First, a caveat. Discussions among competitors always present an antitrust risk and, for that reason, a knowledgeable antitrust lawyer should be present at the meeting. Discussing best practices for compliance with federal and state laws should not be considered to be any type of conspiracy in restraint of trade but sidebars and other issues that come up may cross the line. Trade association meetings generally have counsel present and your 20 group meetings should as well.
Many compliance issues such as Safeguards programs and Red Flags Identity Theft Prevention Program are risk-based. Assessing risks includes learning the experiences of similarly-situated dealers in your area or elsewhere. Here are some topics that your next 20 Group meeting might want to address to enhance everyone's compliance and risk mitigation especially in this age of regulator activism and real world threats.
- Red Flags and Identity Theft Risks - Identity thieves tend to zero in on communities for a short time and use new tricks and deceptions to finance a vehicle. A dealer in Long Island, NY sold and financed a $61,000 Range Rover to an identity thief whose picture was published in a local community newspaper. The thief used a fake New Jersey driver’s license and obviously beat the dealer’s red flags program. It is not known if this individual attempted identity fraud with other dealers but it is certainly a possibility. In Nevada, dealers reported a ring of identity thieves that had two common threads: all of them wanted to buy two vehicles and all came in late in the day or at night.
Equifax’s 2016 data breach of 144 million U.S. residents has made identity fraud a much greater risk with all that information published on the dark Web. As your fellow dealers experience attempted identity theft, sharing the ways, times, and patterns of attempted identity fraud purchases can only help you refine your own Red Flags program and be less likely to become victimized.
- Safeguards - Hackers and fraudsters are always staying one step ahead. Zero day attacks are launched every day before security protection software can identify and prevent them. What types of attacks are your fellow dealers seeing? Since the majority of data breaches are caused by socially engineering end users to click on phishing links, reveal passwords, or download malware-laden software, what types of emails and social media schemes are being seen? Are any risks being identified with widely-used DMS systems and what are the solutions? What software and training programs have your members found to be effective? Attempted hacking occurs daily and your 20 group counterparts can be an invaluable source for steps to take or training to incorporate so the hacks can be identified before becoming successful.
- Regulator and plaintiffs’ attorney concerns - Most dealers get periodically audited by regulators, particularly State Attorneys General ("AGs). What issues do the regulators seem particularly concerned about? What alleged advertising shortfalls are they citing?
IN 2015, the New York AG shut down an aftermarket credit repair service called Credit or Forget It. Since then, the New York AG has brought a number of enforcement actions against dealers who sold the product, including ordering one dealer to pay in excess of $13 million and two dealers to pay in excess of $1 million in fines and restitution for allegedly payment packing the product to consumers. The aggressive nature of an AG towards particular products or processes is something all dealers should become aware of to guide their own conduct.
The Arizona Attorney General shut down two dealerships and banned their principals from engaging in the auto business in Arizona for unfair and deceptive practices consisting largely of deceptive advertising.
The New York City Department of Consumer Affairs issued regulations concerning used cars that effectively prohibit spot deliveries, provide a 2-day right of consumer cancellation, and other such pro-consumer provisions. Discussing what those regulations do and do not allow can be helpful in dealers avoiding inadvertent violations in a very pro-consumer venue.
The Pennsylvania AG has set up his own mini-CFPB division and the Massachusetts AG has been particularly active in auto financing. The Massachusetts and Delaware AGs entered into a $22 million settlement with Santander Consumer USA essentially for buying dealer contracts with very high default rates. The AGs concluded that this showed Santander was financing car purchases without having a reasonable basis to believe that buyers could afford them which constituted an unfair and deceptive practice.
Shortly after President Trump appointed Mick Mulvaney as the interim CFPB Director, 17 State AGs sent a letter of protest to the President promising that if the CFPB tempered its watchdog behavior, the signing state AGs would "redouble [their] efforts at the state level to root out. . . misconduct and hold those responsible to account."
The Department of Defense’s December 2017 interpreting the Military Lending Act (“MLA”) to apply if GAP and credit insurance products are sold to MLA covered borrowers is another subject that dealers needed to get a handle on quickly given the punitive consequences of not complying with MLA requirements. See our article in this blog for more information on this MLA interpretation.
How about plaintiffs’ attorneys?
It seems that plaintiffs’ lawyers go on suing sprees after conferences and meetings where war stories of success against dealers are publicized. Apart from routine customer disputes, are dealers seeing a pattern of claims and suits such as occurred several years ago after the FCC issued a rule that made sending commercial text messages to a cell phone without a prior written signed consent from the recipient containing magic words a violation of law? With that rule, every noncompliant marketing text message triggered a potential penalty of $1,500 and one large dealer group paid in excess of $2.3 million to settle a class action.
- Legislative Affairs - At any given point during a state legislative session, bills that can directly or indirectly affect auto dealers are pending in the state house. It is a good strategy to ask the local dealer association legislative affairs expert to make a presentation to your 20 group to identify such legislation and advise if action such as personal visits to legislators is desirable. The plaintiffs’ bar always has its people working to fit what they consider to be pro-consumer legislation into transportation and appropriations bills. No one wants to get blindsided so make some review of legislative issues a must any time your state legislature is in session.
- Manufacturer Issues - You need to be a little careful here lest a manufacturer claim an antitrust violation but many actions of manufacturers can be fair points for discussion. An example is ads that manufacturers push to dealers that touch on credit issues, a subject that I have found few manufacturers understand let alone prioritize. A manufacturer sells vehicles, a dealer sells vehicles and credit and the potential for unfair or deceptive advertising in credit advertising is not something you can count on manufacturers or their ad agencies to address.
One example is conditioning vehicle price discounts on credit standing. I’ve seen many manufacturer ads that require customers to finance with their captive to be able to take advantage of pricing discounts on vehicles. This is not the same as offering discounts to recent college grads or veterans. Under federal Truth in Lending, the additional sums paid by credit-challenged customers (the lost discounts) who are declined by the captive and financed by another lender at the dealership can be considered a prepaid finance charge and must be disclosed as such and factored into the APR. A better approach is to condition the discount on financing through the dealership. This will avoid the circumstance of a consumer losing a credit-based discount if the dealer needs to use a subprime or other lender to finance the consumer without the discount.
Compliance events move quickly and keeping your 20 group members in the loop or brainstorming what compliance requires can be a valuable way to avoid being defrauded by identity fraud or a data breach, or penalized by a regulator for unintended consequences. Make compliance a topic for your 20 group meetings and all participants should benefit from doing so.