Blog Posts

Blogs

A Way for Dealers to Sell GAP to MLA-covered Borrowers

3/11/2019

0 Comments

On December 14, 2017, the Department of Defense (“DOD”) issued a regulation concerning the exemption from the Military Lending Act (“MLA”) for purchase money auto financing credit secured by the vehicle. The MLA is a law passed in 2006 protecting service members and their families by requiring extensive disclosures and prohibiting certain contract provisions. Purchase money vehicle financing is exempt and it was believed that this exemption included all aftermarket products sold with the vehicle in the transaction as well.

DOD’s new interpretation said that a transaction is exempt from the MLA “that finances the [vehicle] itself and any costs expressly related to that [vehicle]. . . provided it does not also finance any credit-related product or service.” This means if the auto financing transaction includes GAP or credit insurance, the whole transaction is arguably outside of the exemption and subject to the MLA.

As a result, auto dealers cannot sell and finance GAP in indirect auto finance without running afoul of MLA penalties which include the inability to take a security interest in the vehicle. Other penalties can include voiding of contracts from inception; civil liability of actual damages or $500 statutory damages recoverable in class actions; punitive damages; costs and attorney’s fees, along with possible criminal liability.

Possible Actions in Response to the DOD's December 2017 Interpretation
Trade associations and dealer groups have been lobbying the DOD to revoke the December 2017 interpretation. They were apparently close to doing so in June 2018 but a change in DOD and other agency personnel delayed and politicized the issue. The timing of the revocation of the DOD interpretation is now uncertain.

The main result is dealers should not offer credit insurance or GAP to MLA-covered borrowers in indirect auto finance transactions. This means you will have to check every customer to see if they are an MLA-covered borrower using one of the "safe harbors" for doing so --these being either a DOD MLA website or a credit report indicating the person's MLA status-- before selling them GAP or credit insurance. Do this at the time the consumer submits a credit application or within 30 days earlier if, for example, you are doing a pre-screen mailing. Document your doing so in the deal jacket.

But it’s not so easy. At least 11 states have military anti-discrimination statutes. Each state interprets its law differently. In response to a claim of military discrimination for not selling GAP to MLA covered borrowers, the dealer could argue that the federal MLA and DOD interpretation preempts their state’s anti-discrimination law Consult your local attorney or compliance professional on the law in your state to get a sense of whether a the courts will recognize federal pre-emption as a defense to an alleged credit discrimination against protected military members under your state's law.

A Solution for Dealers to Enable MLA Borrowers to Finance GAP
There is another solution making its way around the industry. The prohibition on taking a security interest in a vehicle on a compliant MLA contract does not apply to banks, credit unions, or savings associations (collectively “banks”). A number of banks—principally credit unions--are preparing compliant MLA loan agreements (not an easy task with all the disclosures and computing an alternative MLA APR) that permit a vehicle security interest. Reportedly, several large banks are also exploring this alternative.

If an MLA-covered borrower wants to purchase GAP, the solution for dealers is to contract to become an agent of one of these banks and engage in “direct” or “two-party” financing where you act as an agent of the bank in contracting for a direct loan from the bank to the consumer instead of the more-familiar three-party indirect credit sale of the vehicle. The proceeds of the loan are directed to the dealer and the bank is named as the original creditor on the loan agreement. The dealer gets a service fee for handling the paperwork for the bank. For MLA-covered borrowers who want GAP or credit insurance, this solution should work.

Most industry experts believe the DOD December, 2017 regulation will be revoked or repealed at some point, probably later this year. But there is no guarantee. Trade associations are also working the legislative front with the Congress. But until one of these approaches leads to a repeal, contract with a bank that offers compliant MLA loan agreements to establish a two-party lending relationship so your MLA-covered borrowers can finance GAP like everyone else.

0 Comments

BE CAREFUL WITH OUT-OF-STATE DELIVERIES AS MANY RISKS APPLY

2/25/2019

0 Comments

The Internet has become a way of life in selling vehicles. It enables customers to contact dealers and obtain information more readily and can be a source of selling. But it comes with real dangers of identity fraud that can leave a dealer required to repurchase an agreement and with little, if any, hope of recovering the vehicle.

Since 2010, Customs Agents have seized over 3,500 stolen vehicles in U.S. ports bound for other countries. Many of those cars were headed to Africa or Eastern Europe, or other areas where they can be sold for great profit. The vast majority of these vehicles were stolen by financial identity fraud perpetrated on dealers who delivered the vehicles to an out-of-state identity thief.

Dr. Stephen Coggeshall, ID Analytics’ chief analytics and science officer and a respected identity theft expert, described the problem of identity fraud with out-of-state deliveries as follows:

“Any transaction that takes place in a faceless environment online has a lot higher potential for fraudsters for a number of reasons. It’s much easier to misrepresent yourself — who you are — in a faceless transaction. But also, the odds of you getting caught are a lot smaller. You’re not physically at a dealership.”

A Red Flags program will have difficulty identifying the theft due to the effectiveness of “synthetic” identity theft. A fraudster creates a synthetic identity by making up a Social Security number (since 2011, Social Security numbers are no longer linked to states of residence but are issued randomly), adds false personally identifying information to it and establishes a credit file.

Dr. Coggeshall says that using synthetic identities is now “the dominant mode of identity fraud,” overtaking other methods like identity theft and identity manipulation. Particularly when it comes to remote auto fraud.

Synthetic identities are incredibly difficult to trace, because they don’t lead back to a real person. Fraudsters use a combination of elements such as a fabricated Social Security number, name, date of birth, address or phone number, and then establish that identity by applying for credit cards or a cellphone. Credit bureaus establish upwards of 40 people on the same Social Security number.

“It’s actually not that hard to establish the validity of a synthetic identity,” Dr. Coggeshall says. “And once you’ve done that, you can start doing all sorts of things.” Hence the rise in motor vehicle identity fraud. Every time you ship a vehicle out of state instead of making the customer come to the dealership, you run the risk of that person being an identity thief waiting to ship the vehicle overseas or sell it to a chop shop. It doesn’t take more than a few of those transactions to negatively impact your bottom line.

In a related sense, straw purchases are also more readily accomplished via out of state shipments to Internet sales. These lead to repurchase requests too.

Out-of-state deliveries produce practical issues as well. Titling vehicles can become problematic if you are not familiar with the idiosyncrasies of the remote state’s title office and you don’t want dealer plates in far-away locations. Disputes with the buyer may inadvertently wind up being litigated or arbitrated in the buyer’s home state as well, even if your Buyer’s Order says otherwise. Obviously, repossession rights upon default will be subject to a group of laws and requirements different from those in your state. “Home town”: justice could easily come into play in the buyer’s favor in any dispute.

Do enough deliveries into the remote state and their tax authorities might claim you are “doing business” there and want to tax you. This is another risk.

0 Comments

2019 CRYSTAL BALL FOR AUTO DEALER SALES AND F&I

1/1/2019

0 Comments

2018 was a year marked by increased compliance enforcement by the Federal Trade Commission (“FTC”) and State Attorneys General (State AGs”).
The fines imposed the past two years have increased substantially from those in earlier years. For example, the FTC fined a California dealer group $3.4 million in 2017 for a variety of unfair and deceptive practices, including its first foray into “yo-yo” (spot delivery) practices. In 2018, the FTC conducted a field investigation of over 90 dealers in 22 geographic areas and found that only 7% had displayed the correct new form Used Car Buyer’s Guides on their used vehicles in inventory. Recalls also continue to be a problem for dealers as 2018 set a record for vehicles recalled by manufacturers. The FTC fined dealerships for selling “certified” used vehicles without either fixing or informing the customers of open recalls. Advertising fines and penalties are now well up into the six figures as well.
What can we expect in sales and f&I compliance in 2019? Here’s a crystal ball of some issues at the top of regulator agendas that may ripen into enforcement actions and lawsuits in the coming year.
1. New Unfair and Deceptive Acts and Practices (UDAPs) - The FTC and State AGs imposed fines in excess of $1 million for “yo-yo” financing; fraudulently submitting or changing customer information on credit apps or deal stips; and advertising vehicle specials for which the dealer should have known most customers in its geographic area could not qualify. These were new first-time UDAP practices for the FTC and were coupled with payment packing, misrepresentations, and some of the past UDAP practices to fine dealers or enter into 20-year consent decrees. In 2019, look for the FTC to continue to regulate by enforcement (declaring practices to be UDAPs that had not been previously prosecuted or prohibited by FTC-issued regulations). The FTC is partnering with local law enforcement agencies as it did with the missing Used Car Buyer’s Guide investigation. Look for more “on the ground” enforcement activity as the FTC in conjunction with AGs, DMV representatives and local law enforcement come out of the ivory tower and enforce dealer misbehavior in the real world. Mystery shoppers and agents in the field will be a large part of 2019 compliance enforcement.
State AGs will continue to pick up auto dealer enforcement activity. Since 2015, the New York Attorney General has obtained more than $17 million in restitution and penalties as part of his office’s crackdown on the practice of ‘jamming,’ or payment packing.”   State AGs in Arizona, Connecticut, Illinois, Massachusetts, Virginia and Florida, among others, have been particularly aggressive.
2.  Data Security Breaches and Safeguards Rule Violations - 2018 was another record year for data security breaches both in the number of breaches and the number of records compromised. I recently attended a data security program in which the speaker stated that data is the new oil, and he is right. Hackers and their like are compiling dossiers on millions of individual U.S. persons from both publicly available information (like motor vehicle registration records) and personal information readily for sale on the dark Web, like information from the 2017 Equifax breach that affected nearly 145 million U.S. consumers. The 2018 Verizon Data Breach Investigations Report found that 58% of data breach victims globally are small and mid-size businesses (“SMBs”). Many SMBs report doing very little to protect themselves because they lack the required resources, capabilities, and knowledge.    A Ponemon Institute report in 2016 that found that roughly half of the nation's 30 million small businesses had been breached Dealers, whose data security tends to be quite lax when compared to larger companies, are a treasure trove for personal information including Social Security numbers, driver’s licenses, employment and income information, and other data that facilitates identity theft (also on track to be a record in 2018). Expect more major data breaches and more FTC and State AG action in looking at dealer Safeguards Programs. In California, a new Consumer Privacy Act was passed that provides more protections for consumer data, penalties for breaches, and, for many uses, requires “opt-ins” instead of “opt-outs” when it comes to sharing or using data.
The FTC entered into a 20-year consent decree in 2018 with a dealer for an inadequate Data Safeguards Program. Expect more of the same in 2019.
2a. Breach of Vehicle-Communicated Data - As the industry moves to experiment with driverless vehicles and as data points are exchanged among vehicles on the road today as part of Internet of Things connected devices (“IoT-connected devices”)., the security of the data being transmitted becomes an expanding risk for hackers or criminal enterprises. Most vehicle data being communicated is not encrypted and can easily be hacked by someone wanting to cause damage to the vehicle’s operation, questioning of the prospect of driverless cars, or stealing the technology as has occurred in many other industries. This is an IoT-connected devices issue that needs to be followed as if and when hacking of this type happens, it will throw the auto industry into a crisis. Less a dealer issue than a manufacturer technology issue but remember, you sold the IoT-connected vehicle that had its data compromised and abused.
3. Aftermarket Products - Regulators know that dealer profits are largely generated from the back-end sale of aftermarket products. The CFPB and FTC are not big fans of aftermarket products believing most are overpriced and deliver questionable value to consumers. The CFPB ordered a national auto finance company to refund $9 million to consumers and pay a $2.5 million fine for making claims about their GAP policy’s protection features while failing to inform consumers that its GAP policy was capped at 125% of the vehicle’s value at the time of loss. Recent enforcement actions have also begun to look at the value of aftermarket products relative to their cost as well as the amount of the dealer’s markup to sell the product at retail. States are also looking more closely at refund issues.
Payment packing or front-loading an aftermarket product is always unlawful. All optional aftermarket products should be presented fully and honestly using an easily-understood menu and the customer should initial all products accepted and rejected. Parity in pricing products, or at least in bundles of products, is another best practice. Expect to see aftermarket products in an FTC enforcement action in 2019.
4. Military Lending Act - Due to the Department of Defense’s December 2017 interpretation of the Military Lending Act (“MLA”) (an interpretation that I think will be repealed some time in 2019), sale of GAP or credit insurance to MLA covered persons (broader than service people and their families) requires compliance with the MLA. Most dealers and financial institutions are not set up to comply with the MLA in terms of calculating a separate Military APR, making written and oral disclosures to MLA covered persons, eliminating arbitration clauses and making other changes from a standard credit sale. A dealer is prohibited by the MLA from taking a security interest in a vehicle as well and only a regulated financial institution can directly do so. A standard RISC will not contain the necessary disclosures and the penalties for non-compliance are significant including a customer’s right to void the RISC from inception meaning a consumer could possibly return the car and be entitled to all payments made as well as the amount of any allowance given for their trade-in. Remember that service people are a preferred group at the CFPB and that filters to other regulators as well.
5.     Spot Deliveries -   By adopting the term “yo-yo financing” in its 2017 $3.4 million fine of a California dealership group, the FTC laid out its leanings on an issue the plaintiff’s bar has had at the top of its agenda for years, spot deliveries. What percentage of your spot delivery deals are unwound? If it is more than a small number, you run the risk of a bait-and-switch UDAP practice, one the FTC and many State AGs are examining in response to a growing number of consumer complaints. Make sure your conditional delivery agreement is mutual and fair and be prepared to show you had a reasonable belief that one of your finance companies would purchase the original contract based on its past conduct.
In view of the high dollar stakes of enforcement actions and the growing aggression of the FTC and certain State AGs against auto dealers, now would be a good time to review your Compliance Management System and your compliance policies, especially privacy and Safeguards policies. Make any necessary changes based on testing such as a vulnerability test of your system to hacking. Train and test your people too. Frequently. On data safeguards, people are your biggest risk and an untrained employee is your worst nightmare. Emphasize warnings about phishing schemes, complex passwords, and avoiding other schemes criminals use to compromise a user’s credentials and enter your system.

0 Comments

THE DANGER WITHIN: ALMOST 35% OF DATA BREACHES RESULT FROM INTERNAL EMPLOYEES AND HOW YOU CAN REDUCE YOUR RISK

11/15/2018

0 Comments

A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone, according to Risk Based Security, which analyzes data pertaining to breaches gathered from public sources, through automated and proprietary processes, and other means.

As has been the case for several years, a recent study by Risk Based Security found insiders posed the biggest threat to data. Fraud — a term that Risk Based Security uses to describe any sort of malicious insider activity or no-technical methods of illegally accessing data — accounted for nearly 36% of the records compromised.

The reasons for such internal misbehavior vary from the obvious profit motive to a desire to cause harm to the dealership and its customers. Many criminal elements approach auto dealer employees with a proposal to pilfer consumer non-public personal information (“NPI”) in exchange for cash payments or other benefits. To some employees, the risk is worth taking

What’s a Dealer to Do?
To address the problem of insider misbehavior, there are a number of steps you can and should be taking.

It begins with the hiring process. Unless prohibited by law, a criminal background check should be undertaken for any candidate who if employed will have access to NPI. An investigative consumer credit report is another good step to take although you will have to notify the employee that you are doing so and, if asked, give the general information learned in such a report. But you don’t want questionable and potentially unreliable people in your dealership especially if they will have access to your most valuable resource of NPI.

Another thing you need to do is limit access permissions. How many employees in your stores can access NPI even though it may be unrelated to their positions? I bet it is a lot. Limit employee access to only that NPI they need to do their jobs and no more. This alone will reduce your risk.

The next step is that you must educate them and monitor their activity. Most electronic record-keeping systems and DMS systems have the ability to create access logs on who did what and when on the system. Maintain and review access logs of how often individual employees access NPI and watch carefully for spikes in activity. Do this with paper records as well. Appoint a gatekeeper or librarian who records the persons who access paper files with NPI and watch for spikes in that activity as well. An increase in file access may indicate the employee has been compromised by a hacker but may also indicate the employee has decided to go over to the dark side.

Your Employee Handbook should be clear that accessing NPI without a legitimate business purpose is cause for immediate termination in the sole discretion of management.

Another step you can take is to prohibit the downloading of NPI onto any external storage device like a USB, an external hard drive, or other electronic media. Access to NPI should be “read only” with no ability to download or transmit any of the information to any person not authorized by senior management.

Protect your NPI by putting it on a separate server not connected to the Internet. Use two factor authentication (a password and a code sent to the real user’s device are examples) to enable access and access only to the extent of the employee’s permissions. In one New Jersey case, a salesperson from a large dealer had resigned to go to a smaller competitor. Before doing so, the employee copied the large dealer’s DMS system onto a USB drive. No doubt similar activity goes on elsewhere. Pay careful attention to an employee’s access logs for about a month before and at all times after they give notice and prior to leaving the building. Watch their incidence of copying physical papers as well. This may be when you are most at risk.

Finally, make clear in employee training that anyone who suspects a colleague of taking NPI for non-company purposes is obligated to report that suspicion to the Chief Compliance Officer, anonymously if necessary. And let the employees know that not only will immediate termination follow but that the dealership is prepared to swear out a criminal complaint for any such behavior.

A little prevention like the type described in this blog can prevent your dealership from being the next victim of a safeguards breach. And that is a good thing too. A 2016 Verizon study found that among small to mid-size businesses that experienced a data security breach, three out of five went out of business within six months. Exercise diligence and hopefully you can mitigate at least this 36% of your safeguards risk.

0 Comments

TWO RECENT CASES SHOW NEED FOR A COMPLIANCE MANAGEMENT SYSTEM

10/1/2018

0 Comments

Two recent cases, one in Pennsylvania, the second in Arizona, have resulted in or are seeking large monetary damages awards against dealers and their principals personally. Both involved situations in which the dealers failed to have in place a Compliance Management System (CMS). The case already resolved—the one in Pennsylvania—required the dealership to implement a Code of Conduct and CMS to avoid further damage liability.

Both cases involved patterns and practices of unlawful conduct that had been going on for years and could have been prevented by application of an effective CMS. In Pennsylvania, the dealer entered into a deferred prosecution agreement which essentially means that if it takes certain action, it will not be prosecuted further under federal criminal laws.

The Department of Justice (DOJ) sued the dealer and its principal for falsifying loan documents over a period of six years. These actions, if proven, would constitute the felony of bank fraud under federal criminal law. To stave off prosecution, the dealer agreed to pay a monetary penalty of $1.4 million and more than $737,000 in restitution to various finance companies. It also agreed to implement a substantial corporate compliance and ethics program and a vigorous monitoring and audit regime. If it fails to do so, the DOJ will prosecute for the criminal violations.

The second case in Arizona involves the FTC suing a five-store dealer group and its principals personally for falsifying customer income on credit applications and down payments on contracts. This is the first time the FTC has brought a lawsuit against an auto dealer for misrepresenting consumer income to financial institutions. If true, these activities would also violate federal criminal law and likely result in multi-million-dollar fines and penalties against the dealer. Like the dealer in Pennsylvania, the Arizona dealer had no CMS in place and that will be a contributing factor to how the lawsuit is resolved.

What is a CMS and How Do You Implement One?

A CMS begins with a Code of Conduct issued by the Board of Directors or senior management if the dealer does not have a Board. It sets the tone from the top. The first step toward implementation of a compliance program is management’s communication of their commitment and the responsibility of all employees to adhere to the Code of Conduct in all dealings.

The CMS is composed of several elements addressing risks identified by the Board and a Chief Compliance Officer who is appointed to head up the CMS. All aspects of the dealership from manufacturer relations to environmental shop risks need to be reviewed and addressed. Management of risks and controls over process are the essence of a CMS.

It is critical that the dealership establish compliance standards (policies and procedures) that prescribe the internal control framework necessary to provide reasonable assurance of compliance with applicable laws and policies, including those designed to protect consumer privacy during the conduct of dealer activities. Employees will not come forward with complaints or reports of failure to adhere to processes or procedures if they fear retaliation or do not believe their reporting will change anything. For a CMS to work effectively throughout the organization, a formal investigation process and controls must be put into place to assure that non-retaliation, privacy, and a swift change to processes necessary to effect change are implemented and publicized to the employees

Policies and Procedures

High level policies and individual processes and procedures to control compliance risks must be developed and employees need to be trained on overall policies applicable to all employees (e.g., harassment and discrimination prohibitions, complaint or compliance violation reporting and anti-retaliation policies) as well as specific policies and procedures applicable to their positions. So, for example, f & I personnel would need to be educated about Truth in Lending, the Consumer Leasing Act, unfair and deceptive practices and given procedures for the conduct of business in the f&I office such as transparently presenting products and avoiding things like payment packing, discriminating in credit terms offered to customers, and presenting products honestly and fairly to customers.

Managers are the first line of defense in monitoring employees and all required behaviors should be monitored. An example is accessing non-public customer information. Policies would limit permissions to only what an employee needs to do their job and the frequency and nature of customer information accessed would be regularly monitored using data logs and a gatekeeper for paper files. If any spikes in activity appear, the Chief Compliance Officer and appropriate staff would begin an investigation to see if the employee had been compromised or become dishonest personally in stealing customer information. Appropriate safeguards and process improvements would be promptly identified and implemented.

Compliance must be implemented in all new products and programs including by giving the Compliance Officer a “seat at the table” as they are developed. Policies and procedures for implementation follow with monitoring established to ensure compliance or remediate a failure to comply.

Education and Training

Critical to any CMS is a process of training new hires and re-training existing employees on the Code of Conduct, overall dealership policies and procedures that apply to all employees, as well as the policies and procedures that apply to their specific positions. This needs to be an ongoing interactive process. Training and compliance need to be built into performance reviews and promotional decisions. This systemizes the CMS throughout the dealership.

Auditing and Investigation

Periodic audits need to be performed by internal or external auditors of the various controls established as well as reported incidents and matters identified from monitoring. Auditing should be done regularly as well as in response to specific situations. The auditors work with the Chief Compliance Officer, identify process failures and transgressions, and make reports and recommendations to the Board or a committee of the Board for correction and improvement. A periodic review of customer deal jackets is an example of an audit process designed to identify acts or omissions that are out of compliance.

Both the auditors and Chief Compliance Officer should be independent of the business and the business units being investigated. The dealer needs to provide ample resources and access to dealer materials to enable the CMS to function effectively and assess the dealership’s compliance in all areas.

Managing Incidents of Non-Compliance

Compliance incidents, however identified, must be swiftly contained and investigated; and, appropriate corrective action taken. Upon reporting of a potential incident, the dealership must conduct compliance incident management activities by applying the relevant policy, assessing authorities, and/or legal issues, taking corrective action, and responding to the needs of the organization’s internal and external overseers. In addition, the CMS evaluation must identify the root cause and assess the impact of incidents to continuously frame the evolution of the CMS.

A ”root cause” analysis is required to correct an underlying process or failure of control that caused the event. A root cause is a factor that caused a nonconformance and should be permanently eliminated through process improvement. A root cause analysis is a collective term that describes a wide range of approaches, tools, and techniques used to uncover causes of problems.

One approach is to drill down to the root cause by asking a series of “why” questions. For example, if vehicle titles are not getting timely processed, a “why” analysis would look at the timeframes and factors that cause the delays. A solution might be to hire an external titling vendor with contractual assurances of timeliness if information is timely provided. The timely provision of information to the titling vendor would be a change in procedure and a process that could be monitored and audited to make sure titles get timely processed.

Customer Complaints

Regulators require a process for handling customer complaints as part of a dealer’s CMS.

Procedures should be established for addressing complaints, and individuals or departments responsible for handling them should be designated and known to all institution personnel to expedite responses. How complaints are identified and defined is critical, as consumer inquiries may also highlight areas with increased risk of consumer harm and/or regulatory compliance concerns.

Complaints may indicate a compliance weakness in a process, function or department. Therefore, the Chief Compliance Officer should be aware of the complaints received and act to ensure a timely resolution. A compliance officer should determine the cause of the complaint and act to improve the institution’s business practices, as appropriate.

A procedure should also be established for handling garden-variety customer sales or service complaints. The Chief Compliance Officer or his or her staff should log the complaints pursuant to a process and either the Chief Compliance Officer or another dealer senior executive should endeavor to resolve the complaint to the customer’s satisfaction.

Do a cost-benefit analysis of not satisfying the customer in terms of legal fees, bad publicity, low CSI scores, etc. that may outweigh what even unreasonable customer requests entail. Regulators begin investigations with customer complaints, whether or not well founded. Try to resolve complaints with “funny money,” this being free or discounted goods or services. Endeavor to preserve a positive relationship with the customer, one way or another. Use arbitration and pay filing costs if a resolution is not possible as a last resort.

Oversight and Improvement

An effective CMS is a process of constant evaluation. The key is to strive for and demonstrate a process for continually improving on compliance activities and evolving your compliance program and its activities. The Chief Compliance Officer can spearhead this process, but oversight must remain with and be exercised by the Board.

Keep abreast of legal, regulatory and case law developments and change policies and procedures as appropriate. Engage with state and local dealer associations and 20 groups.
Attend compliance update training programs and subscribe to industry publications.

Risks are also not static. Annual (or more frequent) risk assessments should be conducted by Board’s risk/compliance committee and Chief Compliance Officer as business and legal risks evolve. Identify impacted areas. Change policies, procedures and training as appropriate. Enlist managers in making the changes with staff.

Continue to monitor and audit for compliance and respond accordingly even if no complaint has been reported about compliance shortfalls. Continuously improve processes and procedures.

Summary

An effective CMS could have saved the two dealerships described above millions of dollars in fines, penalties, attorney’s fees, and bad publicity. Third parties exist to help you begin or improve your CMS. An effective CMS is a factor that a regulator will consider in deciding whether to bring an enforcement action or assess fines and penalties. It is also a factor to be considered by courts under the U.S. Sentencing Guidelines. While it will involve costs and implementing procedures, the two dealerships described above certainly show the result of failing to have an effective CMS. Begin or enhance your CMS today and your dealership will be better off for doing so.

0 Comments

FTC Active in New Actions Against Auto Dealers for Compliance Violations

8/13/2018

0 Comments

After a period of relative quiet since slapping a Texas dealer for deceptive advertising in January 2018, the FTC recently launched two aggressive actions against auto dealers. It certainly seems like the FTC has auto dealers in their headlights and is enforcing compliance on violations it has not aggressively pursued in the past.
New Used Car Guide Sweep
The first initiative was a 20 -state sweep in partnership with local law enforcement authorities for compliance with the new Used Car Rule. The FTC amended the Rule and published a new Buyer’s Guide form in November 2016. It requires the new Buyer’s Guide to be conspicuously placed on all used vehicles for sale. The mandatory compliance date was January 28, 2018.
In their sweep, the FTC and its partners conducted on site reviews of 94 dealers and found that only 14 had the new Buyer’s Guides on all their used vehicle sales inventory. That’s less than 15%. 33 had the new Guides on half of their used cars and the remaining dealers did not. Not good.
According to the FTC,
“Following the sweep, the FTC sent letters to each dealership detailing the results of the inspections and providing material to help them come into full compliance with the amended Rule. Over the coming weeks, dealerships that were not displaying the revised Buyers Guide can expect follow-up inspections to ensure they have brought themselves into compliance with the amended Rule. Under the FTC Act, dealers who fail to comply face penalties of up to $41,484 per violation. State and local law enforcement agencies also enforce the recently amended [Used Car] Rule.”
Several years ago, when the penalties were only $16,000 per violation, another sweep and follow-up led to the FTC fining an Arkansas dealer $88,000 for not displaying Used Car Buyer’s Guides on its used vehicles. Expect more sweeps and higher fines for those dealers that do not have the new Buyer’s Guides on all, or substantially all, of their used vehicles that are offered to the public for sale or lease.
The new Used Car Buyer’s Guide focuses on dealer warranties and there are two forms. One for states that permit “as is” sales disclaiming all warranties and one for states that do not permit disclaimer of implied warranties. You can find the English version of both forms at https://www.consumer.ftc.gov/articles/pdf-0083-buyers-guide.pdf
Remember that if you conduct the sale in Spanish, you must use a Spanish version of the Used Car Buyer’s Guide. You can find these at https://www.ftc.gov/es/system/files/documents/plain-language/cfr_buyers_guides_spanish_form.pdf
It is not required but it is a good idea to get the customer to sign the Buyer’s Guide acknowledging receipt. The FTC allows you to put a customer signature line on the back of the Buyer’s Guide provided it is preceded by the following words: “I hereby acknowledge receipt of the Buyer’s Guide at the closing of this sale.”
The FTC’s Initiative Against Falsifying Credit Applications and Deceptive Advertising
This past month, the FTC filed a lawsuit in a federal court in Arizona seeking injunctive and monetary relief against a four-store group. They also sued the principals of the group in their personal capacities. That alone is an important reason to take notice of this lawsuit.
The FTC had never brought an action against dealers (or their principals) who falsify credit applications such as, in this case, by inflating customer’s income and down payments to get deals funded by lenders. One of the four stores was found to have inflated income or down payment amounts 44% of the time! And it wasn’t nickel and dime stuff. One customer cited by the FTC told the dealership she had a fixed monthly income of about $1,200, but a dealer’s staffer allegedly inflated it to $5,200 in the paperwork.
The complaint also charges that the defendants often used tactics that prevented people from reviewing the documents. The dealer’s personnel allegedly rushed some consumers through the process; had them fill out forms over the phone or in places like grocery store parking lots or restaurants; or altered the documents after consumers signed them.
This behavior went on for several years until one lender that experienced a disproportionately high default rate from the dealer’s customers did an audit and uncovered the schemes.
The dealer group was also charged with false advertising. The first thing the FTC looks at in dealer advertising is whether “triggered terms” required by federal Truth in Lending (“TILA) and the Consumer Leasing Act (“CLA”) were made in the ads. In many instances, they were not and that creates another unfair or deceptive practice.
As a refresher, in credit sales, if you advertise any payment amount, the term, amount or percentage of down payment, or the amount of any finance charge, then you must include (the triggered terms) the APR or annual percentage rate using one of those terms, the down payment, and the terms of repayment.
For leases, if you advertise the amount of any payment, a statement of any capitalized cost reduction or even that no up front payment is required ($0 down), then the triggered terms you must advertise are the fact the transaction is a lease, the amount due prior to lease signing or delivery, the number, amount and due dates of payments, and whether or not a security deposit is required.
The FTC always starts by looking for triggered terms in an ad. In this case, they also found that deceptive advertising took other forms. For example, one YouTube ad claimed the featured car “can be in your driveway for only $169 per month.” In fact, consumers can’t buy that car for the advertised monthly payment. That amount applies only to a lease. What’s more, the FTC says the ad didn’t clearly disclose that to get that monthly payment, consumers must shell out $2899 plus other fees at lease signing.
Then there’s the online ad where the company touted an “incentive” discount of $5,250. But buried behind multiple hyperlinks was the fact that the discount was available only to consumers who trade in a 1995 or newer vehicle or terminate a lease from another car company 30 days before or 90 days after delivery. In addition, the lawsuit charges that the dealer’s social media posts failed to disclose required triggered terms.

Takeaways
These two initiatives will almost certainly result in some huge monetary penalties against select dealerships. And both initiatives show that the FTC is prepared to go into new areas and partner with State Attorneys General and other local law enforcement to assemble data against rogue dealerships. You don’t want to be one of those rogue dealerships. Here are some strategies you might want to think about using:

Make certain that the new Used Car Buyer’s Guide is attached to every used vehicle that is being offered for sale on the lot and keep vehicles without the Guide in an area where customers cannot get to them.
Get a hand or electronically completed credit application from each customer and make sure there are no changes made. If a customer wants to change something on the credit app, get them to fill out a new one.
No deal is worth incurring the ire of the FTC. The FTC gets its dealer list to investigate from consumer complaints, referrals from agencies like the Better Business Bureau, and state and local law enforcement. Implement a mediation process so aggrieved customers don’t go to these sources and weight the process in the customer’s favor. An arbitration clause is not binding on the FTC.
Understand the FTC does “mystery shopping” of the entire car buying experience from initial contact to final delivery. Treat every deal as though an FTC officer were sitting across the table because they may be doing so. Honesty, transparency, and doing the right thing for the customer should be a part of your dealership’s operating philosophy.
Remember that fines have increased from $16,000 per violation to $41,484 per violation. FTC settlements in the past year have frequently exceeded $1,000,000 in fines, penalties and customer redress. Something to think about when trying to squeeze the customer in the F&I office.

“Buying a car is one of the biggest purchases consumers make. When consumers tell an auto dealer how much they make and how much they can pay upfront, the dealer can’t turn those facts into fiction,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “The FTC expects auto dealers to be honest with consumers from the first advertisement to the final purchase.”

0 Comments

Congress Repeals CFPB Auto Finance Guidance: The Compliance Implications for Auto Dealers

6/29/2018

0 Comments

On May 21, 2018, President Trump signed legislation passed by Congress to repeal the Auto Finance Guidance issued by the Consumer Financial Protection Bureau (“CFPB”) in March 2013. The legislation prohibits the CFPB from issuing similar rules or regulations without first obtaining Congressional approval and is a win for auto dealers and lenders everywhere.

The Guidance was an attempt by the CFPB to do an end run around the agency’s lack of authority over auto dealers. By using flawed statistics to claim that dealers and the lenders who bought their consumer finance agreements charged higher APRs (the sell rate) to protected classes of people (race, color, religion, national origin, sex, marital status, age or because a person receives public assistance), the CFPB alleged lenders (over which they do have supervisory and enforcement jurisdiction) violated the Equal Credit Opportunity Act (“ECOA”). Their theory was a “disparate impact” credit discrimination where there is no need to show intent to discriminate, only a negative result in credit terms to protected persons. Disparate treatment requires showing an intent to discriminate.

The Practical Effect of Repealing the Guidance

So, what does the repeal of the Guidance mean for dealers? Is “disparate impact” credit discrimination no longer prohibited? Have ECOA standards for showing discrimination been relaxed? Can dealers let up on documenting their lack of variable pricing to customers from which a disparate impact can be inferred?

The answer is no. ECOA is still the law and the Guidance merely consisted of the CFPB’s interpretation of how rate participation was allegedly abused to cause a disparate impact resulting in higher APRs on protected persons. The U.S. Supreme Court declined in 2015 to rule that “disparate impact” is not a viable cause of action under ECOA. But it will be another agency, not the CFPB, or a private plaintiff that brings the charge. What are some of those agencies?

Start with the U.S. Department of Justice (“DOJ”). The DOJ could make assertions like those in the Guidance, either alone or in concert with federal banking regulators or the FTC, although the 2015 U.S. Supreme Court case made the standard of proof higher. Nevertheless, lenders will continue to be sensitive to the issue and many will continue to want dealers to demonstrate to them that they have a Fair Lending Policy in place (such as the NADA/NAMAD/AIAD Fair Credit Compliance Policy and Program) (“NADA Program”) and can document a “legitimate business reason” for varying a standard dealership rate participation amount to a lower rate because a legitimate business reason is a defense to a disparate impact charge.

The FTC can refer ECOA violation charges to the Department of Justice to bring a civil action for actual or punitive damages and injunctive relief. Actual damages and punitive damages are not to exceed $10,000 per violation. Class action damages are available up to the lesser of $500,000 or 1% of the dealer’s net worth.

Twenty state Attorneys General (“AGs”) indicated they will continue to enforce the Guidance as written in their states as well. Those AGs have direct supervisory and enforcement jurisdiction over your dealership and the Dodd-Frank Act which established the CFPB gives AGs the authority to enforce federal laws such as ECOA as well as state laws. States also have anti-discrimination laws that may be broader than ECOA in terms of the categories of protected persons and provide a lower standard of proof to make a disparate impact credit discrimination claim. State law damages are in addition to federal law damages such as those permitted by ECOA. Most state laws also require a defendant to pay the plaintiffs’ attorney’s fees.

Consumer groups are also taking up the cause. The AFL-CIO and a group of pro-consumer organizations such as the Committee for Better Banks are sending letters to and appearing at Santander Bank’s annual meeting to press the bank to end dealer markups to prevent racial discrimination in auto lending. It can be expected that they will send similar letters to other banks and bank regulators and press a legislative agenda both in Washington and in the statehouses.

“In addition to harming consumers, the racially disparate impact of indirect vehicle lending creates risks to the company’s reputation and exposes the company to potential legal liability,” the AFL-CIO and its partners said in a draft letter provided to Bloomberg News.

The legal liability can also come from plaintiffs’ class action lawyers. Aggrieved consumers have the right to bring actions under ECOA for credit discrimination of any type. While the burden of proof may be higher in the aftermath of the Supreme Court’s 2015 ruling, the costs to defend a class action can be staggering and a successful plaintiff can recover its attorney’s fees and court costs in addition to the damages referenced above.

What’s a Dealer to Do?

First of all, it is important to understand that the liability risk is not diminished by the repeal of the Auto Finance Guidance. The repeal did not affect the requirements of ECOA and the FTC, State AGs, and other parties described above can still bring an action against a dealer for disparate impact credit discrimination if they have reason to believe you are not pricing all customers in a non-discriminatory manner. Lenders will continue to monitor and audit you as well.

If you have established and implemented the NADA Program, continue to monitor and document all finance transactions and note the legitimate business reason any transaction’s APR falls below the standard dealership participation rate. Keep this documentation in the deal jacket as it will be your best defense if a lender or regulator seeks an audit. Be prepared to defend your legitimate business reasons for giving some customers sell rates that are marked up less than other customers.

You can’t legally keep a record of the race or other protected characteristics of a buyer, but you can use the NADA Program to show you treat all persons the same. You give them what you establish as the dealership standard rate participation and adjust it downward (never upward) only when there is a legitimate business reason to do so. The NADA Program lists several legitimate business reasons but there are others you should review with your attorney and include them on the list if acceptable as well.

If you have not implemented a fair lending program, now would be a good time to do so. The NADA Program is available for download online at https://www.nada.org/WorkArea/DownloadAsset.aspx?id=21474838176.

The NADA Program contains a model policy and forms to use. NADA provides online training assistance to its members as well. So do third party compliance providers who may also be able to help you implement your program and policy. With entities such as the AFL-CIO pressuring banks and regulators, it is important that you be able to defend your practices and the NADA Program is the best way I know to do so.

If you have never received a lender’s fair credit audit request or an inquiry by a regulator, consider yourself fortunate. It is very likely to happen at some point in the future. By having the NADA Dealer Participation Certification Form in your deal jackets, you will stand an excellent chance of not having to go through the time and effort that many dealers did in the aftermath of the CFPB’s issuance of the Guidance when lenders were all over dealers about “disparate impact” and compliance.

It was great to see the Congress repeal the Guidance but don’t get complacent about compliance. Do the right thing and follow your anti-discrimination policy and document your doing so. A little time now can save a lot of time and money down the road.

0 Comments

USING 20 GROUPS TO ENHANCE DEALER COMPLIANCE PRACTICES

5/3/2018

0 Comments

20 Groups and dealer trade association meetings can be a great source to obtain information on compliance requirements and best practices. Many aspects of not only business but compliance as well are moving very quickly and your fellow dealers or trade associations can be a good source for what is happening in the real world.

First, a caveat. Discussions among competitors always present an antitrust risk and, for that reason, a knowledgeable antitrust lawyer should be present at the meeting. Discussing best practices for compliance with federal and state laws should not be considered to be any type of conspiracy in restraint of trade but sidebars and other issues that come up may cross the line. Trade association meetings generally have counsel present and your 20 group meetings should as well.

Many compliance issues such as Safeguards programs and Red Flags Identity Theft Prevention Program are risk-based. Assessing risks includes learning the experiences of similarly-situated dealers in your area or elsewhere. Here are some topics that your next 20 Group meeting might want to address to enhance everyone's compliance and risk mitigation especially in this age of regulator activism and real world threats.

Red Flags and Identity Theft Risks - Identity thieves tend to zero in on communities for a short time and use new tricks and deceptions to finance a vehicle. A dealer in Long Island, NY sold and financed a $61,000 Range Rover to an identity thief whose picture was published in a local community newspaper. The thief used a fake New Jersey driver’s license and obviously beat the dealer’s red flags program. It is not known if this individual attempted identity fraud with other dealers but it is certainly a possibility. In Nevada, dealers reported a ring of identity thieves that had two common threads: all of them wanted to buy two vehicles and all came in late in the day or at night.

Equifax’s 2016 data breach of 144 million U.S. residents has made identity fraud a much greater risk with all that information published on the dark Web. As your fellow dealers experience attempted identity theft, sharing the ways, times, and patterns of attempted identity fraud purchases can only help you refine your own Red Flags program and be less likely to become victimized.

Safeguards - Hackers and fraudsters are always staying one step ahead. Zero day attacks are launched every day before security protection software can identify and prevent them. What types of attacks are your fellow dealers seeing? Since the majority of data breaches are caused by socially engineering end users to click on phishing links, reveal passwords, or download malware-laden software, what types of emails and social media schemes are being seen? Are any risks being identified with widely-used DMS systems and what are the solutions? What software and training programs have your members found to be effective? Attempted hacking occurs daily and your 20 group counterparts can be an invaluable source for steps to take or training to incorporate so the hacks can be identified before becoming successful.

Regulator and plaintiffs’ attorney concerns - Most dealers get periodically audited by regulators, particularly State Attorneys General ("AGs). What issues do the regulators seem particularly concerned about? What alleged advertising shortfalls are they citing?

IN 2015, the New York AG shut down an aftermarket credit repair service called Credit or Forget It. Since then, the New York AG has brought a number of enforcement actions against dealers who sold the product, including ordering one dealer to pay in excess of $13 million and two dealers to pay in excess of $1 million in fines and restitution for allegedly payment packing the product to consumers. The aggressive nature of an AG towards particular products or processes is something all dealers should become aware of to guide their own conduct.
The Arizona Attorney General shut down two dealerships and banned their principals from engaging in the auto business in Arizona for unfair and deceptive practices consisting largely of deceptive advertising.
The New York City Department of Consumer Affairs issued regulations concerning used cars that effectively prohibit spot deliveries, provide a 2-day right of consumer cancellation, and other such pro-consumer provisions. Discussing what those regulations do and do not allow can be helpful in dealers avoiding inadvertent violations in a very pro-consumer venue.

The Pennsylvania AG has set up his own mini-CFPB division and the Massachusetts AG has been particularly active in auto financing. The Massachusetts and Delaware AGs entered into a $22 million settlement with Santander Consumer USA essentially for buying dealer contracts with very high default rates. The AGs concluded that this showed Santander was financing car purchases without having a reasonable basis to believe that buyers could afford them which constituted an unfair and deceptive practice.

Shortly after President Trump appointed Mick Mulvaney as the interim CFPB Director, 17 State AGs sent a letter of protest to the President promising that if the CFPB tempered its watchdog behavior, the signing state AGs would "redouble [their] efforts at the state level to root out. . . misconduct and hold those responsible to account."

The Department of Defense’s December 2017 interpreting the Military Lending Act (“MLA”) to apply if GAP and credit insurance products are sold to MLA covered borrowers is another subject that dealers needed to get a handle on quickly given the punitive consequences of not complying with MLA requirements. See our article in this blog for more information on this MLA interpretation.

How about plaintiffs’ attorneys?

It seems that plaintiffs’ lawyers go on suing sprees after conferences and meetings where war stories of success against dealers are publicized. Apart from routine customer disputes, are dealers seeing a pattern of claims and suits such as occurred several years ago after the FCC issued a rule that made sending commercial text messages to a cell phone without a prior written signed consent from the recipient containing magic words a violation of law? With that rule, every noncompliant marketing text message triggered a potential penalty of $1,500 and one large dealer group paid in excess of $2.3 million to settle a class action.

Legislative Affairs - At any given point during a state legislative session, bills that can directly or indirectly affect auto dealers are pending in the state house. It is a good strategy to ask the local dealer association legislative affairs expert to make a presentation to your 20 group to identify such legislation and advise if action such as personal visits to legislators is desirable. The plaintiffs’ bar always has its people working to fit what they consider to be pro-consumer legislation into transportation and appropriations bills. No one wants to get blindsided so make some review of legislative issues a must any time your state legislature is in session.

Manufacturer Issues - You need to be a little careful here lest a manufacturer claim an antitrust violation but many actions of manufacturers can be fair points for discussion. An example is ads that manufacturers push to dealers that touch on credit issues, a subject that I have found few manufacturers understand let alone prioritize. A manufacturer sells vehicles, a dealer sells vehicles and credit and the potential for unfair or deceptive advertising in credit advertising is not something you can count on manufacturers or their ad agencies to address.

One example is conditioning vehicle price discounts on credit standing. I’ve seen many manufacturer ads that require customers to finance with their captive to be able to take advantage of pricing discounts on vehicles. This is not the same as offering discounts to recent college grads or veterans. Under federal Truth in Lending, the additional sums paid by credit-challenged customers (the lost discounts) who are declined by the captive and financed by another lender at the dealership can be considered a prepaid finance charge and must be disclosed as such and factored into the APR. A better approach is to condition the discount on financing through the dealership. This will avoid the circumstance of a consumer losing a credit-based discount if the dealer needs to use a subprime or other lender to finance the consumer without the discount.

Compliance events move quickly and keeping your 20 group members in the loop or brainstorming what compliance requires can be a valuable way to avoid being defrauded by identity fraud or a data breach, or penalized by a regulator for unintended consequences. Make compliance a topic for your 20 group meetings and all participants should benefit from doing so.

0 Comments

IMPLICATIONS FOR AUTO DEALERS IN THE AFTERMATH OF CFPB DIRECTOR RICHARD CORDRAY'S RESIGNATION

2/20/2018

0 Comments

Most of us in the auto finance industry were very happy to see Consumer Financial Protection Bureau (CFPB) Director Richard Cordray resign his position. Despite Cordray's effort to replace himself with a consumer activist clone, the federal courts have affirmed President Trump's appointment of Mick Mulvaney as the Acting Director pending a successor Director being confirmed by the Senate.

Mulvaney's approach to the enforcement powers of the CFPB is quite different from Cordray's. Most significantly, Mulvaney has expressed strong doubts about Cordray's philosophy of regulation by enforcement, the practice by which a target company doesn't know they violated any law or regulation until the CFPB shows up with an enforcement action claiming they did so. We are more likely to see traditional Administrative Procedures Act rulemaking processes of the CFPB publishing notice of proposed rules, giving an opportunity for all affected constituencies to provide comments, and then issue final rules taking the comments into consideration. There is also no indication that Mulvaney will continue Cordray's active efforts to indirectly regulate franchised auto dealers.

The FTC's More Aggressive Role Against Dealers

But that doesn't mean dealers can ease up on compliance activities. The Federal Trade Commission (FTC) became a much more aggressive agency pursuing auto dealers during the past several years and there is no indication that this trend is going to abate. Last year, the FTC entered two consent decrees with auto dealers, imposing penalties of $2.4 million against one dealer and $1.6 million against another. Penalties for FTC Act Section 5 unfair and deceptive practice violations also increased from $16,000 per violation to $40,654 per violation.

Primary violations cited by the FTC consist of unfair and deceptive advertising. Advertising is perennially at the top of the FTC's list of unfair and deceptive dealer practices. The first thing the FTC typically looks at in an ad is whether "triggered" terms required by federal Truth in Lending or the Consumer Leasing Act are clearly and conspicuously disclosed. For credit sales, among other things, if you advertise payment amount, term of payment, or down payment, then you must disclose the others of these along with the APR (advertising APR alone is not a triggering term). For leases, if you advertise payment amount, lease term, the amount due at signing or any capitalized cost reduction, you must disclose the transaction is a lease, the full amount due at lease inception (all-in except for tax and registration), lease payment amounts, and lease term, along with whether or not a security deposit is required. Scrolling or mouse-type disclosures don't cut it. Required disclosures must be such that a reasonable consumer can read and understand them.

One of these cases also marked the first time the FTC had fined a dealer for what it called "yo-yo financing," a term used by consumer advocates for spot deliveries. The FTC also issued a blog to auto dealers, "Don't toy with yo-yo financing." In the blog piece, the FTC described the practice as "Some buyers told us that they financed a car through a dealership, signed a contract, and drove the car home, only to be told that the financing didn't go through and they had to sign a new deal or lose their down payment. There’s a name for that: it’s called a “yo-yo” financing tactic." It was one of a handful of unfair and deceptive practices in the $2.4 million fine case and, given the absence of any FTC prior rule on spot delivery practices, may indicate that regulation by enforcement is very much alive at the FTC.

Payment packing also was cited by the FTC in dealer enforcement actions in 2017. In one case, the dealer was accused of preprinting contracts or addenda with GAP, extended service contracts, vehicle etch or other aftermarket products and indicating either they were required to obtain credit or were free to the consumers.

The FTC described one dealer's payment packing process as follows:

                Information about the add-on products is often included in a stack of lengthy, complex, highly technical documents presented at the close of a long financing process after an already lengthy process of selecting a car and negotiating over its price. Consumers report that Defendants’ employees, in numerous instances, have rushed consumers through the closing process and        have simply indicated to consumers where to sign. In some cases, Defendants have obtained          consumer signatures purporting to indicate assent to purchase add-on products even though                 consumers did not, in fact, authorize the purchase. For instance, a third-party audit found that Defendant . . . required consumers to sign for GAP and service contracts regardless of whether         the consumers were actually purchasing the add-on products. The third-         party audit also found    that other dealerships were having consumers sign blank documents.

The FTC has field agents posing as consumers on site to identify unfair and deceptive practices. For example, a dealer in Arkansas was fined $89,000 for not having Used Car Buyer's Guides displayed on all of its vehicles on its used car lots.

The FTC has an excellent Web site that summarizes its policies and positions on auto dealer conduct and is especially valuable in the advertising context. The site is:

https://www.ftc.gov/tips-advice/business-center/selected-industries/automobiles

Check it regularly to make sure your activities are within FTC guidelines.

State Attorneys General - Your Local Regulator On the Scene

State Attorneys General (AGs) have made clear that they intend to take up the activist consumer protection activities established by the CFPB. The state AGs have tools at their disposal to help them fill any void that may be left by scaled-back CFPB enforcement. The Dodd Frank Act grants state AGs the ability to enforce the Dodd-Frank Act and regulations promulgated under the Act’s authority against entities within their jurisdiction. Section 1042 authorizes state AGs to secure the remedies provided by the Dodd-Frank Act, which include civil money penalties of up to $1 million per day for knowing violations of law. While AGs must give notice of their intended actions to the CFPB and any prudential regulators, the CFPB does not have the power to veto any proposed AG action but only the power to intervene. Several other federal laws such as Truth in Lending and the Fair Credit Reporting Act give State AGs the right to enforce certain provisions as well.

State unfair and deceptive practice laws offer another alternative for relief with penalties in some states that vastly exceed those under federal laws and allow for private rights of action as well. A somewhat dated but good starting place to learn the laws of your state is maintained by the National Consumer Law Center, a consumer activist think tank, at the following Web sites:

https://www.nclc.org/images/pdf/udap/analysis-state-summaries.pdf
https://www.nclc.org/images/pdf/udap/report_50_states.pdf

Pennsylvania has effectively established its own mini-Consumer Financial Protection Bureau under its State AG and Maryland is pursuing a similar initiative. Other states have also been active against auto dealers:

·         New York: AG Eric Schneiderman has prosecuted and settled with dealers for over $15 million in the past three years for deceptive advertising and aftermarket product selling and has convicted a dealer of felony charges regarding the burial of hazardous waste. The New York AG also settled two payment packing suits in December 2017 for restitution totaling $1.6 million. Since 2015, he has obtained more than $17 million in restitution and penalties as part of his office’s crackdown on the practice of “jamming,” or payment packing.

· Massachusetts: The Massachusetts AG entered into a $13 million settlement regarding GAP.

· Washington: The Washington AG sued and settled with a dealer for discriminating against Spanish consumers, misrepresenting finance terms, interest rates, title branding and warranties. The dealer paid $250,000 in its settlement and was forced to provide Spanish translated contracts in the future.

· Delaware and Massachusetts: The Attorneys General of these two states settled with a major financing source for $26 million regarding purchasing retail installment sale contracts for thousands of consumers who could not afford them. These contracts were all originated by auto dealers.

·   Missouri: The Missouri AG settled with a used car dealer for failing to provide titles and complete repair work under service contracts. The dealer will pay $38,067 in restitution to 23 consumers with a potential for an another $46,000 in fines. Additionally, for the next five years, the dealer principal will be prohibited from selling or leasing motor vehicles; accepting any payment for any work selling, leasing or purchasing any motor vehicles; and owning, operating or controlling any businesses engaged in buying, selling or leasing of motor vehicles.

· New Jersey - A New Jersey used car dealer was ordered to pay $693.645.91 in restitution, penalties, and attorney's fees for, among other things, advertising used motor vehicles for sale without disclosing to consumers the vehicle’s prior damage or prior use; selling vehicles “as is” when they qualified for a warranty; and permitting third parties to advertise, offer for sale and/or sell used motor vehicles on Craigslist that were titled to the dealer.

An association of Democratic Attorneys General has made clear that it intends to fill any gap resulting from decreased enforcement by the Trump Administration. DAGA stands for the Democratic Attorney General Association and its statements on its website tell you their goals:

“Our Democratic Attorneys General provide crucial checks and balances on a new federal administration that often refuses to follow the rule of law.”

“Democratic Attorneys General Are The First Line Of Defense Against The New Administration.”

Summary

In case you haven't noticed, the fines and penalties for enforcement violations have multiplied geometrically from years back when $10,000 to $50,000 was more of the norm. Assume six to seven figures plus attorney's fees, management time, and customer ill will as additional costs from a regulatory enforcement proceeding. And the regulator you will probably most often see is your state AG. State AGs have and continue to consider dealer advertising and other misconduct as the "low hanging fruit" to fill state coffers. Consumer complaints, BBB complaints, notices from competing dealers and referrals from the CFPB and FTC who operate online complaint lines are ways that State AGs identify potential targets.   Make sure your Compliance Management System (CMS) has a procedure for addressing and resolving consumer complaints and give the consumer the benefit of all doubts. Easier and more reasonable to pay several hundred or even several thousand dollars to an aggrieved consumer than having a regulator question the transaction and poke around for others in a compliance exam.

So make sure you have a comprehensive CMS and audit the processes and procedures so you can demonstrate your good faith compliance to a regulator. The CFPB may be off the board for a while but the FTC and your State Attorney General are more than making up the enforcement of federal and state consumer protection laws. Be forewarned and forearmed.

0 Comments

DEPARTMENT OF DEFENSE MILITARY LENDING ACT INTERPRETATION PROVIDES RISK TO SELLING GAP TO SERVICE MEMBERS AND DEPENDENTS

12/27/2017

1 Comment

The Military Lending Act ("MLA") is a law enacted by Congress in 2006, and amended in 2013, to protect the rights of service members in certain types of financial transactions. As originally crafted, the MLA covered three types of consumer credit: payday loans, auto title loans, and tax refund anticipation loans. That changed in 2013 when the MLA and regulations were broadened to cover consumer credit generally except for mortgages and certain exempt transactions which include purchase money auto financing secured by the vehicle. The MLA final rules and regulations are issued by the Department of Defense ("DOD") but enforced by the Department of Justice, the Federal Trade Commission, and the Consumer Financial Protection Bureau.
Under the revised DOD regulations effective October 3, 2016, the auto finance exemption covered financing of vehicles and vehicle-related products and services. It has been generally understood that credit insurance and GAP relating to the vehicle financing do not bring the transaction outside of the auto financing exemption. However, if non-auto finance-related items were financed in the transaction, such as would be the case, for example, if the customer took a large amount of cash out of the financing, then the transaction would be covered by the MLA.

What the Military Lending Act Requires
If a transaction is subject to the MLA, federal regulations require detailed disclosure requirements, both written and oral, as well as the calculation and disclosure to the covered service member of a "military APR" in addition to the customary Truth in Lending ("TILA") APR. The military APR adds a lot more things into the "finance charge" and hence the APR calculation such as fees, aftermarket products, GAP costs, and credit related insurance premiums. If including these things along with traditional finance charges creates a military APR of over 36%, the transaction is void and prohibited.

Mandatory disclosures under MLA regulations.
In addition to disclosing both the military APR along with the TILA APR, you must disclose in writing "a clear description of the payment obligation." The regulations also give a 110-word model statement essentially describing the military APR. This, or some substantially similar disclosure, must also be given. Additional oral disclosures (which may be made either personally or by using a dedicated toll-free telephone number) are another requirement. If you use the toll-free number, its number must be on the credit application or the written disclosures. In either event, you will need to effectively document your giving the written and oral disclosures in the deal jacket.
If this seems like a difficult process for your everyday sales or f & i manager, you are correct.
It is also difficult to identify who is a "covered borrower" under the MLA to whom the law applies The term is not synonymous with the general definition of “service members” and their dependents under the Service Members Civil Relief Act (e.g., dependents are more broadly defined for purposes of the MLA).
However, there is a “safe harbor” way to determine whether an individual is a MLA covered borrower. The individual can be checked against the DOD’s online database (for new transactions only) at https://mla.dmdc.osd.mil/mla/#/home and then link from there to https://mla.dmdc.osd.mil/mla/#/single-record for entry of one person. Alternatively, a dealer can get the person’s status as an MLA covered borrower from a national consumer reporting agency in connection with their credit report. Check with your credit report provider who may impose an additional charge for this notation but getting the covered borrower status on a credit report seems to be the easier way to go.

Department of Defense Changes to MLA Motor Vehicle Financing Exemption
On December 14, 2017, the DOD issued its second interpretation of the Military Lending Act. Its first interpretation which took effect October 3, 2016 issued revised regulations in response to MLA statutory amendments in 2013. As noted above, it effectively clarified that the exemption from the MLA for purchase money auto financing credit secured by the vehicle generally included within the exemption advances for financing items related to the vehicle which included credit insurance and GAP.
DOD’s second interpretation indicated a transaction was exempt from the MLA “that finances the [vehicle] itself and any costs expressly related to that [vehicle]. . . provided it does not also finance any credit-related product or service.” This means if the auto financing transaction includes GAP or credit insurance, the whole transaction is arguably outside of the exemption and subject to the MLA. The DOD further stated that its second interpretation did not change the original regulations that took effect in October 2016, but merely stated DOD’s "pre-existing interpretations an existing regulation." This puts at risk any vehicle financing transaction beginning October 3, 2016 that financed credit insurance or GAP for an MLA covered borrower but which does not comply with the MLA’s extensive disclosure requirements or fails to disclose the “military APR” complex calculation which is capped at 36%.

MLA Penalties for Non-Compliance
Since financing of credit insurance or GAP now may put a transaction outside of the MLA exclusion for purchase money auto financing, substantial penalties for violating the MLA could apply to non-MLA conforming transactions, both looking back to October 3, 2016 and looking forward. These penalties include federal criminal misdemeanors imposing fines and up to one year in prison for knowing violations; voiding of contracts from inception; civil liability of actual damages or $500 statutory damages recoverable in class actions; punitive damages; costs and attorney’s fees. The MLA expressly forbids and will not enforce arbitration clauses and requires other protections for the MLA covered borrower as well.

Possible Actions in Response to the DOD's December 2017 Interpretation
Until legislative, judicial, or agency clarification can be obtained, it appears dealers have two options. One is to simply not offer credit insurance or GAP to any customer which will avoid the MLA problem totally.
The second alternative is not to offer credit insurance or GAP to MLA covered borrowers. This means you will have to check every customer using one of the "safe harbors" described above (DOD MLA site or a credit report indicating the person's MLA status) before selling them GAP or credit insurance. Do so at the time the consumer submits a credit application or within 30 days earlier if, for example, you are doing a pre-screening mailing. Document your doing so in the deal jacket.
At least 11 states have military anti-discrimination statutes. Each state interprets its law differently. In response to a claim of military discrimination for not selling GAP to MLA covered borrowers, the dealer could argue that it has a legitimate business interest in not doing so. The legitimate business interest would be not wanting to incur the excessive compliance costs imposed by the federal government (principally oral disclosure requirements and calculation of the military APR) to be able to sell these products to MLA covered borrowers. I don't believe this argument--which derives from successful cases under the federal Equal Opportunity Act charging disparate impact discrimination on federally protected classes of people--has been tested under any state's anti-military discrimination act case. Plus each state's law is different. Consult your local attorney or compliance professional on the law in your state to get a sense of whether a "legitimate business interest" is a defense to alleged credit discrimination against protected military members under your state's law.

Summary and Conclusion
There are good arguments to be made that the DOD exceeded its authority in issuing the December 2017 interpretation and trying to make it retroactive. It did not publish proposed regulations or seek comments for this new "interpretation" which sure seems like a regulation. It's attempt to give it retroactive effect is also very dubious. These arguments, and others, will be raised in court cases or before the agency. But you don't want to be the one who has to incur the expense to do that.
I think the approach of offering GAP and credit insurance to every customer except a safe harbor-checked MLA covered borrower is the best business approach, subject to a state anti-military lending discrimination statute that might suggest otherwise. The legitimate business defense in not incurring the compliance cost and burden of MLA transactions seems reasonable to me.
Also, lobby your Congress people and state legislators on this one. Dealerships near large military bases stand to lose a lot of revenue if the DOD's interpretation is legitimized. I know NADA will work this issue hard in Washington and hopefully a more rational interpretation that GAP and credit insurance on a vehicle financing transaction do not risk the auto financing MLA exemption will prevail.

1 Comment

<<Previous

Forward>>

Author

Randy Henrick is a leading auto industry compliance consultant. This article is not intended as legal or compliance advice due to the unique nature of a dealer's situation in each state. Randy's articles do provide issues and best practices that you may want to discuss with your attorney or compliance advisor for possible adoption in your dealership. Email Randy at AutoDealerCompliance@gmail.com
Follow us on Twitter @randyh44

​

Author

Archives