Planning a Compliance Program for Sales and F&I - First Steps
Planning a Compliance Program for Sales and F&I - First Steps

Compliance is an extremely broad term and applies to every area of a dealership. The NADA has produced a rather bone-chilling diagram of each department of a dealership and what laws apply to each of these departments. Every dealer, franchise or independent, should have a copy of the NADA publication, The Regulatory Maze.

Download "The Regulatory Maze" Here »

The diagrams demonstrate that the regulatory burdens visited upon dealers are wide and deep. Dealers may be the most regulated industry in the U.S. And, of course, government continues to believe that its role is to govern by increasing the regulatory burden and never rolling back regulations, which have outlasted their relevance or purpose. All these laws illustrated in The Regulatory Maze must be observed by dealers.

However, the most likely area where dealers will get sued, centers around consumer-facing matters. In other words, sales and F&I are the most troublesome. The reason for this is quite simple. Consumer law is drafted to favor consumers versus merchants. Consumer protection laws are fertile ground for enforcement actions because they raise the degree of responsibility for dealers. Government agencies and private plaintiffs consistently focus upon consumer issues.

The purpose of this article is to address initial steps only regarding a compliance program for sales and F&I.

When law students attend law school they are quickly taught to focus on the key issues. Every student learns the acronym “IRAC” (Issue, Rule, Application, Conclusion). In other words, identify the key issues, match them with the correct law, analyze how the law applies, and reach a conclusion. Is there a cause of action and what would be the result?

The same thinking applies here. How should a dealer structure its compliance program to mirror the most likely risks?

Think Conceptually

The first step is to think conceptually. Dealers should establish a compliance program that will address current issues and be flexible enough to address future ones.

Enter the Compliance Management System (CMS), which is required for some organizations by the Consumer Finance Protection Bureau (CFPB). Representatives of the CFPB have already stated that such a program should be implemented by dealers. But, franchise dealers are not under the CFPB’s direct supervision. Nevertheless, franchise dealers should implement a CMS, as it makes good business sense. The idea of a CMS relates to legal obligations dealers presently have due to the Safeguards and Red Flags Rules, which necessitates that all dealers must implement these two programs and appoint a compliance officer. Dealers should build upon this concept and establish a permanent CMS. Since it is highly likely that compliance requirements will continue to increase and be demanded of dealers, creating a long-term solution for these compliance demands, is quite prudent. A CMS would be that solution. A CMS program would include the following:

  • Establish a compliance program
  • Establish a board with management oversight
  • Appoint a permanent compliance officer who reports to that board
  • Respond to consumer complaints with a protocol
  • Have routine audits examining how the program is functioning and can be improved.

Play Defense First

Dealers should, however, play defense first. Dealers should embrace an arbitration program to avoid lawsuits going to court and, most importantly, avoid class actions. At the same time, dealers should establish a consumer complaint program so that a government agency or consumer attorney never hears these consumer complaints.

Both an arbitration program and a consumer complaint program will help control expensive litigation and regulatory intervention.

Secondly, Appoint a Compliance Officer

Every dealer principal in the United States should immediately delegate someone in his organization to perform this function. This person may already have responsibilities at the store such as a Sales Manager or Controller but should have the additional responsibility of addressing compliance, as a separate duty.

In future articles, more will be written about the Compliance officer, what his responsibilities should be, and what type of training he should have. At a minimum, he should be AFIP Certified (Association of Finance and Insurance Professionals) and consider becoming certified under the Consumer Credit Compliance program. The Compliance Officer should prepare a comprehensive checklist for his compliance duties and they should be routinely discharged. This checklist needs to be cognizant of the many laws relating to sales and F&I.

Laws to Follow

It is instructive to note just how many federal and state laws salesman and F&I Managers should know something about and would be included in the Compliance Officer’s checklist. The following partial list is offered in the manner of an in terrorem clause which is Latin for a threat or warning. Dealers need to be on notice as to just how many laws they are obligated to discharge.

Federal Laws:

Equal Credit Opportunity Act (ECOA) and Reg B ● Fair Credit Reporting Act (FCRA) ● Fair Credit and Accurate Credit Transaction Act (FACTA) ●

Federal Trade Commission Act (FTC Act) ● FTC Credit Practices Rule ●

Gramm-Leach-Bliley Act (GLBA) ● Privacy Rule ● Safeguards Rule ● Holder in Due Course Rule ● Truth in Lending Act (TILA) and Reg Z ● Consumer Leasing Act (CLA) and Reg M ● Producer Owned Reinsurance Companies Laws ● Federal Advertising Rules ● American Automobile Labeling Act ●

FTC Door-to-Door Sales Rule ● IRS Form 8300 Cash Reporting Rule ●

FTC Guidelines for Fuel Mileage Advertising ● FTC Used Car Rule ●

Gray Market Vehicles ● U.S. Patriot Act ● Office of Foreign Asset Control (OFAC) ● Magnusson-Moss Warranty Act ● Monroney Sticker ● Various NHTSA Regulations (recall, airbag, etc.) ● Federal Do-Not-Call Rules: FTC Telemarketing Regulation & FCC Regulation of Telephone Calls &

Rule Restricting Calls to Cell Phones ● Do Not Email Rule ● Do Not Fax Rule

State Laws:

Retail Installment Sales Act ● Consumer Lease Disclosure Act ● Contract Law

Uniform Commercal Code ● Insurance Laws ● Theft, Fraud, and RICO ●


UDAP – Unfair and Deceptive Acts and Practices

Without question, the single most significant law dealers must understand is the “UDAP” statute. Failing to follow any of the laws indicated above could conceivably become a UDAP violation. Every state Attorney General, the Federal Trade Commission, and the Consumer Financial Protection Bureau all enforce this act in some way. In fact, the CFPB’s UDAP statute adds an “A” for “abusive” so that it reads UDAAP. It is unclear what “abusive” adds to the statute but it remains disconcerting. The UDAP statute is remarkably flexible and can be applied in novel ways depending upon the circumstances. Advertising, sales presentations, and disclosures all can be included in UDAP allegations against dealers. The basic standard for this statute is: does the alleged act have the tendency or capacity to mislead a consumer? If so, then a regulator or plaintiff can proceed with his lawsuit because there has been a violation of the law. Violating state UDAP statutes can be quite expensive as they may include actual damages, statutory damages per incident (as much as $25,000), and fees and costs. What current practices in a typical dealership could be interpreted to fit this standard? There could be many.


Although compliance programs appear daunting, expensive, and almost impossible, the attempt is worth the effort and costs can be modest if the dealership plans carefully. And, most importantly, a very modest step will impress regulators and may be enough for a dealer to get off with a warning without any fines or costs. I appeal to every dealer to rethink his compliance program and plan ahead. Enforcing compliance is the new normal. Govern yourselves accordingly!