Table of Contents Table of Contents
Previous Page  141 / 284 Next Page
Information
Show Menu
Previous Page 141 / 284 Next Page
Page Background

HOT TOPICS

2017

MEMBERSHIP

DIRECTORY

126

A dealer’s ITPP must be appropriate to the size and complexity of the dealership and the nature of its operations.

The Red Flags Rule does not apply to cash sales, although if a customer pays more than $10,000 in cash or cash

equivalents, you must file an IRS/FINCEN Form 8300 within 15 days of the cash sale and send a written notice to

the customer that you have filed the Form 8300 by January 31 of the following calendar year. See “Cash Sales” in

Chapter 4.

A robust ITPP that you consistently apply with all customers is important as the FTC indicated Red Flags would be a

priority area for this year. The Red Flags Rule is designed to prevent consumers and your dealership from becoming

victims of identity fraud. Auto dealers lose when they finance a vehicle to an identity thief and, typically, the

vehicle is long gone by the time the identity theft is discovered. Most lender agreements require the dealer to

repurchase the contract with an identity thief, even if the customer has made several payments. The Red Flags

Rule goes a step further. The Rule requires lenders to monitor accounts in their portfolio (along with written-off

accounts) for evidence of identity theft to attempt to detect and mitigate further identity theft. So more lenders

are examining delinquencies and written-off accounts for identity theft, even accounts that may have paid for

substantial periods of time. Instead of just writing these accounts off as credit losses as they did in the past,

lenders are now forcing dealers to repurchase accounts they identify as identity theft accounts, even if the identity

thief has made payments for a period of time. A dealer in Utah received three “repurchase” demands in one day

from a national lender on accounts that had been originated and assigned by the dealer to the lender up to a year

earlier. This“back end”repurchase risk presents perhaps your biggest financial risk from identity theft. A good ITPP

program will protect you, the dealer, more than anyone else.

The dealer’s Board of Directors (or its highest governing authority) must approve the initial ITPP, and take

responsibility for it. A senior officer must be appointed to be the ITPP program manager (“Program Manager”),

responsible for developing, overseeing, implementing, training, updating, and administering the ITPP, but the

final responsibility will rest with the Board of Directors or the senior management team.

The Red Flags Rule requires a four-step compliance process: The first step is to identify appropriate “red flags” for

your ITPP. Red flags are patterns, practices, or specific activities that indicate the possible existence of identity

theft. The Red Flags Rule lists 26 potential red flags that you must consider for your ITPP, but many will not apply

to auto dealers. Others may. The types of covered accounts a dealer originates (and for buy-here-pay-here dealers,

the covered accounts it maintains), a dealership’s individual experiences with identity theft and those of similarly

situated dealerships, and appropriate regulatory and law enforcement guidance may be the best sources for

determining your dealership’s red flags. For example, red flags for accounts that are opened over the Internet (like

eBay Motors) may differ from those accounts originated face-to-face at your dealership.

The second step of the Red Flags Rule is to employ procedures to detect the presence of any of your identified

red flags in individual consumer credit transactions as well as business credit transactions you identify as posing

identity theft risks. An electronic identity verification service such as Dealertrack Red

Flags can help you compare the customer’s reported information to fraudulent databases and stolen Social

Security numbers, among other red flags. It is also important to examine customer’s IDs (front and back) for

tampering or counterfeiting, as well as to carefully review credit reports for unusual patterns of recent activity or

other irregularities. These are three excellent ways to identify red flags in customer transactions for persons who

come to your dealership. Internet customers who you may never meet require even more diligence. Out-of-wallet

or knowledge-based authentication questions that ask information which only the real person would know (an

example is listing five people and asking which one the customer knows, one being the real person’s brother-

1 136 137 138 139 140 141 142 143 144 145 146 147 284  FlippingBook