ComplianceBest Practices

Compliance
10 + 10 = Exposure

By

Answers these questions honestly: Do you have a Compliance Management System (CMS) and whose responsibility is it? When was the last enterprise risk assessment to ensure all personal and dealership assets are protected? (Who has looked at the “big picture?”) Who trains the staff about compliance and how often? Has anyone ever done an analysis of your insurance policies to determine if there are any holes in your coverage?   Do you have a process at the dealership to find and fix online consumer complaints? Do employees have a channel and mechanism to bring their complaints to the attention of management?  When was the last update to the Employee Guidebook? Do employees sign a Legal Rights Agreement? Are you using arbitration to settle disputes with consumers? (In practice, do you understand why this strategy is highly ineffective?) Are you prepared for a local media story? Do your employees know what to do, what to say, or who to direct the reporter to? Who audits your websites on a monthly basis to ensure compliance with advertising laws? Who inspects your other advertising?    Does your dealership have work to do?  Any one of these issues could cost you a lot of money.   Remember, it’s not how much money you make that’s important.  What’s critical is how much money you keep! Consider the “what if.”  What if…this were to happen or that were to happen?  How would you handle it? If those ten (10) didn’t stimulate you enough, here are another ten (10): What would you do if a regulator walked into your dealership? Do you have a plan as to how you would handle that situation One very large dealership group with more than eighty (80) stores allowed the Federal Trade Commission (FTC) to survey its customers to ask them about potential dealership wrongdoing.  What would be your thinking here? How would you handle that?  Have you started your work on the new Gramm Leach Bliley regulations?  The deadline is December 9. Unfortunately, the new regulations are complicated enough that you cannot simply write a check for an “app” to be compliant.  Some of your work will require good ol’ fashioned shoe leather.  Is anyone tracking how your waste (oil, batteries, tires etc.) is being disposed of and have you ensured your vendors have the adequate insurance to protect the dealership if it’s not handled properly?  Do you have a recall policy for your used vehicles?  Whether or not the used car is “your brand,” did you know the dealership would likely be liable if a customer were in an accident as the result of an unfixed recall? Have you ever checked to see how your IRS 8300 processes are working?  Are your cashiers receipting in monies with enough detail for you to track the transactions?  (Did you know the fines for non-compliance are up to $3 million and potential jail time?)  Did you recently inspect your Red Flag compliance?  Are your F&I managers just “blowing past” that screen and selling vehicles without paying attention?  This is a critical issue which will help in your defense if you are ever taken to court for selling a vehicle to someone with a stolen identity. As a dealership, are you sending out Adverse Action Notices in compliance with the Fair Credit Reporting Act (FCRA)?  Failure to send these could result in a class action lawsuit to include punitive damages for “willful non-compliance.” Are you selling repossessed vehicles or salvage vehicles without disclosing this status? Does your staff know how to handle an Office of Foreign Asset Control (OFAC) “hit” on a potential buyer’s credit application?  Do you have a procedure in place?   These questions are but a few of the concerns for your dealership when you are thinking about your daily risk.  As one dealer friend of mine advises, “Button up!”. Another says, “Stop everyone from reaching into your pocket!” Practice your “what ifs” and prepare!   In my experience, it’s not necessarily “if,” but “when!” Watch the YouTube video here . Check out Tom Kline's YouTube Channel for relevant information which is at the forefront of sharing preventative measures and insightful actions that you can take today to protect your dealership.
Dealer Insurance Learning
I Hope You'll Learn With Me!

By

Insurance! (Insert full eyeball roll here.) An October, 2021 survey by Embroker stated that just 22% fully read through their insurance policy, 56% admit to not knowing the cost of their insurance program, 34% carry a cyber policy, 20% admitted to not knowing how their insurance is handled, and 30% allow their policies to renew without making any changes. Let’s change that starting right now! If you don’t understand your insurance, then reach out to a consultant or your insurance broker and ask for a complete review of your coverage.   Understand what insurance you have, what the limits are, and importantly, what policies you do not have.   Here is a thumbnail: Garage Policy This is your main policy which you would turn to cover dealership operations.   Automobile liability, premises liability, product/completed operations liability, customer’s cars.    The type of coverage and the limits matter. Property This covers your buildings and business interruption, should you have one. Worker’s Comp This policy handles worker injuries on the job. Dealer’s Open Lot Your vehicles are covered separately under this policy. This can be covered and included in the Garage policy except in high hazard/catastrophe prone areas. Cyber If you have a breach of your data or if the bad guys ransom you. Pollution Covers your waste (used oil, antifreeze, tires, batteries etc.) and their disposal.   If your waste isn’t handled properly, you can be help personally liable for these problems. Directors and Officers (D&O) Would step in for allegations of fraud and wrong-doing which protect the owners, officers, and employees. Directors and officers (D&O) liability insurance protects the personal assets of corporate directors and officers, and their spouses, in the event they are personally sued by employees, vendors, competitors, investors, customers, regulators, or other parties, for actual or alleged wrongful acts in managing a company. Crime Employee dishonesty.   Theft of corporate assets by an employee of the corporation. Employment Practices Liability This policy handles problems which arise with employees, such as discrimination, harassment, wrongful termination etc. Unusual Options You can protect yourself from most issues.   Here are some more unusual options: Product Recall   Kidnap and Ransom Active Assailant/Workplace Violence Loss of Franchise Communicable Disease Liability Computer Systems Failure Injunction Risk Loss of Key Employee Loss of Key Customer It’s likely if you can think of it, you can insure it. I try to learn every day and here’s one thing I learned this week:   parametric insurance.   So, we are going to learn about it and think anew together.   According to the National Association of Insurance Commissioners (NAIC) “the term parametric insurance describes a type of insurance contract that insures a policyholder against the occurrence of a specific event by paying a set amount based on the magnitude of the event, as opposed to the magnitude of the losses in a traditional indemnity policy. An example is a policy that pays $100,000 if an earthquake with magnitude 5.0 or greater occurs. The amount of payment, the parameter, and a third party responsible for verifying that the parameter was triggered must all be specified in the contract. The third party will usually be a government agency, for example earthquake magnitude could be determined by the measurement issued by the National Earthquake Information Center.” Dealers who have significant weather-related concerns might benefit from this type of coverage.   One of the benefits of parametric insurance is claims are paid more quickly as once the outside entity verifies the event, the insurance company pays so the monies are deployed and in the hands of the business more quickly. My hope for this article is getting you to consider the importance of your insurance program.   I say “program” as there should be a strategy involved and a monitoring and auditing component to it. Please reach out if I can answer any questions.
rain cloud
How Dealers Should Handle COVID (Co-author Kristina Vaquera)

By

Another article about COVID-19?  Ugh! Snap! And oh, my! Employers everywhere are tired with having to handle this additional burden to running their business. But, now, more than ever, it’s important to mitigate your risk by being consistent and current in how you handle COVID. Don’t let your guard down now.    In this article, we will limit our discussion to the federal perspective on COVID as each state may have its own rules or requirements.  FACT: The Equal Employment Opportunity Commission (EEOC) says you can mandate employee vaccinations for employees physically entering the workplace based on business necessity subject to reasonable accommodation requirements. In essence, if it is a threat to the safety and well-being of employees and customers, you can require vaccinates. Very few jobs at the dealership may be completed by being isolated by plexiglass or office walls. Most require daily face-to-face customer contact that cannot be eliminated. FACT: If vaccines are required, employees may claim two (2) accommodations: Because of their sincerely held religious beliefs (i.e., Title VII of the Civil Rights Act), or Because of their disability (i.e. the Americans with Disabilities Act) If an employee asserts an accommodation request, call your employment lawyer for more specifics on how to handle the situation. Each case is different based on the facts. FACT:  To protect your employees and customers, ensure you have the latest signage from the Centers for Disease Control (CDC), Occupational Safety and Health Administration (OSHA) and your state safety and health departments. For example, current CDC guidance has different masking requirements depending on whether you are in a low or medium to high-risk transmission area. Click here for more information. FACT:  As the employer, you are still required to provide personal protective equipment (PPE) and sanitizing stations. Outbreaks at the dealership? If you are having frequent positive COVID situations at the store, you may need to revisit your policies and their efficacy. If you make changes, document what you are doing. Are you required to keep a log of positive cases, or report to your state? Make sure you are doing so if required. If OSHA, or any agency, visits you, they want to know what you are doing to protect everyone. Be diligent here.  FACT:  If you sell fleet vehicles to the government, or have a federal contract, then you may be a federal contractor. If so, you must follow federal COVID mandates required by Executive Order. You may also be subject to mandatory vaccine requirements if you have 100 or more employees.  FACT:  On September 9th, President Biden signed an Executive Order requiring employees of contractors doing business with the federal government to be vaccinated which builds off a previously issued Executive Order from July. President Biden also mandated that OSHA is developing a rule requiring all businesses with more than 100 employees to ensure their employees are fully vaccinated or require workers who remain unvaccinated to produce a negative test result on at least a weekly basis before coming to work. This mandate also requires employers to provide paid time off for the time it takes workers to get vaccinated or to recover if they are under the weather post-vaccination. It is unknown if employers will have to pay for the cost of testing and/or the time associated with testing.   This situation continues to evolve. Don’t “take on” risk by being lackadaisical when it comes to COVID. Author's note: The above article is for informational purposes only and does not constitute legal advice and does not create an attorney-client relationship.
man drawing umbrella over car
Auto Dealers: What’s Your Total Cost of Risk (TCOR)?

By

Financial statements track how you are doing financially every month. Consider measuring and benchmarking TCOR as a part of your ongoing financial statement process.   What is TCOR and why should you care about your dealership’s Total Cost of Risk (TCOR)?  Business is about keeping the money you make. Your sales and gross profits could be at record highs, but your losses might be, as well. Unless you are tracking TCOR, your money may be walking out the back door because of losses or customer problems. Consider changing the way the dealership accounts for losses at the store (TCOR).    The only way to improve in any area is to measure it and benchmark it. TCOR is a metric used to evaluate your dealership’s internal risk process. Here is how it’s calculated: Insurance premiums + self-insured losses + losses associated with lower profits and productivity + risk administrative expenses (internal & external) = Total Cost of Risk (TCOR)  Tracking this metric will help you laser focus on which parts of the dealership cost you money. Consider customizing and defining each aspect of the formula to specify the guidelines for your dealership. These guidelines will be different for every owner-operator. It’s important to be consistent in how you establish and execute the accounting at your dealership based on those guidelines. Consistency will produce accurate data leading to meaningful answers.  Here’s an example: Let’s say you sell vehicles to people who have credit challenges (secondary customers). In my experience, if you “spot” them in their vehicles, and then cannot get them financed for whatever reason, they tend to write more negative online reviews. Hopefully, you have a process at the dealership to bring them back in and try to satisfy them in some way.   (If not, start today. Most lawsuits and regulatory problems start with upset customers. In fact, a dealership in Tennessee recently had its license revoked after multiple claims of deceptive acts. Now, the owner has been convicted of twenty-one (21) felony counts. His problems all started with customer complaints. Pro Tip: After you have satisfied the customers’ concerns, ask them to “update” their review. If you ask them to “change” their review, the customers will feel manipulated, Then, it will look like the only reason you helped them was to have them update the online review.) If you tracked the personnel time and all other expenses associated with these types of issues, you would be able to determine the actual cost of taking care of these customers. This is only one aspect of TCOR. (Please refer to the formula above.) If the dealership accounts for these costs accurately, it means you can no longer hide these losses in “Other Income.” In many dealerships, “Other Income” becomes the “garbage pail” of accounts, where you charge expenses, so the managers who are paid on gross won’t complain about chargebacks.    Using the secondary customer example above - whether or not TCOR is being tracked - we can discuss which policies and procedures can be put into place to stop these types of losses. There are plenty! We will not know the effectiveness of the procedures unless the numbers are tracked accurately. Recently, I have been hearing dealers espouse a case of the “yets.”   “I haven’t been sued yet.” “I have not heard from a regulator, yet” “We haven’t had any major problems, yet.” So, I don’t need to track TCOR…  Depending on the accounting controls at the store, the losses may be bigger than you realize. Unless you are measuring these costs, it is unknowable how much money is being poured into issues at your dealership. Do you really know your risk costs? Reputational losses? Customer satisfaction charges? Please consider tracking and measuring these numbers moving forward.  I’ll bet you’ll be glad you did. 
crisis
Risk Avoidance – Ignored

By

Are you too busy selling cars to pay attention to the myriad number of lurking problems and issues that you haven’t had time to address? You would like to correct them and don’t know where to start?   Let today be the day you start. First, don’t be the businessperson and entrepreneur who doesn’t pay any attention to the “what ifs.” What if happens! A lot, in fact. Don’t avoid the risk. Start by being aware that risk is out there and everywhere. Sometimes you see it and sometimes you don’t! Unearthing unknown problems is a process and is heavy lifting. Rest assured there are steps you can take now to be a pro. Here are eight (8) action items you can start today to reduce your operational risks. Consider Doing An Enterprise Risk Assessment Doing an enterprise risk assessment means that you should examine all aspects of your operation for problems and what ifs. This is an on-going process and (1) is not accomplished overnight, and (2) should be a part of your monthly routines.  Here’s a starter checklist: 1. Is someone designated to find, respond, and resolve internet complaints? (If you are asking why you should waste resources on this, consider this internet posting example I found on a review site for a client: “If you are reading this and went through something similar at this ***** hole, email me at @***.com and I will be glad to talk with you.” This is exactly how class action lawsuits begin. Although, this is a huge exposure, it’s easily solved as a straight-forward daily task that someone must be responsible for and bring to conclusion.)   2. Do you know what to do if/when you get served with a lawsuit or an inquiry from a regulator? (Now is the time to formulate a proactive plan, not when you are under time pressure. If you have not had a problem here, consider yourself lucky. Not being pessimistic, but it’s an eventuality. This is not as simple as turning it over to your regular lawyer. Unless they are well versed in consumer law, they may not be qualified to respond. This is the worst situation because they will give you bad advice and you will likely act on it. That makes a bad condition even worse. I’ve seen it a lot and it’s ugly, expensive, and time consuming.) 3. When was the last time you had someone independently check your website for advertising compliance to ensure all advertising laws are being met? (Are you unknowingly using bait and switch advertising? How you read and/or changed your disclaimers to reflect today’s advertising requirements? Recently, I reviewed a dealership’s websites and quickly found seven (7) violations within a three (3) hour quick view. Each and every mistake was actionable by an attorney, regulator, Attorney General, the FTC, or the CFPB (you get the picture here). Several mistakes made the dealer vulnerable to Unfair and Deceptive Acts and Practices (UDAP) laws under which the potential damages are tripled. Tripled! Plus, if sued, the dealer would be liable for the consumer’s attorney’s fees, which will be substantial. $70,000 - $80,000 is not an unusual number, sometimes it’s more. This is a disaster easily avoided by having a third party check your ad content regularly. This should be a regular monthly check as you change your advertising frequently.) 4. Gotcha! The local television news van shows up and wants to do a story about a customer’s broken vehicle that you (personally) don’t even know about. What do you do?   (Do you have a media policy? Do your employees know what to do or where to direct the reporter?  The dealership should have a written media policy signed by each and every employee with a clear delineation about who is authorized to speak to the media. Usually, by the time the news crew arrives, the station already has the customer “in the can,” i.e. the customer’s interview has already been recorded and approved by the station manager. So, the only thing left is for the news crew to interview you on camera and get your side of the story. Sometime, stories can be stopped with facts but you have to be prepared and know how you are going to handle these situations. PRO TIP: Do not ever submit a written comment on your letterhead. Then, everyone who sees the story on television sees your logo with the response! That’s not helping your reputation.) 5. The Internal Revenue Service arrives wanting to talk about IRS Cash Reporting requirements. Are you ready?   (This has nothing to do with income tax. This is how you report customer “cash” transactions to the IRS in compliance with their regulations. Fines for willful non-compliance can be up to $5.5 million and up to five (5) years in jail. Did you know that a traveler’s check is cash? Did you know that a cashier’s check for $10,000 and under is considered cash? Do you have a written policy about how your dealership handles this issue? Did you send the customer a letter at the end of the year indicating that you filed a Form 8300 with the IRS? Big liability here. Get on it.) 6. A mechanic is driving a unit that loses steering or the brakes. It careens into your used oil tank which begins leaking and is running toward the drain. Do you have a plan for this? (First, do you have a written spill plan? Have all of your employees signed off on it? Remember in our business, if it’s not in writing, it doesn’t exist. It’s very difficult to keep up with all the pollution and environmental regulations. Do you have pollution insurance to cover a spill? Did you know you can be personally liable for this type of accident? What happens if your waste oil vendor dumps your used oil in the river? Do they have insurance to cover you? Are you tracking the insurance of your vendor? These “what ifs” get messy, quickly.) 7. A regulator shows up and asks to see your training records on xxx. What do you give them? (Twice-monthly training for your employees is considered “best practices.” Even more importantly, when you train, you must have employees “sign off” on the training materials. Then, you demonstrate to the regulator by providing your training materials with the employee’s signature. If you can prove an attempt to get it right, the regulator will generally be more lenient with you. If you appear to totally disregard this particular area of compliance, then buckle your seatbelt. If a regulator arrives at your dealership, generally they won’t leave without you writing them a check. The question is whether that check will be a few thousand dollars or a “5” or “6” figure check. Oh, and do you have any insurance which might cover these instances?) 8. You receive a “charge” from an employee who goes to the Equal Employment Opportunity Commission (EEOC) claiming that there’s an atmosphere of sexual harassment and discrimination. Now what? (First, have you considered having insurance to cover this type of claim? Second, do you have an Employee Guidebook that has policies on how to cover these issues? If you do not, you leave yourself wide open and vulnerable.) So, there are eight (8) actionable items for you to consider. Ignore these at your own peril because when one bites, you’ll hurt.  
Is Your F&I Compliance "Toast?"

By

What does criminal conduct have to do with F&I and my new toaster? Here you go... I recently bought a toaster. (Please hold your applause until the end of the article.) The toaster is so generic it does not even have a brand name on the instructions. "Instructions," you ask? For a toaster?  Yes, it came with a full-color, multi-step instruction, which is awesome.  There are "Single bread toasting" instructions in case you might not want to...you know...toast two pieces of bread at the same time. And I quote, "Single bread operation may cause uneven toasting result due to nonuniform heat distribution from the empty slot."  So, I am getting a toaster, a grammatical mistake, and entertainment all for the price of a toaster. But wait, there's more. It gets better! And here is the tie-in with our business: It shows actual, color photographs of pieces of toast corresponding to the level dial on the toaster, ranging from level 1 (lightly toasted) to level 6 (call the fire department). So, they are asking you to compare the color photos with your toast. I love this! Examine and compare. This is risk mitigation at its absolute finest.  So when was the last time you examined, with a clear head, your F&I practices? When was the last time you (or a trained third party) compared a checklist to a deal folder for compliance? Are your deals "warm and toasty?" Or, do you need to call the Fire Department to hose them down?   If your dealership strives toward a better culture of compliance, consider this checklist when reviewing your F&I practices:  This is a partial list representing only twenty (20%) percent of the items that you should be checking.   Examining these practices will help prevent so many problems and allegations, including (but not limited to) product stuffing (quoting a payment that includes aftermarket products), discrimination, income manipulation, Suspicious Activity Reports, and fraud. Some of the items above are just the law, and you are required to comply.   Financial institutions are required to file Suspicious Activity Reports if they believe you have submitted false information to them. It is a requirement for them, not an option.  Some of these items may be obvious, but are you actually checking? Or have you hired a third party to check? If a regulator walked into your dealership, could you demonstrate that you perform periodic audits to check your F&I department? Did you know that Section 8 2. of the United States Sentencing Commission considers compliance activity when judges determine the length of jail time? You must "(1) exercise due diligence to prevent and detect criminal conduct; and (2) otherwise promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law." It is worth noting, the Consumer Financial Protection Bureau (CFPB) recently announced they are hiring additional lawyers for compliance enforcement.   Don't wait until smoke is rising and alarms are blaring. Implement a compliance program now, or you will be a level 6 piece of toast.