In the United States, 8.3 million people fall victim to identity theft every year leading to losses of up to USD 15.6 billion. In order to cut this figure, the US government has issued a new regulation to implement the Fair and Accurate Credit Transactions or FACT Act. This regulation, called Identity Theft Red Flags Rule, is already in effect with compliance mandatory on November 1st 2008.
The FACT Act, which was passed in 2003 by the US Congress, allows consumers to request and obtain a free credit report once a year from each of the three nationwide consumer credit reporting companies of Equifax, Experian and TransUnion. It also helps reduce identity theft by allowing individuals to place alerts on their credit histories if identity theft is suspected. The new regulation to the FACT ACT makes it mandatory for any firm, big or small that gives credit to consumers, to implement an identity theft prevention program for new and existing accounts.
The solution, according to Compliance Coach Inc., a provider of automated regulatory compliance solutions to the financial services industry, is its CompliancePal software. CompliancePal is a web-based software that walks the user through a series of questions and produces the required risk assessment, the mapping of red flags to appropriate detection and response procedures, the written program, the training materials and the compliance status report, everything else that is necessary to pass an audit. The software is updated regularly for new identity theft schemes and red flags so a company can easily update its identity theft program and maintain compliance. For example, recently 23 new red flags were added to the software based on recent significant identity theft cases. To use the solution, companies simply sign-up online and access the software via the Internet.
Compliance Coach says that with its software, companies will save hundreds of hours, thousands of dollars by complying quickly with the new Identity Theft Red Flags Rule. Under this Rule, each company must identify all of the accounts it offers that are covered by the Rule, perform a risk assessment of each covered account, identify red flags for each account that may indicate possible identity theft, map each red flag to appropriate detection and response procedures. Companies have to develop a written program and obtain board of directors approval, provide training to appropriate employees, monitor for new identity theft red flags and new risks, make appropriate changes in procedures and update the program and provide a compliance status report at least annually.
“CompliancePal is an extremely easy-to-use and cost-effective solution. Our team of legal, compliance and technology experts have meticulously designed the software to enable compliance quickly, easily and save hundreds of hours and thousands of dollars. Compliance Coach’s team of legal and compliance experts monitor and analyze daily identity theft cases, schemes and trends to identify new red flags. CompliancePal is the only solution for millions of companies to easily stay on top of new red flags,” says Sai Huda, chairman and CEO, Compliance Coach Inc.
Compliance Coach is a leading provider of automated regulatory compliance solutions to the financial services industry. Five of the top 10 banks and hundreds of financial services companies throughout the U.S. rely on Compliance Coach’s solutions and services to mitigate compliance risk. The company has an in-house team of some of the nation’s top compliance experts. Its experts are former regulators that have examined financial institutions, or compliance attorneys or compliance officers who have spent years practicing compliance at leading financial institutions. “Our experts are also at the forefront and work closely with regulators on implementing new regulations, and take pride in being the first to educate the industry whenever a new regulation is issued. This deep expertise enables us to provide the highest quality regulatory compliance advisory, consulting and training services to our financial services customer,” says the company.
Automotive Industries spoke to Sai Huda, chairman and CEO of Compliance Coach.
AI: How have companies that offer credit reacted to the new Identity Theft Red Flags Rule?
Sai Huda: The affected companies fall into one of three types:
1. Understand the Rule and have started compliance efforts.
2. Somewhat familiar with the Rule and are just now beginning compliance efforts.
3. Completely unfamiliar with the Rule or have heard about it but are too busy to deal with it now.
The first type are companies that realize complying with the Rule will not be easy and will take a lot of work. They are in the midst of risk assessments and developing the program. They are realizing that if they do not get it right the first time, they will have significant risks. They still need further guidance and a tool to help them comply correctly. This is a small number of companies out of the millions that need to comply.
The second type are companies that are now just getting up to speed with the Rule and starting compliance efforts. They are beginning to realize the magnitude of the challenge ahead and are worried about complying by the deadline. The more they get deeper into the process, the more worried they get. They need a tool to make compliance easier, faster and correct.
The third type are companies that have not heard about the Rule or have heard about it a bit but do not want to deal with it now since the deadline is a few months later (i.e. November 1, 2008) and think they will have plenty of time to get into compliance. This is majority of the millions of companies that have to comply by the deadline. They have limited resources and are busy selling and want to deal with the Rule later. These are the ones that will most definitely need a tool in order to make the deadline, because they have underestimated the time and effort it will take to comply.
AI: How will the new Regulation affect automotive companies’ client credit applications?
Sai Huda: Automotive companies are one of the largest sectors that are directly affected by the new Rule. They will have to expend a significant amount of time and money to get into and stay in compliance. The new Rule raises the bar for automotive companies. It creates an affirmative obligation. These companies are now expected to take active steps to detect, prevent and mitigate identity theft during the credit process. The regulation spells out that an automotive company must implement an effective identity theft prevention program. They must train their employees to follow its procedures and do its part to prevent identity theft from happening. So the normal process will have to change. It can’t be business as usual at the dealership or at the finance office. Certain new procedures must be implemented and followed. Also, new procedures must be implemented to better protect consumer data and prevent identity theft.
Additionally, automotive companies must ensure they are in full compliance with the new Rule in order to be able to obtain financing from financial institutions or other investors. No bank or other investor will do business with an automotive company that is not in compliance. They will be asking a lot of questions about the level of compliance at the automotive company because assignee liability may accrue to them. Every single financial institution and finance company will have to comply and they will expect the automotive company to also be in full compliance. So compliance will be enforced by the marketplace, along with the FTC and other federal and state regulators.
AI: How have you helped these auto firms? Can you please give us some examples?
Sai Huda: Non-compliance penalties are severe. Failing to comply with the new Rule can result in civil money penalties starting at USD $2,500 per each violation, a cease and desist order or worse a private plaintiff lawsuit. Non-compliance with the Rule is double trouble, since non-compliance would be also federal or state unfair deceptive acts or practices or unfair business practices violations. Let us not forget perhaps the biggest penalty: negative publicity and harm to a company’s reputation and goodwill. Consumers may never do business with the company and tell others not to. With instant messaging, e-mail, text messages, chats, and the rest of the Internet, word can spread instantly.
Since it will take hundreds of hours and thousands of dollars to comply with the new Rule and the severe non-compliance penalties, Compliance Coach developed CompliancePal to make it easy, fast and inexpensive to comply with the Rule.Â
Hundreds of companies have already signed up and are using the tool to get into compliance. We expect thousands of companies to use the tool in the next few months. Our goal is to have as many as possible out of the millions that need to comply. The tool is extremely easy to use and makes it simple to comply using a proprietary 5 step system. So for example, an automotive company can use it to do the risk assessment, map the red flags to appropriate detection and response procedures and produce the necessary program and training for its employees with a few clicks of the mouse and save hundreds of hours and thousands of dollars it would have to expend otherwise. Also, as new red flags are added from new schemes and cases, or if it adds new products or services, it can easily update its program and stay in compliance. Let us remember: one of the ongoing compliance obligations is to periodically update the identity theft prevention program.
AI: Tell us a little about when you started working on updating CompliancePal to take into account the new legislation and how the process evolved.
Sai Huda: Compliance Coach is always first to market with new automated regulatory compliance solutions for the financial services sector. We are the leader in our sector. We are always monitoring new legislation and regulations and determining whether a tool or solution is necessary to facilitate compliance. Frequently, compliance becomes challenging for affected companies due to complex legal requirements, time limits or unintended consequences of the legislation or regulation when one actually goes to implement compliance due to the impact on existing business processes. So as soon as the new Identity Theft Red Flags Rule was issued, within five days, Compliance Coach developed a training program for our customers to educate them on the Rule and its impact, and started to develop a software solution and be the first to market. We put together a team of subject matter and technology experts, and within a few months, developed the CompliancePal software and launched it. We are the first to market and the solution is receiving rave reviews from the industry and customers. CompliancePal provides an extremely compelling and powerful value proposition. How else can one quickly and easily get into and stay in compliance with the new Rule?
Â
AI: How has industry reacted to the updated CompliancePal?
Sai Huda: Hundreds of companies have already signed up and are using the tool to get into compliance. We expect thousands of companies to use the tool in the next few months. Our goal is to have as many as possible out of the millions that need to comply. The tool is extremely easy to use and makes it simple to comply using a proprietary 5 step system. It is all web-based and there is no software to install. It is also most affordable with an annual license fee starting at only USD $295 for a small customer up to only USD $995 for a large customer. We are the first to market and the solution is receiving rave reviews from the industry and customers. For example, recently Daniel Kehrer, Executive Editor at Business.com provided the following review “…CompliancePal offers easy online tools…among seven of the best and brightest 2008 web-based products…”
For further information visit: http://www.compliancepal.com/Â
More Stories
Meet Rita Case – recipient of 2024 NAMAD Lifetime Achievement Award
Automotive Industries (AI) Newsletter October 2024
Getac on AI’s transformative impact on automotive production and aftersales