, I get that it is necessary. Recently, I participated in a dealer audit, but from the other side. The audit was conducted by request from the dealer themselves, so they could pinpoint their strengths and weed out their weaknesses, and I have to say, it was probably one of the most fascinating things I’ve ever been a part of. Because I’ve worn so many hats before becoming a finance manager, I’ve always been pretty diligent with my paperwork. However, when I joined the finance side, I learned there is more to being compliant than just making sure all your paperwork is in line, adequately disclosed, and signed.
Dealers need to adhere to certain policies and practices defined by the FTC. A hot topic for discussion is discriminatory practices and disparate pricing. I get that we all want to make money, I really do, but by overcharging vehicles and/or products to “less intelligent” customers, you can potentially put yourself in the hot seat. Nobody wants to be in the spotlight for that. As much as we are in the business to make money, we can do it without being biased to certain types of people. What’s good for one has to be good for the other. During times like this where we are searching for ways to make money, we also need to be careful and follow practices set forth by the FTC such as The Fair Credit Reporting Act, as we don’t want to open the doors for a regulator to come in and take a look at everything. Once you open the door, for one thing, the gates are open for everything else. Best practices are for dealers to set their own policies in place for compliance, training, and, most importantly, practice it.
With the coronavirus still impacting many states, consumers are utilizing online methods to purchase their vehicles. During the last few months, digital retailing has increased. Some dealers can do it with their eyes closed; others are stepping their toes into it for the first time. With that in mind, purchasing a vehicle does require customers to share nonpublic personal information – or NPI – via the phone, email, web, etc. This can be a cause for concern if the dealer does not have the tools needed to ensure that the customer’s information is kept secure. “[Brad] Miller and [Mike] Trasatti emphasized that business owners must continue to implement reasonable technical, physical and procedural safeguards to guard against potential cybersecurity threats and meet the requirements of the FTC Safeguards Rule to secure and protect sensitive consumer data.” If not already, is the time to make sure you are equipped with the right utensils to protect your customer’s information. Recently, there have been proposed changes to the FTC’s Safeguards Rule, and if it passes, it could mean more steps from the dealer’s standpoint in regulating NPI. Some examples would be encrypting customer information and adopting multi-factor authentication. Customer data is just another branch on the compliance tree, and the best way to tackle these things is to set policies in place and implement them.
Personally, I like to fly under the radar. When I was in finance, I was a creature of habit: printed paperwork in the exact same order and followed a checklist no matter what. Sometimes we can get a little robotic doing the same things repeatedly, and I liked to make sure I did not forget anything. I did whatever I could do to make sure I followed a process. Even when I was collecting NPI, it was always through our secure system, not through texts or emails. Little steps can go a long way.