Stranger Danger: Why Identity Verification is Important for Compliance

By the third quarter of 2024, the Federal Trade Commission had received nearly 842 thousand reports of identity theft and more than 1.8 million reports of fraud. Legislators and consumer protection agencies are well aware of the risks, which is why there are so many regulations that require verification of customer identity.

Making sure a customer is who they say they are is not only important for legal compliance, but it also helps protect your dealership from the financial and legal costs of fraud. One of the most proactive compliance processes your dealership should undertake is to develop and assign a Program Manager to implement a written Identity Theft Prevention Program (ITPP) to comply with the FTC Red Flags Rule1.

Saving Consumers and Your Dealership from Identity Theft

According to the FTC, your ITPP should be customized for your dealership’s size, location and activities to identify and address the “red flags” that you are most likely to encounter. The verification activities an ITPP may establish could include:

  • Closely examining photo IDs
  • Reviewing a customer’s recent credit bureau activity
  • Using an electronic identity verification service to compare customer information against databases of fraudulent activity and to assess the Social Security number that a customer has provided
  • “Out-of-wallet” questions, which are authentication questions about someone’s identity that go beyond the information that could be found in a stolen wallet

Use the ITPP with every customer and every document. In cases of problematic customers who resist requests for identity verification, you could escalate to your Program Manager and continue to seek additional information or ask more out-of-wallet questions. The Program Manager should persist until they are satisfied that they have verified the customer’s identity or that they need to decline to do business with the customer.

It’s important to document your ITPP activities for each credit customer and do ongoing training and testing to make sure your staff stays up to date on the process. Consult your legal counsel on developing and updating your ITPP as needed.

Making Sure Your Customers Are Legally Allowed to Buy in the U.S.

Another important identity check requirement centers around the OFAC SDN list. The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury maintains a list of Specially Designated Nationals (SDN) who are prohibited from doing business in the United States, which includes buying a vehicle. Dealerships are required to run each customer’s name against the list and – if they get a “hit” – follow steps to find out whether a possible match is a false positive. There are substantial civil and criminal penalties for doing business with someone on the list, so it’s vital to make sure that customers are not on the SDN list and to keep records of your OFAC checks.

To learn more about customer identity verification and compliance, sign up to download the free 2025 Dealertrack Compliance Guide.

1Please check with legal counsel for further details.

 

Best Practices for Remote Signing

Dealerships have made impressive strides in responding to the restrictions imposed by CDC guidelines and social distancing rules by adopting tools that allow them to work with customers remotely. One vital part of that process is remote contract review and signing.

With a growing percentage of deals starting online, remote signing followed by at-home delivery are logical next steps to ensure convenient and socially distanced auto purchases for consumers.

Here are some important considerations for successful remote signing:

  • Make sure your internet connection is secure – An important aspect of compliance is protecting customer and deal data. Especially if you’re working somewhere other than the dealership, be sure your wi-fi signal is password protected.
  • Begin with some show-and-tell – Start by having a conversation with the buyer to make sure they have access to the proper technology required for the contract review and signing: a desktop computer, laptop or tablet with an up-to-date browser that’s connected to the internet. Then explain the eSign process, including the need for their consent, and talk through how the signature capture process works.
  • Verify the customer’s identity – When you’re dealing with customers remotely, it’s more important than ever to make sure every customer is who they say they are. Using a compliance solution like Dealertrack Compliance during the deal process for vital Red Flag alerts and OFAC checks can help – and can also provide out-of-wallet questions if needed.
  • The next best thing to face-to-face – We recommend using video conferencing, Facetime or another video chat app to help make sure you’re dealing with the right person before you connect to their device for contract review and signing. Video is also helpful for walking the customer through the review and signing process so you can see their screen and provide direction as needed.
  • Record the signing ceremony – Choose a video conference platform that allows you to record the signing session for the purposes of ID verification and fraud risk mitigation. Tell the customer you’ll be recording and get their permission before you begin.
  • Give the customer time to read the fine print – Before the customer signs, make sure they review the contract. They can do it on the screen, but you should recommend that they use the print or download functionality to create their own copy.
  • Follow delivery protocols and best practices1 – The vehicle should be delivered as soon as possible after contract signing. When you arrive at the customer’s location,2 start by validating the buyer’s identity by matching their driver’s license to the information on the contract.
  • Don’t renegotiate upon delivery – Do not negotiate terms and conditions of the deal at the consumer’s home, as this could invoke a three-day rescission period that allows the customer to cancel their transaction.
  • Disinfect high-touch areas of the vehicle – Relieve any customer concerns by cleaning the vehicle in accordance with CDC guidelines and telling the customer about your sanitizing procedures.
  • Finalize all documentation – If there are any remaining DMV or dealer documents, have the customer complete them now. Use a tablet to photograph and upload any remaining stips and trailing documents. Be sure to have the customer sign the delivery receipt and keep it for your records. And don’t forget to deliver the final signed copy of the contract to your customer.

If a customer will be at the dealership to sign their contract and take delivery of their vehicle, you can still give them the option of bringing in their own device for signing. That can help to ensure social distancing and alleviate any concern the customer may have about handling shared devices.

Dealertrack assisted Remote Signing is available for dealerships with Digital Contracting on Dealertrack F&I. Click to learn more about getting started with assisted Remote Signing at your dealership.

The 2022 Dealertrack Compliance Guide includes a new chapter on automotive eCommerce sales. Download the Compliance Guide here.

.In locations where permitted by federal, state and local COVID-19 ordinances, consider offering at-home delivery and observe CDC protocols during vehicle delivery.
Customer must take delivery in the state they are in as out-of-state deliveries are not available at this time.

What Dealerships Need to Know About Electronic Signatures

In the year 2000, Tiger Woods became the youngest golfer to win a career Grand Slam, the original Mini ceased production, and the U.S. passed the E-Sign Act (Electronic Signatures in Global and National Commerce) ensuring that electronic signatures can be valid and legally binding.

Even though more than 20 years have passed since then, confusion about the legality of eSignatures remains. In this post, we’re going to work on clearing up some of the common misconceptions around electronic signatures.

Federal Laws Regarding eSignatures

The E-Sign Act states that a contract or signature, “may not be denied legal effect, validity, or enforceability solely because it is in electronic form”. Basically, the E-Sign Act gives eContracts and eSignatures the same legal standing as paper records. It also says that electronic records count as information “provided in writing,” as long as a consumer agrees to conduct their transaction using electronic means.

The E-Sign Act also requires lenders to keep accurate and complete electronic records that can be accessed and reproduced as needed by people who are authorized to access them.

You can click here to read the E-Sign Act if you want to know exactly how it’s stated.

In 2010, provisions of the Uniform Electronic Transactions Act (UETA) helped ensure that each state aligned on recognizing the legality of electronic contracts for business and commercial transactions. As of August 2021, New York State has not adopted UETA, but they have other laws recognizing electronic signatures for lenders.

But What About California?

When California adopted UETA, it made an exception for auto signing. However, California later adopted E-Sign, which supersedes UETA. Currently, every major provider and lender includes California in their eContracting platform.

Please consult your lawyer if you have doubts or questions about the legality of eSigning in your state.

What Are the Advantages of eSigning?

Giving electronic contracts and signatures the same legal status as their paper counterparts offers significant benefits for dealers, customers and lenders:

  • Accuracy – eContracting helps ensure that contracts are complete and more accurate before the customer signs and the dealer submits them to the lender. It also helps eliminate missing signatures, which is one of the top reasons that funding packages are returned as incomplete and subject to re-contracting.
  • Compliance – With the system flagging any potential issues, a dealership can be more confident that each contract is compliant with state and federal consumer protection regulations. Customers are protected by a documented process that ensures they know what they’re signing before they sign and that they’ve provided affirmative consent to complete their transaction electronically.
  • Customer Satisfaction – The ability to review and sign documents electronically greatly enhances the customer experience. Rather than flipping through dozens of pages one-at-a-time, eSigning offers customers the ability to seamlessly and efficiently move through the car buying process. 2021 Cox Automotive Car Buyer Journey research shows that heavy digital buyers who completed more than half of their purchase activities online, saved nearly 30 minutes by handling negotiations, contract review and signing digitally. These buyers had more overall satisifaction with the shopping experience, which can help to preserve the dealership’s CSI score and improve customer loyalty.
  • Faster Funding – The lender receives data that has already been checked for accuracy directly into their loan origination system (LOS), which not only maximizes data security but allows for loans to be processed and funded more quickly.

How Widespread is eSigning?

Industry-wide, lenders have purchased, securitized and funded billions of dollars in eSigned retail and lease contracts to date in all 50 states.

Are All eSignatures the Same?

Dealertrack eSignatures are accepted by all major lenders participating in eContracting on our platform in every state. In addition, there are aspects of our technology and signing process that help ensure eSignature authenticity and provide the authoritative copy of each contract in ways that some other providers do not. We can also offer a better customer experience with “tap and sign” functionality that allows buyers to sign one time per signing session and have all subsequent signatures pre-fill with just a tap.

If you’d like to learn more about the advantages of Dealertrack Digital Contracting, please click to request a demo.

3 Questions You Should Ask About Your F&I Compliance Technology

Advanced automotive retail technology offers streamlined dealer workflows designed to improve the customer experience and ultimately enhance your profits.​ 

These workflows can provide other crucial benefits, including regulatory compliance safeguards and protections against consumer fraud, integrated across the sales and F&I workflow.

Here are three questions to keep in mind when you’re selecting this type of technology to ensure that it meets compliance standards:

1. How does the platform address safeguards and ID verification?

There should be verification checkpoints such as red flags reports built into the workflow. You also want to make sure that you can add additional ID questions as needed. This is important for dealership security and will help you meet FTC and OFAC requirements.

2. How does the software handle adverse action notices and risk-based pricing notices?

You want adverse action notices and risk-based pricing notices to be an integral part of the technology workflow. For adverse action notices, the software should help you manage the mailing of notices and show confirmation that the notices were sent.

3. Does the compliance offering include aftermarket product sales?

To reduce the risk of non-compliance, it’s important for your F&I solution to incorporate a consistent presentation, accurate pricing, and proper aftermarket disclosures.

F&I solutions are aided by technology, but they also require training, knowledge and guidance that encompasses every customer interaction from advertising, to showroom conversations, to starting, structuring, financing and transacting the deal.

Want to learn about Dealertrack’s F&I Compliance solutions? Click to schedule a demo.

Minimize Risk and Help Ensure Compliance on Every Deal

It’s understandable that dealers do not enjoy having to think about compliance. The myriad, ever-changing laws, rules and regulations that apply to each deal can be confusing and frustrating. But non-compliance can lead to thousands of dollars in fines, class-action penalties, and damage to the dealership’s reputation – so it’s important to do everything possible to keep up.

Engaging qualified legal counsel is the most effective approach to full compliance, but here are other ways that dealers and their staff can work to protect their deals and the reputation of their dealerships.

Every pencil counts 

As you know, a pencil is the proposal that a salesperson uses with customers to outline deal scenarios as the final agreement is being reached. It’s important for your desking solution to automatically save a record of pencils in each customer’s deal jacket.

This will give you the ability to show a regulator, auditor, or plaintiff’s attorney the progression of the deal, and will help head off any claims that a consumer misunderstood the deal. This is particularly important in that the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) have emphasized the need for transparency in consumer financing of automobile purchases and leases. For example, The Dodd-Frank Act has a category for “abusive” trade practices, designed to protect consumers from being taken advantage of due to their lack of understanding.

Consistency is key 

Prepare scripts, FAQs and presentations that fairly and honestly state what the aftermarket product is and how much it will cost. This helps ensure that there won’t be credit discrimination.

Create a paper trail – even if it’s digital 

Solid documentation creates an environment of transparency for the consumer and a “paper trail” for auditors and regulators.

Each customer’s deal jacket should not only contain a record of pencils, but copies of every document, including all four squares and even less formal correspondence that shows how the deal was formed. Keeping the pencils record, a signed menu, and a plain-language buyer’s order reveals the detailed steps and trade-offs made by both the customer and the dealer.

Make sure that all pertinent deal information is stored in an easily searchable and highly secure location. That will help you build a consistent and transparent sales process and also give you the ability to track pencils by deal, date, user or vehicle status for auditing purposes.

When you follow these steps, you will help protect your dealership and your customers.

For more compliance tips, download the Dealertrack 2025 Compliance Guide. It’s a handy resource for questions about sales and finance compliance all year long.  

How Operations Oversight Aids in F&I Compliance

It seems that you can’t read the news without learning of yet another massive corporate data security breach. As much as we all hear about the importance of safeguarding customer information, studies show that a majority of data breaches are caused by employees.

In your showroom, that means your compliance is at risk from staff members leaving deal jackets, credit reports or credit applications lying around for anyone to see – or from weak passwords or “phishing” scams with untrustworthy links. Whether data is exposed through negligence, error or the deliberate acts of untrustworthy employees, it’s important to have a plan in place to protect your dealership.

Dealership management should be proactive and prepared with comprehensive data security training and real-time monitoring. It’s vital to oversee your operations via tracking of employee access to your electronic databases, including a compliance dashboard.

Protecting your dealership 

There are two key steps to keeping your dealership protected and compliant. Begin by educating your employees and giving them the tools they need to keep information secure. This includes training on data security best practices about things like strong passwords, avoiding clicking unknown links, and guarding against social engineering attempts by strangers attempting to get information.

The second step is to create a monitoring program that allows you to oversee data flow into your systems, user access, user activity, and patterns that indicate irregularities. When you closely and regularly monitor the sales process, you are better equipped to step in to head off problems and help ensure that your dealership remains compliant.

Creating your compliance process 

As you’re developing your process, make sure it includes a real-time compliance dashboard within a single screen. That will allow you to immediately identify any potential issues. You’ll also be able to observe how your employees handle and safeguard customer data they receive.

Data management is something you need to do actively, with policies in place to handle data over time as well. Beyond requiring secure passwords and authentication, consider two-factor authentication that includes a complex password and a randomly-generated number from an ID token.

Manage user permissions so that only employees with a legitimate business need can access customer information. Have a plan for purging non-public personal information once you no longer need it.

A culture of security in your dealership starts with senior management and filters through the ranks. Emphasize transparency and honesty in every customer interaction and make sure to train employees on unfair, deceptive and abusive practices to ensure that each interaction with customers complies with federal and state regulations.

If you haven’t gotten your copy of the Dealertrack 2025 Compliance Guide, download it today

5 Ways to Make Sure Your Compliance Program Is Effective

Compliance can be a costly part of doing business as a dealership. A 2022 article in Auto Dealer Today estimated that the average dealership spends between $162,385 and $276,925 per year to address regulatory compliance.

Fortunately, dealers can address F&I compliance more affordably by integrating a robust program throughout the sales and F&I workflow. This starts with effective document storage and includes the ability to monitor deal activity.

Here are five questions to ask to make sure your compliance program is operating at full efficiency and effectiveness:

1. Have you created a culture of compliance and security?
It’s important to train employees on spotting unfair, deceptive, and abusive acts and practices. Training should also emphasize honesty and transparency in all customer interactions. And make sure you have a compliance dashboard that allows you to monitor activity from a single screen.

2. Is the FTC Red Flags Rule fully integrated into your workflow?
Your sales workflow should include checkpoints throughout the deal process to verify that you’re meeting FTC and OFAC requirements and mitigating fraud. Always stay audit-ready by documenting everything you do and keeping copies of all documents related to identify in the deal jacket. Finally, be sure that you follow your identity theft policies and procedures (ITPP) process with every customer.

3. Does your compliance workflow include your menu selling?
Cox Automotive research has found that customers who are aware of F&I product options before they go to the dealership are more likely to buy. As these product introductions become more prevalent online, it’s vital to make sure they are fully consistent with the in-store presentations and include the same full disclosure. Your electronic menu product should help ensure consistency and legal compliance with your state laws and regulations.

4. Do you have full visibility to all deal activity?
Your compliance program should give you the power to track, report, and audit activity as needed, and from a single screen. Today’s dealership management must be prepared and proactive, with comprehensive training and real-time monitoring. For example, electronic databases should give you the ability to track employee access, and oversight of operations should include a compliance dashboard.

5. Are you consistently managing all documentation?
Regulations demand that you store a wide range of documents, including credit applications, privacy notices, credit reports, contracts, and menus, in secure electronic deal jackets. It’s about more than just convenience. Being consistent in storage and security provides peace of mind and creates efficiencies just in case auditors do come calling.

For more compliance tips, download the Dealertrack 2025 Compliance Guide. It’s a useful resource for safeguarding your dealership. 

Streamline Operations and Boost Satisfaction

Think for a moment about the interactions your dealership has with your customers. How many people really want to spend more time buying or servicing a vehicle? They want to get in, get out, and get on with their lives. But the unfortunate reality is that most customers dread the in-dealership experience. And it has more to do with the day-to-day operations of your business than you might think.

 

The Frustration of Buying a Car

In the minds of consumers, visiting a dealership isn’t far from a trip to the DMV. That’s because in-dealership inefficiencies lead to customer downtime and a prolonged sales and services process. And when customers have to wait, customers get annoyed. In fact, 41% of customers label the amount of time it takes to complete a purchase as the single most frustrating aspect of buying a car. That’s a higher level of frustration than dealing with salespeople, negotiating a deal, getting a good trade-in offer, or applying for financing.

As you might expect, customer satisfaction and the amount of time a customer spends in the dealership are closely correlated. According to an AutoTrader.com study, average customer satisfaction scores are highest when a customer spends less than an hour in the dealership. And those scores begin to fall off dramatically at the 90-minute mark, with scores dipping below the average at the 2.5-hour mark. The study also reported that every dealership analyzed failed to meet this 90-minute customer-cycle objective, regardless of the operational or sales tactics employed.

 

The Divide Between Dealers and Customers

Yes, it takes time to buy a car. But it’s obvious that there’s a real disconnect between dealers and customers about just how much time is considered acceptable. Most customers come to the dealership already having researched everything about their car of choice for weeks, even months. They want to show up long enough to sign a financing agreement, pick up their keys, and drive off the lot. In their minds, there shouldn’t be a difference between buying a car and walking into any other store to purchase a product. If inventory is available, they want to be able to buy the car and be on their way.

Dealers, on the other hand, understand that the process is more complicated. And yet, many of those complications can still be avoided. When dealerships use non-linear sales processes that involve multiple, potentially deal-breaking decision points and multiple technology systems (that don’t always play well together), tasks get duplicated, processing time increases, and customers wait.

 

A Wholesale Shift in Operations

To improve operational efficiency and improve the customer experience, dealerships need to think about people, processes, and technology as one and the same. In other words, every means available to the dealership should be used to bring about the singularly-important goal of providing a better customer experience.

Dealership and customer expectations will more closely unite when dealerships:

  • Hire, train, and retain talent with the customer experience in mind.
  • Review and improve technology and processes with the customer experience in mind.
  • Inform and incentivize customers about new and improved operational capabilities and efficiencies built with the customer experience in mind.

This wholesale shift toward an improved customer experience can begin when the customer first begins researching vehicles. By moving part of the sales process online, including online trade-in tools, F&I education and offerings, and having qualified salespeople available via chat, more decisions can be made when the customer is most interested. This also cuts down on in-dealership wait time and improves transparency.

By streamlining processes, implementing technology that simplifies operations, and emphasizing a customer-centered culture (including fostering transparency and trust), dealerships can get closer to the ideal in-and-out car-shopping experience. And eventually, dealership by dealership, sales will increase and the negative perception of the car-buying process will begin to change in the minds of consumers.

Keeping Aftermarket Products In Line: F&I Compliance Tip

Aftermarket products are important to dealerships’ bottom line. Recent NADA research has shown that 50 percent of profits for the average dealership come from the sale of aftermarket products.

A majority of these profits come from vehicle service contracts but, but other products driving profits also include guaranteed auto protection, credit life, and disability insurance, among others.

When selling aftermarket products, a dealership must disclose the products separately from the vehicle, indicating that the purchase is voluntary and that it is not required to obtain financing. Several states even have detailed regulations about how items need to be disclosed to the customer.

This is important to keep in mind as the FTC and CFPB continue to actively investigate and look for any unfair and deceptive practices in the sale of aftermarket products. The CFPB has made aftermarket products a priority since its inception and have the authority to bring actions against certain independent and buy-here-pay-here dealers while also referring other dealer violations to the FTC or a State Attorney General.

Best Practices

So, when selling these aftermarket products, how can dealerships protect themselves? We recommend the following to keep the FTC and CFPB away:

  1. Eliminate Excluded Customers from Your Target Direct Marketing Lists – There are consumers that opt out of all types of solicitations. If you have customers that do opt out, remove them from your lists. You can take it a step further and obtain the customer’s written consent to receive auto-dialed or prerecorded calls or texts. Cross-checking numbers with the FTC’s National Do Not Call Registry will save you headaches and potential issues.
  2. Understand Warranty Disclaimers for Each State – Service and insurance contracts can be structured in many different ways, all of which have different tax and liability issues. Dealers need to make it clear as to whether or not they have “entered into” a service contract. Both retro and reinsurance policies are subject to state insurance laws and customer claims. Dealers need to run the structure of service contracts with their lawyers and accountants.
  3. Charge the Same Price for Everything – Each product needs to be priced the same. If you surcharge a customer, that is considered part of the “finance charge” under TILA (Truth in Lending Act). As a result, that then must be calculated into the APR and disclosed in the RISC (Retail Installment Sales Contract).
  4. Be Consistent – The way you sell aftermarket products in the F&I office needs to be consistent. As a dealer, you are responsible for what is legally required in your state in terms of scripts, FAQs, and presentations that outline products and what they will cost.
  5. Adjust Your Practices to Address Customer Feedback – As laws change and consumers have positive and negative reactions, you need to adapt your selling of aftermarket products. Your employees need to be on board with this as well.
  6. Review and understand the CFPB Bulletin Incentives – When incentives concern products or services that could cause harm to consumers or not benefit them as strongly, they need to be reined in. Always have consumer interests in mind.

Start protecting your dealership from federal fines and audits: download your 2025 Compliance Guide todayLearn more about the Dealertrack Compliance solution here.

Monitor Dealership Activity: F&I Compliance Tip

One of the biggest threats to dealership compliance is inside the showroom. That’s right: your employees. Some studies claim that a majority of data breaches are caused by workers, a sobering statistic that may be due to negligence or mistakes – such as leaving credit applications, credit reports and deal jackets open and in plain sight – or could be caused by willful acts of disgruntled employees.

Point is, today’s dealership management must be prepared and proactive, with comprehensive training and real-time monitoring. For example, electronic databases should give you the ability to track employee access, and oversight of operations should include a compliance dashboard.

Why it Matters

By providing your employees with the education and tools they need, and by monitoring activity, you can help protect the dealership and keep it compliant. That includes taking steps such as implementing basic security requirements from your Safeguards program, and teaching employees best practice actions around issues such as opening unknown links and creating appropriate passwords.

Most important of all, however, is an effective monitoring program that gives oversight into critical areas such as data flow into the system, user activity, access, and even patterns of irregularities. Follow these best practice tips to better monitor the sales process and help ensure compliance.

Best Practice Compliance Tips

  • Put a robust monitoring program in place. It should include a real-time compliance dashboard that monitors activity in real-time, from a single screen.
  • Quickly identify and contain any customer information breach and make sure all employees safeguard customer information provided to them. Actively manage your data and develop policies to manage it during its lifecycle. Require secure passwords and authentication – consider two-factor authentication: something you know (a complex password) and something you have (a randomly-generated number from an ID token).
  • Manage user permission to give customer information access only to those employees having a legitimate business need. Don’t keep non-public personal information (NPI) longer than you need to do so.
  • Create a culture of security in your dealership and get senior management buy-in. Train employees on unfair, deceptive, and abusive acts and practices; emphasize honesty and transparency in all customer interactions.

Get more tips and recommended compliance practices. Download the free 2025 Dealertrack Compliance Guide.