Author: Shannon Carter

Obtaining Consent In Digital Debt Collection

By on December 13th, 2017 in Compliance, Industry Insights

There are few industries left that are as ripe for disruption as the collections industry is right now. In the case of collections, the old adage of “if ain’t broke don’t fix it” has guided the process for collection agencies for the better part of 40 years. Collectors knew that they could reliably collect on past due accounts by simply sending a letter or two and calling debtors repeatedly until they made contact and then convincing the debtor to pay off the account. Creditors built their customer contracts knowing that the collections model of phone and letter outreach was well established. Today, things are changing and they’re changing fast. Nearly 77% of American consumers own a smartphone. Naturally, consumer preferences on how they want to be communicated with have evolved, and at TrueAccord we’re working hard to stay on top of this trend, while maintaining the highest standard of compliance, and pushing the industry to catch up to the times.

The collections practices set out by the Fair Debt Collection Practices Act (FDCPA) were designed primarily to protect consumers from abusive contact by collectors in person, by phone, and by letter, but gave little thought to new technologies or how they would be used by consumers. It was only last year that the new proposed rules on debt collection were announced by the CFPB referencing new digital communications methods. This announcement has been creating waves for both creditors and debt collectors and now is the time to start thinking about consumer communications preferences and how to leverage new communications tools to contact your customers, even in collections.

The legal standards for how to obtain consent to contact a debtor is outlined in regulations and in basic agency law. In almost all cases consent to contact a consumer transfers to an agency. Most creditors have added to their contracts provisions allowing for consumer contact by mail and phone with some forward thinking creditors including consent language for the creditor to service the account using email or even better, digital communication channels. However, not many contracts underlying a debt that gets placed in collections anticipated a collector wanting to contact a debtor by email or text message.  With new rules coming, now is the time to anticipate this change and create broad consents that incorporate digital channels that currently exist, and that may be created. An example of a broad consent in a contract might look like:

“If we need to contact you to service your account or to collect amounts you owe, you authorize us (and our affiliates, agents, contractors and third party servicers) to contact you at any number you provide, from which you call us, or at which we believe we can reach you, at any email address you provide to us or at which we believe we can reach you, or through any social media or other digital communications platform you may use. We may contact by calling or texting. We may contact you using an automated dialer or prerecorded messages. We may contact you on a mobile, wireless or similar device, even if you are charged for it.”

This clause incorporates phone, email, text, social media, and leaves the door open for new technology like push notices.  Even though there is some uncertainty around the ability to contact consumers using all of these new channels it’s important to think ahead for when the laws catch up to consumer preferences. It’s not uncommon for a consumer to reach out to TrueAccord and ask for us to text them account details and we wouldn’t be surprised if a consumer asked us to contact them using other messaging apps like Whatsapp or Facebook Messenger. With the consent language above a collector could respond to consumer demand and use these channels to contact a consumer in the way they want to be reached. Respecting consumer preferences will open the door to more successful collections opportunities benefiting consumers, collectors, and creditors.

How Much Testing is Enough Testing?

By on February 2nd, 2017 in Product and Technology
TrueAccord Blog

Ggb by night


One hundred years ago, a proposal took hold to build a bridge across the Golden Gate Strait at the mouth of San Francisco Bay.  For more than a decade, engineer Joseph Strauss drummed up support for the bridge throughout Northern California.  Before the first concrete was poured, his original double-cantilever design was replaced with Leon Moisseiff’s suspension design.  Construction on the latter began in 1933, seventeen years after the bridge was conceived.  Four years later, the first vehicles drove across the bridge.  With the exception of a retrofit in 2012, there have been no structural changes since.  21 years in the making.  Virtually no changes for the next 80.

Now, compare that with a modern Silicon Valley software startup.  Year one: build an MVP.  Year two: funding and product-market fit.  Year three: profitability?…growth? Year four: make it or break it.  Year five: if the company still exists at this point, you’re lucky.

Software in a startup environment is a drastically different engineering problem than building a bridge.  So is the testing component of that problem.  The bridge will endure 100+ years of heavy use and people’s lives depend upon it.  One would be hard-pressed to over-test it.  A software startup endeavor, however, is prone to monthly changes and usually has far milder consequences when it fails (although being in a regulated environment dealing with financial data raises the stakes a bit).  Over-testing could burn through limited developer time and leave the company with an empty bank account and a fantastic product that no one wants.

I want to propose a framework to answer the question of how much testing is enough.  I’ll outline 6 criteria then throw them at few examples.  Skip to the charts at the end and come back if you are a highly visual person like me.  In general, I am proposing that testing efforts be assessed on a spectrum according to the nature of the product under test.  A bridge would be on one end of the spectrum whereas a prototype for a free app that makes funny noises would be on the other.

Assessment Criteria

Cost of Failure

What is the material impact if this thing fails?  If a bridge collapses, it’s life and death and a ton of money.  Similarly, in a stock trading app, there are potentially big dollar and legal impacts when the numbers are wrong.  On the contrary, an occasional failure in a dating app would annoy customers and maybe drive a few of them away, but wouldn’t be catastrophic. Bridges and stock trading have higher costs of failure and thus merit more rigorous testing.

Amount of Use

How often is this thing used and by how many people?  In other words, if a failure happens in this component, how widespread will the impact be?  A custom report that runs once a month gets far less use than the login page.  If the latter fails, a great number of users will feel the impact immediately.  Thus, I really want to make sure my login page (and similar) are well-tested.

Visibility

How visible is the component?  How easy will it be for customers to see that it’s broken?  If it’s a backend component that only affects engineers, then customers may not know it’s broken until they start to see second-order side effects down the road.  I have some leeway in how I go about fixing such a problem.  In contrast, a payment processing form would have high visibility.  If it breaks, it will give the impression that my app is broken big-time and will cause a fire drill until it is fixed.  I want to increase testing with increased visibility.

Lifespan

This is a matter of return on effort.  If the thing I’ve built is a run-once job, then any bugs will only show up once.  On the other hand, a piece of code that is core to my application will last for years (and produce bugs for years).  Longer lifespans give me greater returns on my testing efforts.  If a little extra testing can avoid a single bug per month, then that adds up to a lot of time savings when the code lasts for years.

Difficulty of Repair

Back to the bridge example, imagine there is a radio transmitter at the top.  If it breaks, a trained technician would have to make the climb (several hours) to the top, diagnose the problem, swap out some components (if he has them on hand), then make the climb down.  Compare that with a small crack in the road.  A worker spends 30 minutes squirting some tar into it at 3am.  The point here is that things which are more difficult to repair will result in a higher cost if they break.  Thus, it’s worth the larger investment of testing up front.  It is also worth mentioning that this can be inversely related to visibility.  That is, low visibility functionality can go unnoticed for long stretches and accumulate a huge pile of bad data.

Complexity

Complex pieces of code tend to be easier to break than simple code.  There are more edge cases and more paths to consider.  In other words, greater complexity translates to greater probability of bugs.  Hence, complex code merits greater testing.

Examples

Golden Gate Bridge

This is a large last-forever sort of project.  If we get it wrong, we have a monumental (literally) problem to deal with.  Test continually as much as possible.

Criterion Score
Cost of failure 5
Amount of use 5
Visibility 5
Lifespan 5
Difficulty of repair 5
Complexity 4

Cat Dating App

Once the word gets out, all of the cats in the neighborhood will be swiping in a cat-like unpredictable manner on this hot new dating app.  No words, just pictures.  Expect it to go viral then die just as quickly.  This thing will not last long and the failure modes are incredibly minor.  Not worth much time spent on testing.

Criterion Score
Cost of failure 1
Amount of use 4
Visibility 4
Lifespan 1
Difficulty of repair 1
Complexity 1

Enterprise App — AMEX Payment Processing Integration

Now, we get into the nuance.  Consider an American Express payment processing integration i.e. the part of a larger app that sends data to AMEX and receives confirmations that the payments were successful.  For this example, let’s assume that only 1% of your customers are AMEX users and they are all monthly auto-pay transactions.  In other words, it’s a small group that will not see payment failures immediately.  Even though this is a money-related feature, it will not merit as much testing as perhaps a VISA integration since it is lightly used with low visibility.

Criterion Score
Cost of failure 2
Amount of use 1
Visibility 1
Lifespan 5
Difficulty of repair 2
Complexity 2

Enterprise App — De-duplication of Persons Based on Demographic Info

This is a real problem for TrueAccord.  Our app imports “people” from various sources.  Sometimes, we get two versions of the same “person”.  It is to our advantage to know this and take action accordingly in other parts of our system.  Person-matching can be quite complex given that two people can easily look very similar from a demographic standpoint (same name, city, zip code, etc.) yet truly be different people.  If we get it wrong, we could inadvertently cross-pollinate private financial information.  To top it all off, we don’t know what shape this will take long term and are in a pre-prototyping phase. In this case, I am dividing the testing assessment into two parts: prototyping phase and production phase.

Prototyping

The functionality will be in dry-run mode.  Other parts of the app will not know it exists and will not take action based on its results.  Complexity alone drives light testing here.

Criterion Score
Cost of failure 1
Amount of use 1
Visibility 1
Lifespan 1
Difficulty of repair 1
Complexity 4

Production

Once adopted, this would become rather core functionality with a wide-sweeping impact.  If it is wrong, then other wrong data will be built upon it, creating a heavy cleanup burden and further customer impact.  That being said, it will still have low visibility since it is an asynchronous backend process.  Moderate to heavy testing is needed here.

Criterion Score
Cost of failure 4
Amount of use 3
Visibility 1
Lifespan 3
Difficulty of repair 4
Complexity 4

Testing at TrueAccord

TrueAccord is three years old.  We’ve found product-market fit and are on the road to success (fingers crossed).  At this juncture, engineering time is a bit scarce, so we have to be wise in how it is allocated.  That means we don’t have the luxury of 100% test coverage.  Though we don’t formally apply the above heuristics, they are evident in the automated tests that exist in our system.  For example, two of our larger test suites are PaymentPlanHelpersSpec and PaymentPlanScannerSpec at 1500 and 1200 lines respectively.  As you might guess, these are related to handling customers’ payment plans.  This is a fairly complex, highly visible, highly used core functionality for us.  Contrast that with TwilioClientSpec at 30 lines.  We use Twilio very lightly with low visibility and low cost of failures.  Since we are only calling a single endpoint on their api, this is a very simple piece of code.  In fact, the testing that exists is just for a helper function, not the api call itself.

I’d love to hear about other real world examples, and I’d love to hear if this way of thinking about testing would work for your software startup.  Please leave us a comment with your point of view!

What’s the Problem with Quotas for Debt Collectors?

By on December 3rd, 2014 in Compliance

Nearly 80,000 consumer debt collection complaints have been submitted to the Consumer Financial Protection Bureau (CFPB) since the complaints database has been established. Of these complaints, more than half involve relentless or excessively aggressive communication tactics, false statements, or threatening actions. With companies more focused than ever on fine-tuning every aspect of their CRM process, it’s troubling that there is still a place for collectors who use bully tactics and who flagrantly violate consumer protection laws in the industry.

Continue reading “What’s the Problem with Quotas for Debt Collectors?”