With a heightened focus these days on federal and state legal and regulatory compliance in the credit counseling and debt settlement industries, many organizations are finding out the hard way that it simply does not pay in today’s regulatory and litigation climate to be penny-wise and pound-foolish. Organizations are revamping their existing compliance programs and considering whether changes are in order – to the programs themselves and to procedures for their implementation. If your organization does not have a formal compliance program, or even if you are reevaluating your existing one, this article discusses ten steps to get you on the road to a successful compliance program.
The advertising, marketing and provision of credit counseling, debt management plans, and debt negotiation services is intensely regulated. State licensing and related compliance requirements are the norm rather than the exception. Very few credit counseling agencies, debt management plan providers, debt negotiation companies, their marketers, and their service providers, get it all right, in the eyes of the regulators and private plaintiffs, as far as compliance is concerned. Your organization has probably run into many of the compliance issues that credit counseling agencies, debt management plan providers, and debt negotiation companies consistently face, including licensing/registration, fee caps, portfolio transition procedures, advertising restrictions, telemarketing laws, and plenty more.
Moreover, the Federal Trade Commission (FTC) and other federal and state regulators are increasingly devoting resources and attention to parties that are not directly providing these services, but rather those that assist the advertiser and benefit financially as a result.
Whether it is protecting your organization or avoiding the scrutiny of state attorneys general, other federal and state regulators, or even class action plaintiffs’ lawyers, compliance should play an important role in the typical activities of your organization. Fortunately, a well-informed credit counseling agency or debt settlement company can go a long way toward protecting its own interests in this area ‑ without the day-to-day involvement of lawyers.
A reasonable compliance program, early detection, and prompt corrective action can minimize the consequences of legal or regulatory violations and avoid significant fines and penalties ‑ and possible criminal prosecution. Like any other important corporate policy, the policy should come from the top, set out rules and procedures, designate a person in charge, include monitoring to ensure that the rules are followed, and provide for swift action in the event of non-compliance.
While the advice and guidance of legal counsel is recommended, and will be critical, in formulating and implementing your compliance program, the following general guidelines provide a starting framework for an efficient and effective compliance program. Of course, you should be sure to tailor your program to the particulars of your organization to ensure that it addresses applicable risks.
1. Commit to Be Compliant.
A compliance program is a risk management program designed to avoid violations of law. Remember that legal compliance is not an option; it is an obligation. In today’s environment, the cost of doing business has skyrocketed for credit counseling agencies and debt settlement companies. While having a formal compliance program is not required by law, spending a penny now on compliance can often save a pound later on legal costs, and potentially be the difference in whether your company stays in business. If you have a program, however, your entire organization will need to truly commit to compliance for the program to be successful and reduce risk.
2. Don’t Rely Upon Your Neighbors.
Your compliance program should be tailored as appropriate for your organization’s unique operations. Prioritize the legal and regulatory risks when making a decision on the scope and structure of the regulatory compliance effort, in light of the risks and available resources to your organization. A typical compliance program for a credit counseling agency or debt settlement company may address areas such as state licensing and debt adjusting law requirements, advertising and marketing review, potential fraud, complaint resolution, and privacy and safeguards for client financial information. Once in place, reevaluate your program periodically against the changing risks your organization faces.
3. Adopt a Written Compliance Program.
It is important that your company have in place a clear, written compliance policy. The policy should say what you do; and it is critical that you do what it says. Employees must be informed and trained in this policy as applicable to their roles. The compliance program should incorporate and address all federal and state-specific requirements applicable to the organization.
With that said, the program should be simple and easy for employees to understand. More often than not, an overly complicated program may distract your staff from operating in a compliant manner, and some of your staff will be confused or may choose not to follow the program. Unless you have a dedicated professional compliance staff in place, and even if you do, keep your compliance policy simple and focus your attention on advertising and marketing, counseling sessions, customer relations, money management, and similar core processes. Finally, a compliance program should be dynamic enough to take into account the ever-changing regulatory landscape – including a method for periodic reevaluation and updates.
4. Train Management and Staff and Reward Performance.
Establish a regular training program so that all of your organization’s staff understands that there is a commitment to compliance as well as to the specifics of the compliance program. Encourage open discussion of compliance in the workplace, through staff meetings or other communications. Also, consider having an “open door” policy so that problems can easily be brought to management’s attention and be resolved. Consider how best to reward and motivate your employees. As part of the promotion of a compliance program, many organizations incorporate adherence to the program as an element in the evaluations of supervisors, managers and other employees.
5. Remedy Non-Compliance and Take Effective Action.
Non-compliance can come in many forms, including, for instance, not having the proper contract disclosures, delivering services other than what was promised, and overcharging consumers, contrary to company policy and/or state law. In other circumstances, non-compliance may involve operating without a required license, bond or insurance. In some instances, particularly in states where licensure is required, a graceful exit or resolution may need to be negotiated. Frequently, organizations will use audits and/or other evaluation techniques to monitor compliance on an ongoing basis, catch slip-ups in compliance, and implement remediation of identified problem areas.
6. Appoint a Chief Compliance Officer.
At the outset, an organization that is serious about compliance should designate a chief compliance officer or other appropriate high-level position charged with the responsibility of managing the compliance program. This person (or persons) should be involved in the design, implementation and evaluation of the compliance program. The person(s) chosen should be sufficiently involved in other areas of the organization to ensure that compliance and operations are aligned.
7. Ensure that Statements on All Documentation Are Consistent.
Each web site, advertisement and marketing document, client enrollment material, welcome kit, and subsequent correspondence should be consistent. It is not enough in the eyes of most regulators to explain your services after a consumer has decided to enroll. Regulators, especially the FTC, will review your materials as a whole as to the overall impression they create. Consequently, merely including disclaimer language in a contract for services and/or web site, and not on other materials, will often not insulate you from liability. It is not unusual for the FTC, a state attorney general, or a private plaintiff to decide to initiate legal action months — or even years — after a company begins to advertise and sign up clients.
8. Familiarize Your Staff with All of Your Consumer Documents.
Familiarize your staff with all of your consumer documents (everything a consumer will see, read or hear) so that you can increase your efficiency in achieving your compliance goals. Frequently, staffs are informed on a need to know basis, but when you operate a consumer-focused business such as credit counseling or debt settlement, it is critical that everyone understand exactly what is said and promised to consumers (even by third-party lead providers). When staff does not know what is said or promised to consumers, it is impossible for them to understand what needs to be provided to consumers.
9. Understand the Laws and Regulators Governing Your Business.
There are a number of state and federal laws that apply to credit counseling agencies and debt settlement companies. Depending upon the nature of your specific activities, a compliance program should take into account state debt adjusting and related money transmission laws, requirements imposed by the EOUST on providers of pre-bankruptcy counseling and pre-discharge debtor education; federal tax exemption requirements; the Federal Trade Commission Act; the federal Gramm-Leach-Bliley Act; the federal Credit Repair Organizations Act; state credit repair statutes; and federal and state telemarketing, fax and email spam laws, among others.
On the subject of state debt adjusting laws (and related state money transmission laws and credit repair statutes), sometimes your authority to proceed may be uncertain, or you will be faced with an aggressive or hostile state regulatory authority, or both. Therefore, it may be prudent to inform the state authorities ahead of time of your plans, explicitly ask for their approval or non-objection, and decide not to proceed without it.
In addition, consider that when others scrutinize your organization, they usually will attack your compliance. Therefore, your compliance program needs to be absolutely defensible, in that it is based on a sound understanding of the applicable legal and regulatory issues. Anything less can contribute to criticism that is difficult to neutralize. Also, be able to demonstrate that your company has been compliant in practice. When a regulator investigates your company, it rarely is enough to provide only a written compliance policy, without being able to demonstrate how that policy is applied in practice.
10. Periodically Review and Update Your Compliance Program.
On a periodic basis, your practices should be evaluated for compliance with laws applicable to your organization – which are constantly changing. Items that should be evaluated include whether the states have an applicable debt adjusting statute, licensing requirements, advertising and marketing, money handling requirements (if applicable), state and federal telemarketing requirements (e.g., do-not-call lists, calling hour restrictions, preamble requirements, caller ID restrictions, consent to monitor and record, etc.), federal and state privacy restrictions, and the like.
* * * * * *
A compliance program is critical in helping to manage risk and thus avoid violations of law. Violations are costly, not only in disruption of business, but also in the expense of defending allegations and payment of damages and monetary penalties. Certain violations of federal and state laws (the many state debt adjusting statutes) can result in criminal penalties, fines and imprisonment. Violations also can trigger exclusions from other opportunities (e.g., state licenses, discount bond and insurance cost, etc.), not to mention detriment to your organization’s reputation. In order to achieve these benefits, make clear to staff that compliance is a corporate imperative, through effective education and training and through management’s example.
For more information, contact Jonathan L. Pompan at 202/344-4383 or jlpompan@venable.com.
This article is not intended to provide legal advice or opinion and should not be relied on as such. Legal advice can only be provided in response to specific fact situations.