Reynolds adds Delaware, Alaska, Iowa and Mississippi to F&I Library

DAYTON, Ohio - 

During the past three months, Reynolds and Reynolds added four more states where its LAW F&I Library — a comprehensive catalog of standardized, legally reviewed finance and insurance (F&I) documents for franchised dealers — is now available.

Resources now are available for dealers in Delaware, Alaska, Iowa and Mississippi, bringing Reynolds’ footprint to 40 states.

“The documents in the F&I Library are designed to help dealers meet compliance obligations and manage risk. At the same time, because the documents in the library are written in consumer-friendly language, they can help dealers to establish a clearer, more efficient F&I process. A more efficient F&I process can help lead to a better overall customer experience with the dealership,” said Jerry Kirwan, senior vice president and general manager of Reynolds Document Services.

"Using standard documents written in consumer-friendly language can help to create a clearer, more consistent and more efficient F&I process for the F&I manager and for the consumer,” Kirwan added. “Because of those improvements to the overall F&I process, the overall consumer experience with the dealership can be improved.”

Furthermore, the Mississippi LAW F&I Library was developed in partnership with the Mississippi Automobile Dealers Association (MADA).

"MADA is pleased to have Reynolds Document Services as a resource for our dealers," said Marty Milstead, president of the Mississippi Automobile Dealers Association. “I have found Reynolds to be responsive to our efforts to provide documents needed to serve our membership.”

Kirwan also noted that because regulatory scrutiny is an ongoing concern for automotive retailers in Mississippi and throughout the country, the LAW F&I Library is a tool to help dealers meet compliance obligations and manage risk. The documents in the library are regularly reviewed for legal sufficiency with the latest automotive regulations by Reynolds' industry-leading forms specialists alongside Reynolds' outside legal partners.

The LAW F&I Library also are available in digital format, which can help facilitate the conversion to laser-printed forms and e-contracting transactions. Reynolds Document Services maintains licensing agreements with all major providers of electronic F&I (e-F&I) solutions.

Now with Delaware, Alaska, Iowa and Mississippi in the offering portfolio, other states where Reynolds resources are available include: Alabama, Arizona, Arkansas, California, Colorado, Georgia, Hawaii, Idaho, Illinois, Indiana, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Missouri, Montana, Nevada, New Jersey, New Mexico, New York, North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia and Wyoming.

SCM’s SOC2 Type II Certification now includes all 5 disciplines


In an effort to show its finance company clients the caliber of available service, skip-tracing provider Secure Collateral Management (SCM) recently announced the successful completion of the SOC2 Type II audit earlier this month.

The Service Organization Control (SOC) 2 Type II examination demonstrates that an independent accounting and auditing firm has reviewed and examined an organization’s control objectives and activities, and tested those controls to ensure that they are operating effectively. This year, SCM upgraded that certification to include all five disciplines, which are:

• Security: SCM's systems are protected both physically and logically from unauthorized access.

• Availability: SCM's systems are designed to be available for operation according to agreements.

• Processing integrity: System processing is accurate, complete, timely and authorized.

• Confidentiality: Information designated as “confidential” is protected according to existing agreements.

• Privacy: Personal information is collected and processed in accordance with their privacy policy and with the privacy principles put forth by the American Institute of Certified Public Accountants (AICPA).

The company highlighted that SCM and all affiliated recovery agents are fully licensed and insured as required by each state.

SCM principal Jim Farley emphasized that the company takes security seriously with controlled access buildings, fully encrypted data transfers and multiple levels of data access controls in place to protect personal data.

“Everyone in the industry talks about having compliance, but without every process, procedure and system being independently audited and certified, how can you be sure of it? That is the question we asked ourselves in 2014 prior to completing our first SOC2 Type II audit in just two of the disciplines,” Farley said in a statement sent to SubPrime Auto Finance News.

“Secure Collateral Management has constantly been an industry leader in performance and compliance. That is why in 2017, we decided to take on the monumental task of passing the SOC2 Type II in all five disciplines,” he continued.

“Talking compliance is a good start, but obtaining all five SOC2 Type II discipline certifications combined with independent vulnerability and penetration testing of our network, website and phone systems as well as having independently audited and certified financial statements is real compliance that our clients deserve,” Farley went on to say.

There are two types of SOC 2 reports: Type I and Type II.

The Type II report is issued to organizations that have audited controls in place and the effectiveness of the controls have been audited over a specified period of time. Type II Certification consists of a thorough examination by a third party firm of an organization’s internal control policies and practices over a specified period of time. The period of time is typically six months to one year. This independent review ensures that the organization meets the stringent requirements set forth by the AICPA and CICA.

“When trusting an application with highly sensitive and confidential information, such as passwords, documents and secure images, obtaining high level certification is imperative,” SCM said.

SCM also mentioned that it employs fully redundant data sources and systems to protect data and ensure the least amount of downtime in a disaster. The company added that having account information available to clients and agents 24/7 without interruption is a priority.

“Keeping our network secure is a top priority at Secure Collateral Management,” the company said. “In addition to third party annual network penetration testing and certification, Secure Collateral Management also performs quarterly in-house penetration tests to ensure local network security.”

What Supreme Court decision on debt collection means for auto finance


SubPrime Auto Finance News reconnected with Hudson Cook associate Anastasia Caton, who has been closely watching the Supreme Court mulling over whether a finance company that regularly attempts to collect debts it purchased after the debts had fallen into default is a “debt collector” subject to the Fair Debt Collection Practices Act (FDCPA).

The newest member of the highest court, Justice Neil Gorsuch, wrote the opinion for the unanimous decision that determined Santander Consumer USA was not a “debt collector" subject to the FDCPA when it bought, held and then serviced on its own account consumer debts that were in default at the time of purchase. The Supreme Court’s actions affirmed the previous decision by the U.S. Court of Appeals for the Fourth Circuit.

Here is the segment of Gorsuch’s 13-page opinion the Hudson Cook team felt was most relevant to finance companies and other participants in auto financing and collections.

“… the Act defines debt collectors to include those who regularly seek to collect debts ‘owed ... another.’ And by its plain terms this language seems to focus our attention on third party collection agents working for a debt owner — not on a debt owner seeking to collect debts for itself,” Gorsuch wrote for the court. “Neither does this language appear to suggest that we should care how a debt owner came to be a debt owner — whether the owner originated the debt or came by it only through a later purchase. All that matters is whether the target of the lawsuit regularly seeks to collect debts for its own account or does so for ‘another.’

“And given that, it would seem a debt purchaser like Santander may indeed collect debts for its own account without triggering the statutory definition in dispute, just as the Fourth Circuit explained,” Gorsuch went on to write.

The Supreme Court heard oral arguments in this case — Henson versus Santander Consumer USA — on April 19 and needed less than two months to render the decision. Caton previously explained that the case began when consumer Ricky Henson defaulted on a retail installment sale contract secured by a vehicle. After the original creditor repossessed and sold Henson's vehicle and applied the net proceeds to the balance, Caton noted a deficiency remained.

Eventually, the creditor sold Henson’s outstanding deficiency to Santander Consumer USA and Santander began collecting Henson’s deficiency.

“I was a bit surprised by how quickly the ruling came out, and also surprised by the 9-0 decision, without even a concurring opinion that addressed policy issues,” Caton told SubPrime Auto Finance News this week. “But it was clear during oral argument that all of the justices were struggling with the consumer’s textual argument. 

“By limiting the question presented to only addressing the part of the definition of ‘debt collector’ that includes persons who regularly collect debt that is ‘owed or due another,’ the Court had its hands tied with respect to how far it could go in bending the language of the statute,” she continued. “Had the Court considered the other part of the definition of ‘debt collector’ — a business with the principal purpose of collecting debts — I think we would have seen more deliberation and also a split.”

Any new opportunities?

Caton also addressed another question that might be on executives’ minds. What kinds of opportunities might this ruling open up for auto finance companies to do with their negative paper? Caton began by noting how Santander is a different player in the space than some other operations that originate vehicle installment contracts.

Caton acknowledged the decision was indeed “a victory” for a company such as Santander. One of the reasons why is became its business includes not just the collection of consumer debts, but also origination and consumer banking.

“Traditional debt buyers will still be proceeding with caution, and likely will not change course with respect to FDCPA compliance in light of the decision,” she said.

Caton also explained that the Supreme Court “made clear” that there are two alternate definitions of debt collector. Those definitions are:

1. Entities collecting debts owed or due another (third party debt collectors)

2. Entities engaged in a business the principal purpose of which is the collection of debt. 

“The Court consistently pointed out that it was only deciding whether Santander was collecting debts owed or due another, and was not deciding whether Santander was engaged in a business the principal purpose of which is the collection of debt,” Caton said.

“I would not be surprised if we saw litigation soon where the consumer alleges that the purchaser of a delinquent account (whether it is a traditional debt buyer or, the more difficult case, a traditional financial services firm) is a debt collector under the principal purpose prong of the definition,” she continued.

Caton reinforced her point by referencing the reaction by the Receivables Management Association (RMA), a trade group that represents debt buyers. That organization emphasized that the Supreme Court decision still leaves uncertainty about debt buying companies that purchase and actively collect on their own debt.

“While all judicial decisions are based on the facts contained in the case, it is conceivable that the Santander decision may be used by debt buying companies that operate solely as an investment vehicle and do not engage in any debt collection activity themselves (aside from acquisition) to argue they are not subject to FDCPA regulation,” the association said in a news release. “However, RMA would urge all companies that operate under either the active or passive business model to consult with legal counsel before making any operational changes.

“In the end, RMA does not see the Santander decision as lessening the consumer protections required of its membership due to the rigorous requirements of RMA’s Receivables Management Certification Program (RMCP). RMA estimates that over 80 percent of consumer receivables in the United States that have been sold on the secondary market are owned by companies who are RMCP certified and thereby bound by standards that already go above and beyond the requirements of the FDCPA,” the organization went on to say.

While Caton isn’t expecting a flood of new debt buyers to appear suddenly, she considered what more traditional financial services companies like banks could do now.

“(The decision) might allow the inclusion of more negative paper from sales finance companies in portfolio purchases, heating up competition for such paper,” Caton said. “However, banks could decide that the risk of an adverse ruling on the “principal purpose” prong of the definition of “debt collector” is too high and might continue to avoid purchasing delinquent accounts.”

Furthermore, Caton raised the possibility of what could happen if lawmakers become more involved in debt-collection matters.

“Another thing to keep in mind is that states can always enter this space to regulate where Congress fails to do so. State legislatures tend to be more nimble than the federal legislature,” Caton said. “In response to the proliferation of the debt buying industry, numerous states have stepped in over the past few years to pass legislation expressly regulating debt buyers. 

“If that trend continues to spread, we could see further consolidation of the debt buying industry as the cost of multi-jurisdictional compliance becomes overly burdensome for smaller players,” she continued. Further, the CFPB still has UDAAP authority and the FTC still has UDAP authority over entities that purchase defaulted debt and try to collect from consumers.”

Decision in historical context

SubPrime Auto Finance News also asked a question other industry participants might be wondering, too. Had the result gone the opposite way, what kind of additional burdens might have been placed on auto finance companies?

 “Had the result gone the opposite way, and the Court ruled in favor of the consumer, I think we would have maintained the status quo,” Caton said. “I do not think the market for negative auto finance paper would have moved that much.

“Before this case, the majority of federal appellate courts to address the issue, the CFPB, and the FTC all interpreted the FDCPA to apply to purchasers of defaulted debt,” she continued. “As a result, most purchasers of defaulted debt had already been complying with the FDCPA.

Finally, Caton considered where this Supreme Court decision ranks in important court victories for the auto finance industry.

“The decision is certainly significant because it narrows the scope of the FDCPA’s coverage, and eases the FDCPA risk for a narrow sub-group of portfolio buyers that are not ‘debt buyers,’ but who also service their own accounts in their own names. But the decision in Henson is not an industry game-changer,” Caton said.

“The narrow sub-group of portfolio buyers that are not ‘debt buyers’ will likely have a modest impact on the market for negative auto finance paper, and the Court could still decide that those entities are subject to the FDPCA because they are engaged in a business the principal purpose of which is the collection of debt,” she concluded.

ACA International new white paper highlights unintended consequences of ‘antiquated’ TCPA


ACA International, the Association of Credit and Collection Professionals, recently released a white paper that examines how the Telephone Consumer Protection Act’s (TCPA) “antiquated” understanding of technology results in some consumers receiving a disproportionate number of telephone calls while others are almost entirely excluded from receiving legitimate business communications.

The paper, titled “Unintended Consequences of an Outdated Statute: How the TCPA Fails to Keep Pace with Shifting Consumer Trends,” also updates TCPA litigation statistics.

“It has long been ACA’s assessment that the TCPA has failed to adjust to modern communications technology and evolving consumer preferences,” ACA International chief executive officer Pat Morris said.

“Not only has this failure exposed legitimate businesses to an exponential growth of TCPA lawsuits, but as this white paper demonstrates, it has unintentionally resulted in certain consumers who possess wireless-only telephones from receiving important information while at the same time incentivizing more calls to those consumers who rely solely on landline telephones,” Morris continued.

Data from the National Center for Health Statistics indicated that as of December 2016 a majority of American homes (50.8 percent) were wireless-only. This means that a majority of American households now have no landline in the home and exclusively use wireless communication devices.

The paper showed there are also significant generational differences in those homes that are wireless-only relative to those that still have a landline. For example, 72.7 percent of 25-29 year-olds live in a wireless-only household. However, only 23.5 percent of consumers over the age of 65 live in a wireless-only household.

Additionally, 76.5 percent of individuals aged 65 and older live in households with a landline. Because of these dramatic differences in wireless-only households across age groups, ACA International stressed that attempted compliance with the Federal Communications Commission’s broad interpretations of the TCPA will likely result in certain consumers receiving a disproportionate number of business-related phone calls while other segments of the consumer population are almost entirely excluded.

Specifically, if a company only calls consumers who possess a landline telephone in an effort to minimize potential TCPA liability, they are more likely to contact consumers 65 years of age or older, according to the organization.

As noted in an earlier white paper, “The Imperative to Modernize the TCPA: Why an Outdated Law Hurts Consumers and Encourages Abusive Lawsuits,” ACA found that TCPA litigation has become something of a cottage industry, with attorneys’ fees for a TCPA class action settlement averaging $2.4 million in 2014.

Furthermore, the organization said TCPA litigation has consistently increased year-after-year. Data from 2015 showed that TCPA lawsuits increased 948 percent between 2010 and 2015.

In ACA’s new white paper that is available here, data from 2016 shows an even more dramatic increase in TCPA litigation. Between 2010 and 2016 there was a 1,273 percent increase in litigants; between 2015 and 2016 alone, the total number of litigants increased 32 percent.

In light of these findings, ACA argued that modernization of the TCPA can accomplish several objectives, including:

—Ensure consumers are not deprived of normal, expected and desired information

—Provide clarity for businesses to engage in targeted, beneficial communication with specific consumers

—Free the courts to attend to the needs of real victims of harassment and abuse

ACA International’s research initiative aims to collect more original data about the credit and collection industry. The goal of this exclusive research and analysis is to continue to quantify the ways that debt collectors help consumers and the overall economy.

How debt collection industry scored rare ‘victory’


A debt collection expert explained the importance of the rule-making pivot the Consumer Financial Protection Bureau evidently is making when it comes to finance companies and other credit providers looking to collect from consumers who defaulted.

CFPB director Richard Cordray shared the details during his prepared remarks during last week’s consumer advisory board meeting.

Cordray told meeting attendees — which included Joann Needleman, who is the leader of consumer financial services regulatory and compliance practice group at Clark Hill — about the feedback the bureau has received since rolling out its debt collection rules overall proposal last August.

“One thing became clear,” Cordray said. “Writing rules to make sure debt collectors have the right information about their debts is best handled by considering solutions from first-party creditors and third-party collectors at the same time.

“First-party creditors like banks and other lenders create the information about the debt, and they may use it to collect the debt themselves. Or they may provide it to companies that collect the debt on their behalf or buy the debt outright,” he continued.

“Either way, those actually collecting on the debts need to have the correct and accurate information. All of these parties must work together to ensure they are collecting the right amount of debt from the right consumer,” Corday added.

Cordray went on to elaborate about how the CFPB’s initial proposal triggered other potential issues and how bureau officials are responding.

“But breaking the different aspects of the informational issues into pieces in two distinct rules was shaping up to be troublesome in various ways. So we have now decided to consolidate all the issues of ‘right consumer, right amount’ into the separate rule we will be developing for first-party creditors, which will now cover these intertwined issues for third-party collectors and debt buyers as well,” Cordray said. “That way, we can address this entire set of considerations, market-wide.

“In the meantime, we will be able to move forward more quickly with a proposed rule focused on the remaining issues,” he continued. “These issues, again, are information third-party collectors must disclose to people about the debt collection process and their rights as consumers, and ensuring that third-party collectors treat people with the dignity and respect they deserve.

“Once we proceed with a proposed rule on these issues, we will return to the subject of collecting the right amount from the right consumer, which is a key objective regardless of who is collecting the debt. And we will take care to get it right,” Cordray went on to say.

After hearing the CFPB’s latest position, Needleman collaborated with her Clark Hill colleague Jane Luxton for a blog post to explain the implications of the bureau’s actions. Needleman and Luxton declared that, “The CFPB’s decision is a win for a debt collection industry that sees few victories.”

So the industry simply doesn’t rest and savor this win for too long, Needleman and Luxton offered recommendations on what finance companies and other industry participants should do next with regard to debt collections.

“For first-party creditors, the time is now to consider issues of data integrity and effective collaboration with debt collectors they hire,” Needleman and Luxton wrote. “Creditors will now have to consider documentation issues at the front end of the initiation of the loan in order to substantiate it on the back end.

“Proactive efforts in advance of the upcoming rulemaking on a first- and third-party substantiation program should begin now,” they continued. “The CFPB appears to be moving toward the realization that we all live in a credit based eco-system and a holistic approach, involving all stakeholders in the debt collection market, is warranted.”

RISC acquires RCS to enhance vendor vetting services

TAMPA, Fla. - 

With the Consumer Financial Protection Bureau taking a greater interest in what service providers finance companies are using, Recovery Industry Services Co. (RISC), a provider of collateral recovery training, certification and compliance solutions, recently announced that it has signed a definitive agreement to acquire Recovery Compliance Solutions (RCS).

The move was made in order to enhance RISC’s vendor vetting services as part of its overall compliance-related offering.

RISC president Stamatis Ferarolis highlighted that the acquisition comes at an exciting time, as RISC has recently unveiled technology integrations that can allow forwarders and financial institutions to ensure that agents meet their specific compliance standards all the way from agent selection through individual assignment and asset storage.

“RISC’s overall vision is to create a succinct experience allowing lenders to be sure that the agents they work with are thoroughly trained, comprehensively vetted, and in possession of secure and adequate storage lots,” Ferarolis said.

“Through our technological integrations, lenders and forwarders can manage assignments with all of that compliance information at their fingertips. They can even specify their own custom compliance standards and push required policies and training courses to their agents," Ferarolis continued.

"We’ve worked with the industry’s leading stakeholders, as well as bodies such as the CFPB, to architect universally accepted compliance guidelines and integrate them with our solutions," he went on to say.

RCS was founded in 2008 and has offices in St Louis.

“RISC is a perfect fit for us,” RCS officials said. “They share our vision for ensuring that the most capable, well-rounded, and compliant individuals and agencies are operating on behalf of the automotive lending community. We are thrilled to be a part of the RISC family.”

Ferarolis elaborated about what else RCS brings to RISC’s portfolio.

“The RCS team has built a very strong practice in repossession agent auditing. Their process is extremely thorough and by combining our teams we will be able to better serve our customers by delivering best-in-class compliance validation,” he said.

To contact RISC, send an email to or visit its website at

6 recommendations to CFPB regarding alternative data


As the Consumer Financial Protection Bureau takes a closer look at alternative data, the American Bankers Association delivered an eight-page comment letter containing a half dozen suggestions about the current and potential use of alternative data and modeling techniques in the credit process.

Along with the suggestions, ABA also raised regulatory concerns, especially when using alternative data might trigger the CFPB to take action for what the bureau could allege as unfair, deceptive, and abusive acts and practices (UDAAP).

Authoring the material was Nessa Feddis, the association’s senior vice president and deputy chief counsel for consumer protection and payments. Feddis began by outlining a foundation of ABA’s stance regarding alternative data.

“As a general matter, banks support the use of alternative data sources to evaluate credit applicants, particularly people with no or ‘thin’ credit files who may be eligible for credit,” Feddis wrote. “The use of alternative data, coupled with mobile channels of access to bank products and services, may have potential to expand financial services and open the door to people who otherwise have limited or no access to mainstream credit.

“However, banks have concerns about the reliability and predictability of some alternative data and about consumer protections promoting privacy and data security,” she continued. "In addition, it should also be emphasized that banks recognize the importance of fair lending and demonstrating that underwriting models are sound.”

Feddis then went into six suggestions that could quell concerns about UDAAP allegations among other aspects of leveraging this technology. The recommendations included:

1. Alternative data providers should be sensitive to consumer privacy and data security and ensure that data are accurate and reliable.

2. Regulators must recognize that application of disparate impact liability in supervision and enforcement causes banks to retreat from using alternative data, limiting inclusion and competition.

3. To promote the use of alternative data in mortgage lending credit decisions, regulators should provide guidance on how banks can test and demonstrate that models comply with the Fair Housing Act’s disparate impact liability, consistent with the Supreme Court’s Inclusive Communities framework, and also meet supervisory safety and soundness expectations about model validation.

4. Regulators must also recognize that the persistent threat of an undefined UDAAP sanction hovers like a dark cloud over financial innovation and will cause banks to retreat from using alternative data.

5. A supervisory approach that reduces banks’ compliance risk will encourage banks to use alternative data as a tool to develop products, especially small dollar loans, designed for people who may not qualify under traditional underwriting standards.

6. The bureau should reconsider its Project Catalyst and No Action Letter policy to promote testing of alternative data and foster innovation without the risk of triggering fair lending and UDAAP liability.

“Banks are enthusiastic, but cautious, about using alternative data and models to innovate and improve customer access to credit and product affordability,” Feddis wrote to close her letter to the CFPB.

“A number of factors impede experimentation and use of alternative data,” she continued. “Fair lending, UDAAP, and model validation challenges, risks and costs are primary obstacles. Lack of assurance about the predictability, reliability and accuracy of the data as well as privacy and data security concerns also cause banks to hesitate.

“Simply put, the compliance and reputation costs and risks can overwhelm the uncertain return,” Feddis went on to say in the letter available here.

Compliance diary post No. 3: Enjoying a successful journey

PLANO, Texas - 

It’s been a little while since I’ve made an entry into my diary about navigating through the rigors of the National Automotive Finance Association’s Consumer Credit Compliance Certification Program.

I’m happy to report I can see the certification summit. While I didn’t get here with climbing boots and a backpack, it’s been just as rewarding as any journey a hiker, biker or just a strolling walker could make.

And now the NAF Association is widening the opportunity for you to make the same satisfying and worthwhile journey.

Because the NAF Association obtained so many requests, the organization announced this week that participants in its popular Consumer Credit Compliance Certification Program now can complete the opening of the four modules online.

Previously, the only way to begin the program was to attend a two-day classroom session, which was scheduled twice per year.

I participated in the opening session the NAF Association hosted last September here in the Dallas-Fort Worth area, which rivals Detroit or anywhere else in the country as far as automotive penetration. As many of you are aware, large finance companies such as General Motors Financial, Santander Consumer USA, Capital One Auto Finance and Exeter Finance all call this area home.

Furthermore, each of the Uber drivers who took me to the headquarters of Digital Recognition Network (DRN) and EFG Companies on Tuesday mentioned how much the area is being impacted by the construction of Toyota’s sprawling headquarters here in Plano.

By the way, listen up for future installments of the Auto Remarketing Podcast to hear the conversations I had with top executives and DRN and EFG.

If you still want to begin the Consumer Credit Compliance Certification Program with in-person training, the NAF Association indicated classroom sessions will continue to be offered and candidates who elect to begin the program online are welcome to attend the classroom session, too, but will not be required to do so.

The in-person training is simply superb. Hudson Cook partners Patty Covington and Eric Johnson explain the regulatory material without sounding like Charlie Brown’s teacher from the Peanuts cartoons.

Module 2 and Module 3 will continue to be offered online as they have since the program’s inception.

Once a participant passes the requirements of a module segment, the next portion becomes available. And participants must score 80 percent or higher on a segment exam.

(Imagine if all of the people and providers you depend on had to produce at least at an 80-percent clip or higher?)

Having to achieve that level of success absorbed numerous of my Saturdays since September.

But it’s been so worth the effort. The program not only gives you a comprehensive and digestible explanation of important federal mandates for auto financing, it also provides important foundational knowledge about state regulations that sometimes can vary as much as the color of vehicles in your inventory or portfolio.

The NAF Association indicated more than 500 compliance professionals have completed the program. By the end of the month, I hope to be a part of an increase in that tally after taking in Module 4 with Patty and Eric this week and completing one more exam.

While I might not be in the trenches of a finance company's underwriting or collections department, I like to think of all of us at Cherokee Media Group that generate Auto Remarketing, SubPrime Auto Finance News, Auto Remarketing Canada and BHPH Report, as well as the conferences at Used Car Week, as one of your service providers; a company that offers an important resource — knowledge.

And with the Consumer Credit Compliance Certification soon to be in my knowledge quiver, it’s my intention for it to reflect in the caliber of content you see from us here at Cherokee Media Group, recapping not only the moves regulators are making but also discussing how they might impact your business.

Before closing, I want to express again my sincere appreciation to Jack Tracey, Cindy Sly and the team at the NAF Association as well as Patty and Eric and the Hudson Cook stable of legal experts for allowing me to participate in the training.

Jack could have quickly brushed me aside and said, “No way!” But as always, he and everyone else involved all have been gracious.

More information about the Consumer Credit Compliance Certification Program can be found at or by contacting Cindy Sly at

So if you or your company has been considering this program, I wholeheartedly recommend it. Not only will your firm be better for it, so will the entire auto finance industry.

Nick Zulovich is senior editor of SubPrime Auto Finance News and BHPH Report and can be reached at

Carleton successfully completes SOC 2 audit


Carleton, a provider of compliant financing calculation and document generation solutions, recently announced that it has successfully completed its 2016 SOC 2 compliance audit, conducted by Crowe Horwath.

The company highlighted SOC 2 compliance has quickly become a hot topic in today's world of technology and cloud computing, as service organizations such as Carleton must demonstrate its adherence to this mission-critical mandate for security and data management control.

In a data-dependent world that is routinely exposed to potential security threats, Carleton explained SOC 2 compliance is a strategic standard for technology companies to assure their integrity within the financial infrastructure.

The company pointed out that SOC 2 audits are intended to meet the needs of a broad range of information and assurances pertaining to controls within a service organization on security, availability, and processing integrity, including any systems used to process user’ data and the confidentiality and privacy of the information itself.

The principals upon which SOC 2 are based are modeled to address four basic areas:

— Policies
— Communications
— Procedures
— Monitoring.

Each of these principles have defined criteria (controls) which must be met to demonstrate adherence to the principles and produce a successful independent SOC 2 audit.

 “We recognize that SOC 2 certification on a yearly basis has become the standard by which strategic partners are measured,” Carleton president Pat Ruszkowski said in a news release.

“Over the last two years, Carleton made major investments in personnel, technology, and training to successfully complete its SOC 2 audit,” Ruszkowski continued. “It has been a top priority that Carleton met and/or exceeded the compliance requirements of our lending partners and customers.”

As Carleton updated its operational practices to meet SOC 2, Ruszkowski went on to mention the company recognized that implementing the newer standards was far more than a “connect-the-dots” exercise.

Since SOC 2 applies to nearly every SaaS company, as well as any company that uses the cloud to store its customers’ information, overall standards were expanded to include more current elements of data controls,” according to Carleton.

The SOC 2 audit included Carleton’s CarletonDocs, CarletonCalcs and CarletonAccess application infrastructures.

“Carleton’s successful SOC 2 audit validates its commitment to excellence by adhering to the mandated industry standards for delivery of secure products and services to its client partners,” the company said.

UPDATED: CFPB hits SNAAC with another $1.25M penalty


The Consumer Financial Protection Bureau said on Wednesday that Security National Automotive Acceptance Company (SNAAC) violated a consent order from 2015, demanding that the finance company make good on the redress it owes to consumers and pay an additional $1.25 million penalty.

The CFPB initially ordered SNAAC, which specializes in working with servicemembers, to pay both redress and a civil penalty for illegal debt collection tactics, including making threats to contact servicemembers’ commanding officers about debts and exaggerating the consequences of not paying. The bureau determined SNAAC violated the 2015 order by failing to provide more than $1 million in refunds and credits, affecting more than 1,000 consumers.

“This company violated a bureau order when it failed to get money back to servicemembers it had hounded with illegal debt collection tactics,” CFPB Director Richard Cordray said. “We are making sure this company finally rights its wrongs.”

SNAAC, based in Mason, Ohio, is an auto finance company that operates in more than two dozen states and specializes in loans to servicemembers, primarily to buy used vehicles.

The company shared a statement with SubPrime Auto Finance News, stating that “the settlement resolves a disagreement between SNAAC and the CFPB over the interpretation of part of a consent order.”

The company continued, “SNAAC agreed to this settlement to close this matter and move forward in serving customers in the respectful, honorable manner that has been the company’s tradition.”

SNAAC pointed out that the CFPB acknowledges in the settlement agreement that “SNAAC has consented” to the order “without admitting” to its findings. The original consent order covered approximately 2,200 of the more than 83,000 accounts serviced by SNAAC between 2011 and 2015.

“At issue in this disagreement was the application of credits provided to a fraction of those accounts that had already benefited from a settlement balance for substantially less than was owed,” SNAAC said.

“Although SNAAC disagreed with the CFPB’s interpretation of the 2015 consent order, the company offered to pay all the disputed amounts in order to move forward,” the company continued. “The CFPB declined the offer and began an inquiry.

“SNAAC fully cooperated and responded quickly to all requests for data, reports and testimony,” the company went on to say. “SNAAC is proud of its work over the past 30 years for its customers, many of whom would not have had access to the credit they and their families need.”

Back in June 2015, the CFPB sued SNAAC for aggressive collection tactics against consumers who fell behind on their vehicle installment contracts. If servicemembers lagged behind on payments, the bureau said SNAAC’s collectors would threaten to contact — and in many cases did contact — their chain of command about their debts.

Also, the bureau said the company exaggerated the consequences of not paying. For instance, the regulator indicated SNAAC representatives told some consumers that failure to pay could result in action under the Uniform Code of Military Justice, demotion, discharge, or loss of security clearance. But these consequences were extremely unlikely.

The CFPB alleged that SNAAC’s aggressive tactics, which took advantage of servicemembers’ special obligations to remain current on debts, victimized thousands of borrowers.

Then in October of that year, a CFPB consent order indicated that SNAAC engaged in “unfair, deceptive, and abusive acts and practices” while collecting on these vehicle installment contracts. The order required SNAAC to pay $2.275 million in consumer redress through credits and refunds, and a $1 million civil penalty.

Consumers with an account balance were to receive credits to their accounts, and consumers with a zero balance were to receive cash refunds. While SNAAC submitted two plans that claimed to provide the full amount of redress ordered, the bureau insisted both were designed to underpay such redress.

Acting on a tip from a servicemember’s father, the CFPB discovered that SNAAC had issued worthless “credits” to hundreds of consumers and failed to provide proper redress to many more.

The CFPB reiterated that it is issued this new consent order against SNAAC for violating the terms of the 2015 consent order by failing to properly give refunds or credits to affected borrowers. In this latest development, the CFPB found that the company had failed to meet its obligation to pay redress to consumers by:

— Issuing worthless “credits” to settled-in-full accounts: In purporting to provide redress, the CFPB said SNAAC treated accounts that were settled-in-full as having a positive account balance. Instead of providing refunds to consumers with settled-in-full accounts, the bureau said SNAAC issued worthless account “credits.” Those consumers received no benefit from such a “credit” because they no longer owed SNAAC money and could not use such a credit toward any new or existing loan.

— Issuing worthless “credits” to discharged accounts: The CFPB indicated SNAAC also issued worthless account “credits” to consumers whose debts had been discharged in bankruptcy, and who no longer owed SNAAC money on their vehicle installment contract. The bureau asserted that SNAAC had no legal claim to any unpaid balance, and these consumers received no benefit from the “credits.” SNAAC had, in fact, already stopped collections on these accounts, according to the regulator.

— Failing to properly give redress to consumers making payments under settlement agreements:  Some SNAAC consumers were making payments under settlement agreements, the CFPB said. But the bureau noted SNAAC based redress on the original, higher account balance in place before it agreed on a settlement with the borrower. As a result, in many instances, the CFPB said SNAAC issued credits that exceeded consumers’ settlement balances, rather than refund any amount above what the consumers actually owed. And because their settlement balances were improperly credited, some consumers unwittingly overpaid SNAAC to settle their accounts, according to the bureau.

More details of enforcement action

Under the Dodd-Frank Act, the CFPB is authorized to take action against institutions engaged in unfair, deceptive, or abusive acts or practices, or that otherwise violate federal consumer financial laws. Under this consent order:

— SNAAC must pay redress as promised to affected consumers: SNAAC must pay the bureau roughly $720,000, which the bureau will send as refunds to about 925 consumers. SNAAC must issue about $370,000 in new credits to over 1,000 consumers with remaining account balances as well as properly credit roughly 1,000 consumers making payments under settlement agreements. SNAAC must also pay $75,000 to the bureau to cover the costs of distributing these payments.

— SNAAC must pay a $1.25 million penalty: SNAAC must pay a penalty of $1.25 million to the CFPB Civil Penalty Fund, in addition to the $1 million penalty it paid under the 2015 consent order.

The text of the consent order can be found here