Construction Equipment Guide
470 Maryland Drive
Fort Washington, PA 19034
800-523-2200
Mon September 12, 2022 - National Edition
No one likes them, but they are part of life and they are not going anywhere.
Regulations, whether on the federal level or the state level, can feel like a burdensome and painful ordeal for dealers, but not meeting those requirements and undergoing a compliance audit is far more painful. That is especially true if compliance violations result in fines, which can add up quickly and reach millions with just one repeated failure.
The only thing worse than the fines is the complete loss of trust you will have with many of your customers, and that is a lot more difficult to fix than the issues you may need to address in your handling of customer data and personal information.
So to help dealers, Trnsact has compiled nine of the most important regulations that dealers need to know and be prepared to take action on to protect your dealership and your customers. This is not an exhaustive list and there are other regulations you need to consider, especially at the state level. However, it is a good place to start.
Known simply at the GLBA, this act set forth several regulations that need the attention of dealerships. The privacy rule requires dealers to ensure the privacy of their customers and protect the security and confidentiality of their personal data.
The GBLA privacy rule set the standards for how dealers collect, store and share a client's personal and financial information. With the collection and transfer of financial information part of more than 90 percent of dealer transactions, dealers must be vigilant and take steps to ensure to develop secure data collection and management processes and ensure that customers understand how their data is being shared.
Under another GLBA regulation, the Federal Trade Commission (FTC) issues Standards for Safeguarding Customer Information.
Under the latest rule revision, dealers are fully required to comply with the more stringent and specific Safeguards Rule for consumer information by Dec. 9, 2022. This applies to all businesses, regardless of size, that are "significantly engaged" in providing financial products or services for consumers.
There are many steps to comply with the GLBA Safeguards Rule, like designating an information security officer, developing a customer data security program, conducting periodic risk assessments, vetting vendors for minimum security credentials and practices, and more.
The CCPA is a state statute intended to enhance privacy rights and consumer protection for residents of California, but the impact goes far beyond state borders. A dealer who uses consumer lenders based in California — Sheffield, Synchrony and many others — need to be aware of this regulation and its impacts. Additionally, the states across the country are considering regulations modeled after the CCPA.
Another regulation enforced by the FTC, the disposal rule requires companies that collect consumer financial and personal data to dispose of them in a secure format that ensures customer privacy.
Proper disposal includes shredding papers, securely erasing digital records and other methods depending on format. Because dealerships also must meet the GLBA Safeguards Rule, practices and processes for disposal of consumer information should be part of any information security program.
The ECOA was enacted to help limit and combat discrimination in the lending industry. The regulations mandates that lenders and dealers cannot discriminate on the basis of race, color, gender, religion, national origin, age or because one's income is derived from public assistance.
This law also requires that dealers notify applicants of action taken on their applications, report credit history in the names of both spouses on an account, retain records of credit applications and more.
Another regulation enforced by the FTC, this rule requires that dealers have a written Identity Theft Protection Plan (ITPP) designed to detect and protect against the common warning signs of identity theft. This includes checking for suspicious documents, reviewing unusual changes in a customer's credit report or account activity, and more.
Dealers must be proactive in protecting against identity fraud to comply with the Red Flags Rule.
Dealers may deal with large cash payments when selling cars, and as such must comply with these federal reporting requirements.
Your dealership must file a Form 8300 whenever a cash payment of more than $10,000 is received. This form is used by the IRS and Financial Crimes Enforcement Network (FinCEN) in protecting against money laundering.
The OFAC administers and enforces economic and trade sanctions against targeted countries and groups, especially groups involved with terrorism, drug trafficking and other crimes.
Dealers are expected to check customers' names against the Specially Designated Nationals List, a list of people and groups targeted by the OFAC.
Almost every business, including dealers, is required to have an Emergency Action Plan to "facilitate and organize employer and employee actions during workplace emergencies." Your dealership must have a written document meeting the specified requirements to protect employees and comply with OSHA standards.
As noted before, this is not the entirety of the regulations that dealers need to consider. Specifically, there are also more regulations at the state level, and new ones being proposed pretty much every legislative cycle. To monitor rules and regulations, connect with your dealers' association and track updates from dealer publications.
In today's world, technology is an integral and necessary part of modern compliance. While dealerships can create compliant processes without technology, it is an increasingly unsustainable approach. Besides, your clients and lender partners want processes that use innovation to make transactions faster and more efficient.
Moreover, when the right vendors and solutions are used, technology will create more repeatable processes that are more likely to be compliant. These more secure operations include:
The reality is that it is increasingly difficult to meet compliance requirements and protect consumer information without the use of technology in your dealership's operations.
Topic: The regulatory landscape related to the management of customers' personal and financial information is ever-changing at the federal and state levels. Heavy equipment and truck dealers must comply with mandates that could result in costly audits and hefty fines, including under new revisions to the Gramm-Leach-Bliley Act (GLBA) Privacy and Safeguards Rules and key state regulations. This webinar will explore these issues and address what dealers need to do to stay updated on regulatory and compliance issues.
When: Oct. 20, 2022, 1 p.m. ET / 10 a.m. PT
Moderator/Presenters:
Michael Benoit, chairman, Hudson Cook LLP; Panel of Subject Matter Experts (SMEs) from Hudson Cook; Vijay Patil, COO, Trnsact
Trnsact is a provider of embedded finance solutions for commercial equipment dealers. The company provides technologies, tools, and resources to the dealers to enable them to complete their transactions efficiently and securely. Trnsact's embedded finance products and payment solutions address inconsistencies, and a lack of security and transparency for equipment dealers by providing an easy-to-use turnkey solution that delivers more sales, new revenue channels, increased efficiencies, and better customer experiences.
For more information, visit www.Trnsact.com.