The Future of Compliance

What does the future of compliance for the automotive retailer look like? If you attended the Compliance Summit held this past September in Texas, you know that the future of compliance is already here! If you did not, let’s examine how recent events affect our business.

The recent Equifax breach has heightened all consumers’ awareness as to just how vulnerable they are when there is a compromise of the very institutions that are charged with keeping their very important nonpublic information safe. The sensitive credit information that was compromised impacted half of the U.S. population. Credit information dictates the cost to consumers for so many of the things that they purchase such as insurance, home, automobiles and even getting employment.

As if this wasn’t enough, the current political environment surrounding last year’s presidential election is mired in controversy over the integrity of the electoral process due to compromised, hacked data that is being investigated by special counsel Robert Mueller.

This constant stream of disturbing news is bringing other serious players into oversight control. For instance, the Commonwealth of Pennsylvania and its state attorney general have created a state-based version of the Consumer Financial Protection Bureau (CFPB). My sense is that more states will continue this trend as the political climate for protecting consumers will continue to be front and center.

The future of compliance for automotive retailers that deal with consumers will follow the same trajectory as the political climate. Consumer protection will be of the utmost importance for the automotive industry. Every facet of the industry will drive this growing trend toward protecting consumers in all aspects, from manufacturing to retailing to servicing.

Retailers can no longer rely on the current outdated, insufficient approach to protect consumers from harm through some form of nominal staff compliance training. Make no mistake about it, you are now expected to maintain the highest standards and integrity to protect your customers. It is no longer the benchmark to just protect nonpublic information.

On the contrary, protecting consumer information, email accounts, telephone numbers or distinctive consumer information is a requirement, both for the benefit of the business reputation and to reduce the risk of damaging that reputation in the eyes of the consumer. This fact was brought to life when Sony Entertainment was hacked and some very sensitive email information was compromised.

As attorney Robert Wilson wrote in “Compliance Management System or Compliance Training”:

“The CFPB has said that they expect larger participants (including non-bank, i.e. auto finance companies) to have compliance management systems in place, not just training. Dealers’ finance sources, in turn, require dealers to implement a CMS in their stores. In the event that a dealer finance source discovers that a dealer has failed to implement a CMS, drastic measures are sure to follow. There is a popular misconception that training=system, rather than the more accurate description: system>training.”

So, the future of compliance, which is here already, will require that an automotive retailer put in place a robust compliance management system (CMS). The CFPB has identified at least four elements they expect in a CMS. The four legs of the compliance stool are:

• Written policies and procedures that are approved by the ownership or board of directors of the automotive retailer
• Job-specific training for the entire automotive retailer, not just F&I.
• An enterprise-wide proactive regular audit system that goes beyond post mortem “deal jacket” reviews
• A responsive and cause-driven customer complaint system that allows for automotive retailers to ensure adherence to its policies and procedures across all areas of their operations

Unifying all these components in the compliance management system will better provide the automotive retailer with the needed breadth and depth to respond to an auditor’s scrutiny. No auditor is looking for perfection, and no automotive retailer will become bulletproof, but a robust CMS will at the very least provide a demonstrated effort to consistently and proactively follow the law each and every time, whether it is a quiet Monday or a busy Saturday.

Applications which use technology to prevent conduct which violates the law, can be the “glue” helping to secure the “four legs” of a robust CMS to ensure that there is compliance across your entire operation. This approach is the clear winner versus the “hope and pray” approach. Proper robust reporting and workflow oversight with the use of technology with a CMS make the best sense to manage the risk that all automotive retailers face — all of them!

The future of compliance is here today and now is the time to act to avoid adding unnecessary legal expenses to your bottom line. Remember the “Five Ps”: Proper Planning Prevents Poor Performance!