Category: Compliance

Balancing Compliance and Consumer Experience in Digital Debt Collection: Best Practices to Navigate the 2025 Landscape

By on March 4th, 2025 in Compliance, Customer Experience, Industry Insights, Product and Technology, User Experience

Over the past several years, federal and state regulators have started raising red flags about a significant trend in the debt collection industry: companies failing to deliver positive experiences for consumers or properly manage complaints and disputes. With growing scrutiny from agencies like the Consumer Financial Protection Bureau (CFPB), the Federal Trade Commission (FTC), and even the White House, it’s clear that ensuring a good consumer experience is no longer just a best practice—it’s a compliance requirement.

As we move further into 2025, it’s essential for debt collectors and businesses to find the balance between adhering to the myriad of regulations while maintaining a smooth and positive consumer experience through the repayment process. And while digital communication channels have become increasingly favored by consumers, mass blast emails and SMS campaigns don’t equal rave reviews or recovery rates.

Add on evolving compliance regulations and the modern debt collection challenges mount. While 2024 saw different governing bodies and providers make progress handing down guidelines and best practices for better consumer experience overall, regulations and legislation is still not always 100% clear on what is and is not acceptable for compliance.

So how can your debt collection strategy keep up with the 2025 compliance and consumer preference landscape? Let’s look at ways to navigate the challenges and increase liquidation rates as a result.

Staying on Top of the Shift Toward a Consumer-Centric Compliance Model

Traditionally, compliance in debt collection focused primarily on following established regulations, such as the Fair Debt Collection Practices Act (FDCPA) and Regulation F. However, recent regulatory actions are increasingly examining how businesses interact with consumers beyond the letter of the law and have emphasized that poor consumer experiences can even trigger legal violations. If a debt collector fails to manage complaints and disputes properly, it could result in potential violations of the Unfair, Deceptive, or Abusive Acts or Practices (UDAAP) standards, or even the Dodd-Frank Act.

Even the use of emerging technologies is being scrutinized through the consumer experience lens: the CFPB has highlighted concerns over poorly monitored artificial intelligence (AI) or machine learning, specifically when it comes to consumer interactions. A poorly designed or maintained automated messaging system can lead to consumers getting “stuck” in automated loops, resulting in complaints and potential regulatory scrutiny or even rise to the level of a compliance issue.

Another area of increasing consumer frustration can be the process of opting out from receiving further digital communications. Automated messages that give consumers the ability to remove themselves from receiving further communications by replying “STOP” but do not account for a range of possible opt-out requests or replies can lead to complaints and trigger regulatory action.

The lesson is clear: compliance is not just about ticking boxes—it’s about delivering a consumer experience that’s transparent, responsive, and respectful. And with a smart approach, businesses can use technology to minimize compliance risk while enhancing the consumer experience.

Best Practices to Strike Balance Between Compliance and Consumer Experience

Understanding this focus shift and the nuances of ever-unfolding regulations still leaves us with the original question: how can your debt collection strategy keep up with the 2025 compliance and consumer preference landscape? While it is imperative to follow all laws and requirements in the collections industry, following the best practices below can help your organization prepare and provide the best consumer experience through the delinquency lifecycle as the regulatory landscape continues to evolve:

  • Implement robust compliance oversight programs, particularly when scaling digital outreach efforts
  • Establish clear policies and procedures around the use of AI, machine learning, and other emerging technologies in debt collection and digital communication, and continuously assess their impact
  • Map and monitor outreach across all communication channels holistically, ensuring that consumers do not get “stuck” in a loop or experience any disruption in their communication
  • Ensure any messaging systems appropriately handle variations in opt-out requests (like we mentioned above, “STOP” is just one way consumers might convey their opt out of SMS)
  • Automation can be used not only to send messages but also to ensure that every piece of communication complies with the necessary regulations
  • Partner with debt collection agencies that have experience successfully using digital communications compliantly

The key is to adopt a comprehensive approach that blends technology, consumer insights, and compliance best practices. By leveraging digital tools to monitor communications, mapping out consumer journeys, and staying vigilant with AI and machine learning systems, businesses can maintain compliance without sacrificing the quality of the consumer experience.

And TrueAccord has a proven track record as an industry leader in digital-first debt collection from both a compliance and consumer experience perspective.

The TrueAccord Difference

To start, TrueAccord is a licensed, bonded, and insured collection agency in all jurisdictions where we collect. We ensure compliance control, auditability, and real-time updates for changing rules and regulations, as well as adapting to shifting trends in consumer preference and behavior.

Our digital collections compliance process is controlled by code, ensuring that all regulatory requirements are met, while still being flexible to quickly adjust to new rules, case law, and consumer experience expectations.

Take the example from earlier about consumer frustration trying to opt-out: at TrueAccord, we’ve found that only 7% of consumers use the word “STOP” to opt out of SMS communications—but our team and machine learning engine, HeartBeat, account for the many other phrases consumers may use to opt-out, staying compliant and reducing consumer friction.

It’s important to remember that most compliance rules were written for the benefit of consumers. As we’ve seen from today’s consumer-centric compliance guidelines, the better we comply, the better the consumer’s experience should be.

Ready to partner with an industry-leader in compliant digital-first debt collection? Schedule a consultation today!

Using Letters in Omnichannel Debt Collection—Keeping Up with Compliance

By on February 18th, 2025 in Compliance, Customer Experience, Industry Insights, Machine Learning, Product and Technology, User Experience

Direct mail is the old-school method for reaching consumers regarding their debt, but over time several factors have reduced the effectiveness of letters in collection communications—consumer preference and cost being the most prevalent. But specific state compliance regulations and other use cases prove that “snail mail” still has its place in the omnichannel mix.

When are Letters Necessary in Collection Communications?

While the cost of physically mailing letters may be a deterrent to snail mail, businesses benefit when direct mail is used to meet compliance requirements. We’ll go into more detail around regulations in the next section.

Another benefit of mailing letters is most apparent when the delinquent account does not have a valid email address or phone number on file. Letters ensure that these individuals still receive crucial notifications regarding their accounts, preventing any potential oversight, and provide essential information related to their debt in a clear and organized manner.

Additionally, the formality of letters can be necessary to help raise awareness of outstanding debt for consumers that may not be as trusting of digital communications and choose to ignore phone calls. This is especially true for those who may not be as computer savvy or familiar with online financial transactions.

And just like with all other communication channels in debt collection, consumer preference also plays a role but in an even greater way with traditional letters: if a consumer clearly states that they only want to be contacted through physical mail (either to them directly or to their legal representation), businesses and collectors must abide. These types of requests lead to the main use case for letters…

The Main Use Case for Snail Mail: Compliance

The primary use case for using the direct mail channel is for compliance. Several laws, regulations, and governing bodies—including the Fair Debt Collection Practices Act (FDCPA), Regulation F, Consumer Financial Protection Bureau (CFPB), among others—define how, when, and what needs to be included in consumer communications around debt collection, and letters were the original initial compliant consumer communication.

Yet the prevalence of digital has forced these regulations to evolve, and today there is no federal law requiring consent to communicate via email vs direct mail.

But there are some exceptions to this general rule:

  • Some states/jurisdictions require consent to communicate via email and text, which must be obtained through physical letters and documentation.
  • In some instances, consent to send legally required notices electronically must also be obtained through physical mail.
  • Some states require certain legally required notices to be mailed.

See Success and Real World Results with TrueAccord

Understanding the nuances of compliance and when communications fall under certain laws can be challenging without legal experts keeping a finger on the pulse of these evolving regulations—but TrueAccord ensures success with code-based compliance so all our engagement channels meet the requirements for each unique account’s circumstance and know when letters are the right choice for outreach.

While our omnichannel strategy is digital-first, we understand that digital isn’t always the best or most viable option to connect with some consumers. Knowing when, where, and why a letter might be the ideal choice for consumer communication helps TrueAccord and our clients remain compliant and cost-effective. Depending on a consumer’s location and contact information, a letter may be the best bet to garner engagement.

With advanced code-based compliance and scrubbing capabilities, TrueAccord’s omnichannel approach proves even snail mail can still be effective in collections.

Want to know more about how the omnichannel approach and how each channel influences the effectiveness of a business’s overall collection strategy? Download our new eBook, Omnichannel Communication in Debt Collection: An In-Depth Look at Advanced Engagement Strategy by Channel now»»

Q4 Industry Insights: Looking Good on Paper, Feeling Bad in Wallets, Everyone’s Uncertain on Financial Outlook

By on January 21st, 2025 in Compliance, Industry Insights

Looking at key economic indicators—GDP growth, consumer spending, softening inflation and a healthy job market—it would be easy to deduce that consumers in America are faring well. But digging deeper reveals unwieldy debt, expected rises in charge-offs and uncertainty around future economic conditions, painting a less rosy picture of the financial situation. 

Consumers certainly faced challenging economic conditions in 2024, but despite record-high credit card balances and delinquency rates, Americans continued spending, accumulating even more debt this holiday season. Data shows that more than a third of shoppers took on additional debt for the holidays, borrowing $1,181 on average, and that 47% of consumers still carried debt from the 2023 holiday season. With inflation proving more sticky than policymakers had hoped and uncertainty around how the new administration’s policies might affect it, it may take longer for people to see lower interest rates on their mortgages, car loans and credit card balances, which could prove challenging to household budgets.

The good news for lenders and debt collectors is that a reported 72% of consumers have a New Year’s resolution to pay off debt in 2025. The challenges will be effectively engaging consumers who want to repay and accommodating their strained budgets. We are entering a year of unknowns across the board, from potential regulatory changes to economic fluctuations to varying consumer sentiments, and there’s a lot to consider as it relates to debt collection in 2025.

What’s Impacting Consumers?

While inflation isn’t cooling dramatically, it also isn’t showing signs of speeding back up. December’s inflation reading didn’t bring any big surprises to close out 2024—the consumer price index (CPI) increased 0.4% on the month, putting the 12-month inflation rate in line with forecasts at 2.9%. The core CPI annual rate, which discludes volatile food and fuel prices and is a key factor in policy decisions, notched down to 3.2% from the month before, slightly better than forecasted.

Despite the nagging inflation and still-elevated borrowing rates, the job market remains resilient, with employers adding 256,000 jobs in December, nearly 100,000 more than economists expected. The unemployment rate in December ticked down to 4.1%, lower than the forecasted steady rate.

The Federal Reserve started cutting rates in September 2024 and lowered its benchmark for a third straight month in December based on signs that the economy was slowing down. But the healthy December jobs report combined with lingering inflation supports the Fed’s intention to move forward with a slower pace of rate cuts this year—it is now penciling in only two quarter-point rate cuts in 2025, down from the four it forecasted in September.

In November, the Fed released its Quarterly Report on Household Debt and Credit for Q3, which showed total household debt increased by $147 billion (0.8%) in Q3 2024, to $17.94 trillion. The report also showed that credit card balances increased by $24 billion to $1.17 trillion, with the average U.S. household owing $10,563 on credit cards going into the Q4 holiday shopping season. According to Experian’s Ascend Market Insights, at the end of November, 5% of consumers had total balances over their limits and 11% of consumers had a high utilization of 81-100%. 

Experian’s Ascend Market Insights from November also showed overall delinquent balances (30+ DPD) decreased by 3.78% while up on unit basis by 1.61%. This net was driven by decreases in delinquent first mortgage and unsecured personal loan balances, which were offset by increases in delinquent bankcard balances and on a dollar basis in delinquent second mortgages. 

Meanwhile, millions of Americans may see significant changes to their credit reports in the coming months if they have either unpaid medical bills or student loans, but the effects of each are opposite. 

Since March 2020, delinquent student loan borrowers have been exempt from credit reporting consequences, but the required payments resumed in October 2024. As a result, an estimated 7 million borrowers who have fallen behind on their federal student loan payments or remain in default will start seeing negative credit reporting in the coming months if they don’t resume payments.

Conversely, for the roughly 15 million Americans with unpaid medical bills, a new rule from the Consumer Financial Protection Bureau (CFPB) will ban and remove at least $49 billion in medical debt from consumer credit reports and prohibit lenders from using medical information in their lending decisions, providing a boost to credit scores and financial access.

CFPB Looks at Medical Debt, Student Loans and So Much Data

Medical debt wasn’t the only focus for the Consumer Financial Protection Bureau in Q4. In addition to specific actions targeting offenders in the consumer financial services industry, the CFPB announced myriad other topics of interest to close out 2024 with a sharp focus on protecting consumers and their data.

At the end of October, the CFPB finalized a personal financial data rights rule that requires financial institutions, credit card issuers and other financial providers to unlock an individual’s personal financial data and transfer it to another provider at the consumer’s request for free, making it easier to switch to providers with superior rates and services. The rule will help lower prices on loans and improve customer service across payments, credit and banking markets by fueling competition and consumer choice. 

In November, the CFPB issued a report detailing gaps in consumer protections in state data privacy laws, which pose risks for consumers as companies increasingly build business models to make money from personal financial data. The report found that existing federal privacy protections for financial information have limitations and may not protect consumers from companies’ new methods of collecting and monetizing data, and while 18 states have new state laws providing consumer privacy rights, all of them exempt financial institutions, financial data, or both if they are already subject to the federal Gramm-Leach-Bliley Act (GLBA) and the Fair Credit Reporting Act (FCRA).

Then, the Bureau finalized a rule on federal oversight of digital payment apps to protect personal data, reduce fraud and stop illegal debanking. The new rule brings the same supervision to Big Tech and other widely used digital payment apps handling over 50 million transactions annually that large banks, credit unions and other financial institutions already face.

As 28 million federal student loan borrowers returned to repayment, the CFPB issued a report uncovering illegal practices across student loan refinancing, servicing and debt collection, identifying instances of companies engaging in illegal practices that misled student borrowers about their protections or denied borrowers their rightful benefits. This followed the release of their annual report of the Student Loan Ombudsman, highlighting the severe difficulties reported by student borrowers due to persistent loan servicing failures and program disruptions.

Uncertainty in Consumer Sentiment

The Fed’s Survey of Consumer Expectations from December showed that inflation expectations were unchanged at 3.0% for this year, increased to 3.0% from 2.6% at the three-year horizon, and declined to 2.7% from 2.9% at the five-year horizon. Reported perceptions of credit access compared to a year ago declined as did expectations about credit access a year from now. Additionally, the average perceived probability of missing a minimum debt payment over the next three months increased to 14.2% from 13.2% and was broad-based across income and education groups. 

The November PYMNTS Intelligence “New Reality Check: The Paycheck-to-Paycheck Report” found that from September to October 2024, the share of consumers living paycheck to paycheck overall rose slightly from 66% to 67%. Surveyed cardholders said their outstanding credit balance is either holding constant or increasing—25% said their outstanding balance increased over the last year, while 55% said it stayed about the same. Moreover, many consumers, and especially those having trouble paying their monthly bills, report maxing out their cards regularly and using installment plans to cover basic necessities. 

According to NerdWallet’s 2024 American Household Credit Card Debt Study, more than 1 in 5 Americans who currently have revolving credit card debt (22%) say they generally only make the minimum payment on their credit cards each month. And with credit card rates averaging 20%, interest costs could almost triple the average debt for those making minimum payments after factoring in interest expenses.

The University of Michigan’s index of consumer sentiment dropped to 73.2 at the start of January 2025 from 74.0 in December after views of the economy weakened on expectations of higher inflation in light of the new administration’s proposed tax cuts and new import tariffs. Unlike some of the polarization of recent months, which had seen more positive responses among Republicans than Democrats, January’s deterioration in economic expectations was seen across political affiliations. While consumers’ views of their personal finances improved about 5%, their economic outlook fell back 7% for the short run and 5% for the long run, with year-ahead inflation expectations jumping to 3.3%, up from 2.8% in December and the highest since May last year.

What Does This Mean for Debt Collection?

Over the next 12 months, debt collection companies expect an increase in account volume but a potential decrease in account liquidity, according to TransUnion’s latest Debt Collection Industry Report. If the goals are implementing strategic operational efficiencies and improving the consumer experience to facilitate debt repayment, the means to the ends include investing in technologies like artificial intelligence, solving for scalability, and optimizing communication channels and consumer self-service engagement. For lenders and collectors, here are some recommendations for your debt collection strategy in 2025:

  1. Scalability, Go Big or Go Home. Higher account volume calls for operations that can scale cost-effectively while offering the right consumer experience. Embracing smart technology is your best bet to keep up, and figuring out when to buy tech-enabled products and services versus when to invest in building it yourself will be key to making it work.
  1. Reduce Friction for Consumers. Self-service portals in collections reduce friction and foster a sense of autonomy for consumers to manage their debt without the pressure or inconvenience of interacting with a call center agent. Besides creating a more streamlined experience for the consumer, organizations will also benefit from associated cost-savings, compliance controls and scalability.
  1. Compliance Changes, Adapt or Perish. The debt collection industry experienced notable legal and compliance changes in 2024, including important litigation outcomes and updates to digital communications regulations, and keeping up with more changes to come will be critical to your business. Join our Legal and Compliance Roundup webinar on Jan. 29 to learn about the latest developments and how they will shape strategies and industry practices in 2025. Register here: https://bit.ly/4h4tacd

SOURCES:

Q3 Industry Insights: Inflation and Interest Rates Drop, Christmas Comes Early

By on October 22nd, 2024 in Compliance, Customer Experience, Industry Insights

The big inflation situation plaguing the U.S. for the past three years seems to be coming to an end, and it could be that American consumers are partially to thank. Tired of paying higher prices, consumers increasingly turned to cheaper alternatives, bargain hunted or simply avoided items they found too expensive, pressuring retailers to accommodate them or lose their business. That’s not to say Americans have stopped spending altogether—the economy continues to expand and people continue to struggle against inflated prices for necessities across the board, often still turning to credit cards to make ends meet.

With consumers setting the demand amidst elevated prices and inflation declining slowly, retailers have gotten an even earlier jump on holiday promotions this year in the hopes of boosting sales in a price-wary environment. Spreading holiday expenses out over a longer period of time may ease the financial burden slightly, but the cumulative dollars spent will still weigh heavily on consumer finances for Q4 and rolling into 2025. The National Retail Federation is forecasting that winter holiday spending is expected to grow between 2.5% and 3.5% over last year, with a total reaching between $979.5 billion and $989 billion.

We are starting to feel an economic shift, but what does this all mean and what’s the outlook for the end of the year? Read on for our take on what’s impacting consumer finances, how consumers are reacting and what else you should be considering as it relates to debt collection today.

What’s Impacting Consumers?

While not the straight line decline economists would like to see, the September results show that inflation is slowly and steadily easing back to the Federal Reserve’s 2% target. After several months of decreasing inflation and amid slowing job gains, the Fed in September announced the first in a series of interest rate cuts, slashing the federal funds rate by 1/2 percentage point to 4.75-5%. Federal Reserve Chair Jerome Powell indicated that more interest rate cuts are in the plans but they would come at a slower pace, likely in quarter-point increments, intended to support a still-healthy economy and a soft landing. 

The rate cut plans have been made possible by consistently declining inflation. The Consumer Price Index rose just 2.4% in September from last year, down from 2.5% in August, showing the smallest annual rise since February 2021. Core prices, which exclude the more volatile food and energy costs, remained elevated in September, due in part to rising costs for medical care, clothing, auto insurance and airline fares. But apartment rental prices grew more slowly last month, a sign that housing inflation is finally cooling and foreshadowing a long-awaited development that would provide relief to many consumers.

The September jobs report supported the economic optimism by adding a whopping 254,000 jobs, far exceeding economists’ expectations of 140,000. The unemployment rate lowered to 4.1%, below projections of remaining steady at 4.2%. The government has also reported that the economy expanded at a solid 3% annual rate Q2, with growth expected to continue at a similar pace in Q3. This combination of downward trending interest rates and unemployment plus an expanding economy is great news for consumers and businesses alike, and can’t come soon enough for many financially strained Americans.

Coming out of Q2, total household debt rose by $109 billion to reach $17.80 trillion, according to the latest Quarterly Report on Household Debt and Credit. This increase showed up across debt types: mortgage balances were up $77 billion to reach $12.52 trillion, auto loans increased by $10 billion to reach $1.63 trillion and credit card balances increased by $27 billion to reach $1.14 trillion. 

Unsurprisingly, delinquency and charge-off rates ticked up as consumers struggled against still relatively high prices and interest rates. In mid-September, shares of consumer-lending companies slid after executives raised warnings about lower-income borrowers who are struggling to make payments. Delinquency transition rates for credit cards, auto loans and mortgages all increased slightly, with a steeper increase in flow to serious delinquency for credit cards, up more than 2% over last year from 5.08% to 7.18%. This kind of delinquency can be especially difficult for consumers to recover from given the record-high credit card rates many are stuck with.

While still low by historical standards, the mortgage delinquency rate was up 3 basis points in Q2 from the first quarter of 2024 and up 60 basis points from one year ago. The delinquency rate for mortgage loans increased to a seasonally adjusted rate of 3.97% at the end of Q2, according to the Mortgage Bankers Association’s (MBA) National Delinquency Survey, an increase that corresponded with a rise in unemployment and showed up across all product types.

For those with student loans, September marked the end of the ‘on-ramp’ to resuming payments, which was the set period of time that allowed financially vulnerable borrowers who missed payments during the first 12 months not to be considered delinquent, reported to credit bureaus, placed in default, or referred to debt collection agencies. However, the grace period is over and anyone who doesn’t resume making student loan payments in October risks a hit to their credit score—we will see these delinquencies reported in Q4.

Financial Protection for Consumers Across the Board

The Consumer Financial Protection Bureau (CFPB) continued with a high level of activity through the summer. Along with taking action against more than a handful of financial services companies in the name of consumer protection, the agency made headway on myriad other issues.

To kick off Q3, the CFPB published Supervisory Highlights sharing key findings from recent examinations of auto and student loan servicing companies, debt collectors and other financial services providers that found loan servicing failures, illegal debt collection practices and issues with medical payment products. The report also highlighted consumer complaints about medical payment products and identified concerns with providers preventing access to deposit and prepaid account funds.

Then, the CFPB and five other agencies issued a final rule on automated valuation models. The agencies, including the OCC, FRB, FDIC, NCUA, and FHA designed the rule to help ensure credibility and integrity of models used in valuations for certain housing mortgages. The rule requires adoption of compliance management systems to ensure a high level of confidence in estimates, protect against data manipulation, avoid conflicts of interest, randomly test and review the processes and comply with nondiscrimination laws.

Next, the CFPB joined several other federal financial regulatory agencies to propose a rule to establish data standards to promote “interoperability” of financial regulatory data across the agencies. The proposal would establish data standards for identifiers of legal entities and other common identifiers.

Also in August, the CFPB responded to the U.S. Treasury’s request for information on the use of artificial intelligence in the financial services sector. The CFPB emphasized that regulators have a legal mandate to ensure that existing rules are enforced for all technologies, including new technologies like artificial intelligence (AI) and its subtypes. It’s clear that the CFPB has an interest in how those technologies are used and what the consumer impact may be.

In September, the bureau issued its annual report on debt collection, which highlighted aggressive and illegal practices in the collection of medical debt and rental debt. The report focused on improperly inflated rental debt amounts and on debt collectors’ attempts to collect medical bills already satisfied by financial assistance programs, also noting that many medical bills from low-income consumers do not get addressed by financial assistance in the first place.

Finally, the CFPB published guidance to help federal and state consumer protection enforcers stop banks from charging overdraft fees without having proof they obtained customers’ consent. Under the Electronic Fund Transfer Act, banks cannot charge overdraft fees on ATM and one-time debit card transactions unless consumers have affirmatively opted in.

Disjointed Consumer Sentiment Weighs Heavy

A September Consumer Survey of Expectations found that Americans anticipated higher inflation over the longer run as their expectations of credit turbulence rose to the highest level since April 2020, according to the Federal Reserve Bank of New York. While perceptions and expectations for credit access improved, the expected credit delinquency rates rose again and hit the highest level in more than four years. According to the survey, the average expected probability of missing a debt payment over the next three months rose for a fourth straight month to 14.2%, up from 13.6% in August, suggesting some Americans are concerned with their ability to manage their borrowing. 

Despite inflation easing, consumers perceive that the costs of everyday items are on the rise. According to the latest report from PYMNTS Intelligence, which tracks the percent of consumers living paycheck-to-paycheck, 70% of all consumers surveyed said their income has not kept up with inflation. This feeling is stronger for paycheck-to-paycheck consumers, with 77% of those struggling to pay bills on time reporting that their income hasn’t kept up with rising costs. Even for those not living paycheck to paycheck, 61% shared this concerning sentiment. As a result, consumers are buying cheaper or lesser quality alternatives, if they’re buying at all.

Prior to the September interest rate cuts, the Conference Board’s Consumer Confidence Index showed consumer confidence plunging to the most pessimistic economic outlook since 2021, based on a weaker job market and a high cost of living. Americans reported being anxious ahead of the upcoming election and assessments of current and future business conditions and labor market conditions turned negative.

However, following the Fed’s rate cut announcement, another report from the University of Michigan’s sentiment index showed a rise in late September, reaching a five-month high on more optimism about the economy. Consumer expectations for price increases dropped simultaneously with more expectations for declining borrowing costs in the coming year. Consumer sentiments on their finances directly impact their spending and payment behaviors, so understanding where they stand can inform a better debt collection approach. 

What Does This Mean for Debt Collection?

You’ve heard of Christmas in July, but Christmas in September? With the holiday shopping season starting earlier and in the midst of a high-stakes election, consumers will continue to prioritize expenses and spending based on their current financial outlook, which hasn’t yet caught up with the optimism showing up in the overall economy. The unknowns of what happens post-election along with the delayed impact of lower interest rates and inflation on spending leave the outcome for consumer finances uncertain. Delinquencies continue to persist and it may be some time before the benefits of a friendlier economy show up in consumers’ bank accounts. For companies looking to recover delinquent funds now, understanding how, when and in what way to engage consumers can increase recovery success. For lenders and collectors, here are some things to consider for 2025 planning:

Self-serve = more repayment. For both businesses and consumers, reducing the need to engage directly with human agents to make payments or access account information saves time and resources. Solutions like self-serve portals represent a shift towards greater consumer control over their financial health, providing an efficient way for individuals to address and manage their finances—and debts specifically—on their own terms.

Omnichannel or bust. If your business relies solely on one channel for customer communications, it’s time to evolve. Utilizing a combination of calling, emailing, text messaging and even self-serve online portals is the preferred experience for 9 out of 10 customers. And it’s not just beneficial for consumers–the omnichannel approach has been shown to increase payment arrangements by as much as 40%!

Keep an eye on compliance (or make sure your debt collector does). The regulatory landscape will continue to change, especially post-election. Your risk and success hinges on how well you can keep up with the changes, so having someone responsible for monitoring and tweaking your strategy is critical.

SOURCES:

The Low Friction Way For Consumers to Repay: Self-Serve Options for Debt Collection

By on October 7th, 2024 in Compliance, Customer Experience, Industry Insights, Machine Learning, Product and Technology, User Experience

After months of inflation woes, both economists and consumers are starting to see a glimpse of optimism.In the first interest rate cut since the early days of the Covid pandemic, the Federal Reserve announced in September 2024 that it is slicing half a percentage point off benchmark rates. So it’s not surprising that Americans are getting more confident that inflation is cooling off, but optimism for the U.S. economy doesn’t extend to personal finances—consumer expectations for going delinquent on their debt in the next three months hit their highest level since the start of the pandemic.

And the share of severely delinquent credit card debt rose to 10.7% during the first quarter of 2024, according to the Federal Reserve Bank of New York, compared to just 8.2% of credit card debt more than 90 days overdue in 2023.

But better customer engagement strategies can help businesses recover more debt—and self-serve portals are an empowering way to get consumers back on track.

What is a “self-serve portal” in financial services and collections?

In the financial services sector, a self-service or self-serve portal is a secure online platform or application designed to empower consumers to make payments and, ideally, allow them to manage their accounts and payment terms independently (although not all portals offer the same functionality). Self-serve portals aim to grant customers the ability to manage their finances without the help of a service representative.

For both businesses and consumers, reducing the need to engage directly with human agents to make payments or access account information saves time and resources. Overall, these self-service solutions represent a shift towards greater consumer control over their financial health, providing an efficient way for individuals to address and manage their finances—and debts specifically—on their own terms.

What are the benefits of offering self-service options in debt collection?

Similar to any other financial institution or ecommerce business, self-service portals in collections intend to foster a sense of autonomy for the delinquent consumer to manage their debt without the pressure or inconvenience of interacting with a call center agent. Besides creating a more preferred experience for the consumer, organizations needing to recoup funds will reap several benefits by providing self-serve options as well:

Cost Savings:
In today’s digital world, call centers or full-time employees (FTEs) dedicated to late-stage collections have proven to be an expensive and less effective path for debt recovery. Employees often spend a significant amount of time arranging repayment plans, providing account details, and processing payments—and that’s if the consumer actually answers the collector’s call. So when it comes to cost savings, just consider this: the average cost of a contact center call is $8.01, which is 80x more expensive than a self-service interaction.

Scalability:
Unlike human agents who can physically only make a certain number of calls per day and are legally only allowed to call consumers during convenient hours (as defined by Regulation F), self-serve portals are available to consumers 24/7. These platforms can handle any number of collection cases at any time of day without compromising user experience, making it easy to scale your capacity as delinquency volumes rise—no additional headcount required.

Compliance:
Non-compliance can be costly in the collection landscape heavily regulated by the Consumer Financial Protection Bureau (CFPB). Whether partnering with a third party or training FTEs, the risk of human error resulting in compliance violations is easily mitigated with digital self-serve solutions that have compliance controls built in—but this does require due diligence on the business or lenders’ part to ask and verify that the solution is keeping up with all necessary regulation and industry security standards.

Frictionless Consumer Experience:
Surveys have found that consumers both prefer and want more self-serve options to repay, but that is just the tip of the iceberg of what consumer preferences can mean for your recovery and resolution rates. Research from McKinsey found consumers who digitally self-serve (versus consumers who pay via a collection call):

  • Resolve their debts at higher rates 
  • Significantly more likely to pay in full 
  • Report higher levels of customer satisfaction

Proven Success with TrueAccord’s Self-Serve Portal

While many financial service institutions already offer basic payment portals, these are often limited when it comes to collecting on delinquent accounts. And traditional call centers typically cannot provide self-serve options, even if they can offer other digital options like email or SMS for consumer outreach.

But TrueAccord provides more than a simple payment portal—the power of our self-serve solutions gives your business and your consumers better control over the repayment process for better results.

TrueAccord delivers less friction and frustration for delinquent consumers ready to manage their debt, while your organization determines the extent of account details to display, what flexible payment options you’d like to provide, and more.

In fact, 98% of delinquent consumers serviced by TrueAccord resolve their debt without any human interaction, with 29% of online payments made outside of traditional FDCPA hours—saving time, resources, and headcount while meeting consumer preferences compliantly under Reg F’s inconvenient time rule and beyond.

Want to take a peek at TrueAccord’s Self-Serve Portal? Download our free eBook for more details and a visual walkthrough of the consumer experience when using our portal here»»

Ready to see a demo in action and learn more about all of TrueAccord’s omnichannel, machine-learning powered collections? Schedule a consultation today»»

Sources:

New Yorkers Should Receive the Same Digital Communications Benefits All Non-New Yorkers Receive: Part One

By on November 13th, 2023 in Compliance, Industry Insights

The New York City Department of Consumer and Worker Protection (NYC DCWP) just released an updated proposed amendment to its rules relating to debt collection. This updated amendment changes significantly more than the first proposed amendment released by NYC DCWP last year. Interestingly, this update contains revisions that are similar to the New York Department of Financial Services (NYDFS) proposed amendments to New York’s debt collection law, 23 NYCRR 1, that NYDFS released last year. After receiving a number of comments to the proposal, including a comment from TrueAccord, NYDFS paused the rulemaking and has not yet released any revised proposal. Both of these departments, NYDFS and NYC DCWP should change their proposed amendments to give New Yorkers the same digital communication benefits all non-New Yorkers receive.

The NYC DCWP and NYDFS proposed amendments are designed in part to align with the federal Consumer Financial Protection Bureaus’s Debt Collection Rule, Regulation F, that took effect in November 2021. Even though consumers often prefer to communicate digitally, the NYDFS and NYC DCWP updated proposals are more strict than Regulation F, particularly as it relates to the proposed restrictions on digital communications. While attempting to provide additional protections for consumers when debt collectors reach out using digital channels, these NYDFS and NYC DCWP restrictions create unintended consequences that raise barriers for NY consumers to correspond with collection agencies in their channel of preference and hinder communication efforts. The effect will raise the number of lawsuits brought against NYC consumers and ultimately increase the cost of credit for all consumers across the US to offset New York losses.

As a company that predominantly leverages digital communications for virtually all aspects of our customer interactions, TrueAccord has unique experience and information from serving over 20 million consumers, which showcases the benefits of digital communication in collections. Small edits to these proposed amendments can have the same desired impact (protecting consumers from a barrage of digital debt collection messages) without limiting the ability of debt collectors to proactively reach out—in fact, both the federal debt collection rule, Regulation F, and Washington, DC’s recent debt collection law amendments restrict the frequency of outbound digital communications and include specific requirements for opt-outs on all communications with severe penalties for failing to honor a consumer’s request.

In this two part blog series, we explore the provisions in these proposed amendments that focus on restrictions on digital communications, the unintended consequences to consumers when laws require opt-in instead of opt-out rules for debt collectors, and how the proposals could be changed to accomplish the same result without placing barriers on consumers ability to communicate in their channels of preference—read part two here. This first installment focuses on the provisions of the law, consumers preference for digital communications, and the small changes that could be implemented before these amendments are final. The second installment seeks to provide information about the benefits of digital communications for consumers in all other states and jurisdictions—except New York. If you are impacted by the current NYC proposal, consider speaking at the upcoming hearing (virtually or in person). Information on how to register is below.

Proposed New York State and New York City Amendments

Three proposed amendments, two different departments, two different jurisdictions, and potential unintended consequences that can harm consumers. Let’s start by evaluating the different proposals by jurisdiction.

New York’s Approach to Digital Communications
The New York debt collection law, 23 NYCRR 1, which took effect in 2019, already restricted the ability of a debt collector to reach out proactively to consumers via email without first having direct express consent from the consumer. This means that a debt collector must first call a consumer to obtain consent before the collector could send an email message about the account. While a debt collector can send proactive emails in an effort to obtain consent, to comply with the law these emails cannot reference the reason why a consumer would want to opt-in to communicate by email with the company, (i.e. about a past due account) and cannot even reference information about the account. So, they ultimately sound like spam.

For example, if a consumer received a message from a company they do not know, without any information about why the company is reaching out and asking for consent to email, why would a consumer opt-in?

The result, not surprisingly, is that New York consumers who had already opted in to communicate via email about the account with the creditor would, after falling behind on payments and being referred to a debt collector, only receive phone calls and letters from debt collectors.

New York’s First Proposed Amendment
December 2022 NYDFS released its first proposed amendment to its debt collection rules. Comments were due February 13, 2023. The first New York proposed amendment also never became final. The amendment included the following:

  • Revised definitions of communication, creditor and debt and a new definition of electronic communication
  • Revised requirements for the validation notice, including that the initial communication must be made in writing to avoid having to send another written communication within 5 days of the initial communication
  • Revised requirement that the validation notice cannot be made by electronic communication but may be made in the form requested by a consumer to section 601-b of the General Business Law
  • Revising the disclosure requirements for debts that have passed the statute of limitations for the purpose of filing a lawsuit
  • Revisions to the substantiation requirements, including a 7 year retention period and requirement to provide full chain of title
  • Revisions to the requirement for a debt collector to obtain consent from a consumer before emailing, including, extending the consent requirement to text messages, requiring the consent to be given in writing and retained for 7 years, requiring electronic communications to include clear and conspicuous opt-outs, requiring collectors to honor such opt-outs, and explaining opt-outs are effective upon receipt
  • New provisions covering the relationship with other laws, clarifying, for example, that local laws are not inconsistent with this law if they afford greater protections
  • New section on severability making clear that if any court rules one section of the law to be invalid, it does not invalidate the other sections of the law

The proposed changes to Section 1.6(b) seek to extend the prohibition on a debt collector to reach out proactively to consumers via email without first having direct express consent from the consumer to text messages. This limits the only digital channel currently available for proactive outbound debt collection communications with consumers in New York.

New York City’s Approach to Digital Communications
New York City’s debt collection laws did not contain any restrictions on digital communications. But, after the New York law restricting proactive emails took effect in 2019, New York City consumers who had already opted in to communicate via email about the account with the creditor would, after falling behind on payments and being referred to a debt collector, only receive phone calls and letters from debt collectors.

New York City’s First Proposed Amendment
November 2022 NYC DCWP released its first proposed amendment to its debt collection rules, comments were due December 5, 2022. These first NYC proposed amendments contained changes to align their laws with those of New York, however, the proposals never became final. The amendments included the following:

  • Revised the out of statute disclosure agencies must provide on communications with consumers whose accounts have passed the statute of limitations for the filing of a lawsuit to recover the debt
  • Revised requirements for debt collectors to maintain records of attempted communications, complaints, disputes, cease and desist requests, calls, including what calls are recorded and not recorded, credit reporting, unverified debt notices, and communication preferences (if known) as well as unsubscribes or opt-outs from particular channels
  • New definitions for attempted communication, electronic record, electronic communication, clear and conspicuous, language access services and limited content message
  • New prohibition on electronic communications unless the debt collector sent the initial communication with the validation notice by mail and the consumer opted in to electronic communications with the debt collector directly and clear and conspicuous opt-outs without penalty or charge on all electronic communications
  • Revised unconscionable and deceptive practices to include: adding attempted communications anywhere communications appeared, such as adding attempted communications to the excessive frequency prohibition
  • New prohibition on social media platform communications unless the debt collector obtains consent and communicates privately with the consumer
  • New rules on requirements prior to furnishing information to credit reporting agencies
  • Revised validation notice disclosures and obligations for translating, if notices are offered in different languages

New York City’s Revised Amendment
November 2023 NYC DCWP released an updated NYC proposed amendment. Comments can be submitted through November 29, 2023. A hearing will be held that same day at 11AM. The updated version contains all of the changes suggested in the first proposal as well as:

  • Additional revisions to what information is required to be maintained in debt collection logs that would require major changes to all collection software systems
  • Additional new definitions for covered medical entity, financial assistance policy, itemization reference date, original creditor and originating creditor
  • Clarifies that any communications required by the rules of civil procedure in a debt collection lawsuit do not count toward frequency restrictions
  • New disclosures for medical debts as well as specific treatment of medical accounts, such as validation procedures and verification of covered medical entity obligations prior to collections

These amendments align the New York City law to that of New York. If these amendments become final, New York will be an opt-in jurisdiction instead of an opt-out jurisdiction, meaning debt collectors must communicate by telephone or letter to obtain consent to text or email, even when a consumer already opted into digital communications about their account. This puts New Yorkers at a disadvantage from consumers in all other states who are able to communicate electronically under the provisions of the federal Fair Debt Collection Practices Act (FDCPA) and Regulation F.

Opt-Out Jurisdictions Offer Consumers the Same Protections

The rest of the United States have approached debt collection attempts via digital communications very differently from New York. For all consumers outside of New York, debt collectors may send proactive debt collection communications via email or text messages. The laws require all digital communications contain clear and conspicuous opt-out methods (unsubscribe flows in emails and “reply STOP to opt-out” in text messages) with strict penalties for debt collectors who do not honor a consumer’s request to opt-out of digital communication channels. Digital communications also fall under the frequency limitations of the FDCPA and Regulation F.

Only one other jurisdiction to date has created additional restrictions related to digital communications that exceed the protections in the FDCPA and Regulation F. Washington, DC amended their debt collection law Protecting Consumers from Unjust Debt Collection Practices Amendment Act of 2022, and the changes that took effect in January 2023. DC remains an opt-out jurisdiction with specific requirements for opt-outs on all email and text communications with severe penalties for failing to honor a consumer’s request, but also added a specific frequency limitation on digital communications. Debt collectors are only permitted to send a consumer one digital communication per week—one email or one text message (one time in a seven day period). A debt collector may only communicate digitally more than one time per week after a consumer opts-in to additional digital communications.

As a result in these opt-out jurisdictions, consumers can still receive the digital communications they prefer without having to have phone calls attempting to get them to opt-in to digital communications, like the consumers in New York. Additionally, with these opt-out jurisdictions consumers learn about their account faster, can explore options on their own time, and receive the additional benefits that come with early communication about their debts—such as setting up a payment plan, having a credit reporting tradeline updated or deleted, providing evidence of fraud or identity theft, and disputing all or portions of the balance. New York consumers who do not answer their phones are less likely to receive these benefits that come with knowing there is a debt in collection and the options to resolve.

Ultimately, New York still has time to amend their proposals to ensure their consumers receive the same treatment as all other consumers in the US.

Consumers Prefer Digital Communication

By and large, consumers prefer to communicate with their collection agencies digitally—they already predominantly communicate with their banks, creditors, and lenders digitally, so digital collection is a smooth transition. For example, almost all TrueAccord communications with consumers (93%) happen digitally with no agent interaction because the digital communications contain links to online pages where consumers can take action on their accounts. In fact, more than 21% of consumers resolve their accounts outside of typical business hours—before 8AM and after 9PM—when it is presumed inconvenient to contact consumers under the FDCPA. In fact, consumers often post publicly about their positive experience with digital collections:

We believe restricting digital methods to reach and serve consumers will disadvantage vulnerable populations of consumers who primarily conduct most of their affairs digitally. According to the Pew Research Center, “reliance on smartphones for online access is especially common among younger adults, lower-income Americans and those with a high school education or less.” As the consumer described above, TrueAccord’s approach of sending digital communications helps consumers easily navigate to our website and perform actions at their convenience online.

We will continue to explore the impact of these proposed amendments in the second blog post of this series, including how:

  • Limiting digital communication use hurts all consumers
  • Multiple opt-in requirements burden consumers
  • Non-digital communications can be disruptive to consumers
  • Email and text messages are a step forward in consumer protection

Register to Speak at the Upcoming Hearing

Sign up to speak for up to three minutes at the hearing by emailing Rulecomments@dcwp.nyc.gov. You do not have to be present at the hearing to speak if you join the video conference using this link, https://tinyurl.com/z3svub58, meeting ID: 255 089 803 499 and passcode: 8HGNSw.

Read Part Two of Our Series: New Yorkers Should Receive the Same Digital Communications Benefits All Non-New Yorkers Receive

Discover the unintended harms New Yorkers face if digital communications are restricted by proposed amendments to New York and New York City’s debt collection laws and the digital communication benefits consumers get in all other states here»»

Data Protection is Critical in Debt Collection: GLBA, Consumer Trust, and Best Practices to Protect Your Business

By on June 29th, 2023 in Compliance, Industry Insights

In today’s financial landscape, regulators at both the federal and state level are driving accountability for companies when it comes to data protection and security. We see that with the express requirement in the Gramm-Leach-Bliley Act, or GLBA, Safeguards Rule—which went into effect on June 9, 2023—that organizations have one qualified individual to oversee the information security program, and that the qualified individual provides regular reports to the highest governing body of an organization.
This underscores the importance of protecting customer information in a digital age where information has its own intrinsic value.

Let’s take a look at how the new updates to GLBA Safeguards Rule, how these security policies are important specifically for debt collection, and what best practices your business should follow to protect consumers’ data.

 The GLBA Data Protection Law

The Gramm-Leach-Bliley Act, or GLBA, is a federal regulation to control how financial institutions collect, store, and transmit consumer information. GLBA was enacted by the Federal Trade Commission (FTC) in 1999 and recently rolled out new amendments to the Standards for Safeguarding Customer Information, known as the “Safeguards Rule,” that went into effect on June 9, 2023, in effort to continue protecting consumer data in an ever-evolving digital environment. 

A few of the updates to GLBA’s Safeguards Rule include:

  • Provides covered financial institutions with more guidance on how to develop and implement specific aspects of an overall information security program
  • Improves the accountability of these security programs, such as requiring financial institutions to designate a qualified individual responsible for overseeing, implementing and enforcing the program

Data Protection is Critical in Debt Collection

To attract clients today a debt collector must demonstrate the implementation of a full suite of information security practices covering physical, technical, and administrative safeguards, including a comprehensive employee information security training. Failure to implement these best practices can result in a security incident or worse, a data breach. Not only are data breaches costly because of the notification provisions, including providing credit bureau monitoring, it can be difficult for a company to survive after a breach. It is not unusual for a company to file bankruptcy after a data breach.

Reputation and Customer Retention

Although complying with federal and state regulations helps companies avoid costly—even criminal—penalties, consumer trust that their financial data is being protected is critical to maintaining a positive reputation and retaining customers (even if they fall into delinquency).

Data protection policies can often be treated as a set-it-and-forget-it, or even treated as a luxury of lower priority due to limited resources, expertise, or familiarity. But for today’s consumers, data security is a top priority.

A recent study by MAGNA Media Trials and Ketch, showed across every age group74% of people rank data privacy as one of their top values—consistently rank data privacy as their top concern. And on the flip-side, the study showed nearly 9 out of 10 consumers report strong data privacy practices positively impact their relationship with a company.

Keeping Up With Compliance

Along with federal regulations, individual states are also issuing new laws focused on consumer data protection. California, Utah, Colorado, Connecticut and Virginia all passed data privacy laws over the past several years that take effect in 2023. This past March, Iowa passed a Data Privacy Law that takes effect on January 1, 2025 that is very similar to both Virginia and Colorado’s laws affording consumers a right to know and right to request deletion. Pennsylvania amended its Breach of Personal Information Notification Act, by among other things, expanding the definition of “personal information” to include medical and health information, and a username or e-mail address in combination login credentials. Several more states have draft privacy and security laws in draft.

Although GLBA and other data protection and privacy laws are the hot topic when it comes to compliance today, it isn’t the only federal privacy regulations lenders and debt collectors need to follow and monitor for changes—or face the consequences of non-compliance. Here are some recent laws and amendments impacting the industry:

  • The Fair Credit Reporting Act: Credit reporting companies and users of credit reports have specific obligations to protect the public’s data privacy, with potential criminal liability for certain misconduct.
  • The Dodd-Frank Wall Street Reform and Consumer Protection Act: Established a new Consumer Financial Protection Bureau with the authority to supervise and regulate entities that offer or provide consumer financial products or services.
  • Health Insurance Portability and Accountability Act (HIPAA): Two part rule for privacy and security of personal health information that applies to covered entities (doctors, hospitals, pharmacies, insurers, and their vendors). PHI – is defined broadly to include any information provided to the covered entity by the patient.

Consumer Data Protection is Not a Luxury

Having good security practices in place is not only beneficial for both consumers and businesses, but also critical to stay compliant with all the new laws and amendments being introduced. Here are some of the best privacy and security practices to implement to protect customers, companies, and stay compliant:

  • Practice data minimization.
  • Know where personal information lives at all times by creating a data map of where the data goes and is stored throughout your systems, which includes knowing your vendor’s data security and privacy practices and controls.
  • Know who has access to personal information and routinely examine if that access is necessary to complete that job function.
  • Be intentional with how data is organized and stored so it can be easily segmented and treated differently if need be (think network segmentation).
  • Have a public facing Privacy Notice–and make sure it accurately reflects your practices for use, collection, deletion and correction.
  • Conduct an annual data security risk assessment to continually reassess areas for improvement and where you may need additional controls.
  • Ensure contracts with parties whom you receive and/or give personal information to specifically address each parties’ obligations and restrictions for how personal information is used, shared, disclosed, stored, and sold (if permitted).

The TrueAccord Approach

At TrueAccord, empathy towards the consumer is a core part of our company mission: we enable businesses to collect more, faster, and from happier customers.

Ready to collect more, faster from happier customers? Learn how TrueAccord weaves compliance and data security into debt recovery by scheduling a consultation today»»

A Closer Look at the Gramm-Leach-Bliley Act (GLBA): Updates to the Safeguards Rule

By on June 6th, 2023 in Compliance, Industry Insights

Protecting personal and financial information is critical in today’s digital age. Where data has its own intrinsic value and where data breaches and cyberattacks are a risk for every business, the Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA) provides financial institutions, including those in the accounts receivable management industry, with guidance on how to safeguard customer information.

The existing Safeguards Rule provided financial institutions with much flexibility and discretion when determining what kinds of safeguards were best for their organizations and risks. With the amendments which go into effect on June 9, 2023 financial institutions now have a more prescriptive recipe for what those safeguards need to be.

What is the Gramm-Leach-Bliley Act (GLBA)?

The Gramm-Leach-Bliley Act, or GLBA, is a federal regulation to control how financial institutions collect, store, and transmit consumer information. Although GLBA was enacted by the Federal Trade Commission (FTC) in 1999, changes have been anticipated for the last few years.

In October 2021, the FTC announced new amendments coming to the Standards for Safeguarding Customer Information, known as the “Safeguards Rule,” and an issuance of a final rule, referred to simply as the “Final Rule.” Originally set to go into effect in 2022, financial institutions—a designation that has also been updated—now need to prepare for the changes or risk non-compliance and its consequences before they go into effect on June 9, 2023.

What is the Safeguards Rule?

The Safeguards Rule took effect January 10, 2021, and its requirements were first set to go into effect beginning December 9, 2022, but the FTC announced it would extend the deadline for financial institutions to develop, implement, and maintain a comprehensive information security program by June 9, 2023.

There are five overarching modifications to the existing Safeguards Rule:

  • Provides covered financial institutions with more guidance on how to develop and implement specific aspects of an overall information security program
  • Improves the accountability of these security programs, such as requiring financial institutions to designate a qualified individual responsible for overseeing, implementing and enforcing the program
  • Exempts financial institutions that collect information on fewer than 5,000 consumers from the requirements of a written risk assessment, incident response plan, and annual reporting to the board of directors
  • Expands the definition of “financial institution” within the scope of the Safeguards Rule – see the expanded definition in the next section below
  • Includes several other definitions and related examples in the amended Safeguards Rule itself in an effort to make it more self-contained and to enable readers to understand its requirements without referencing the FTC’s Privacy of Consumer Financial Information Rule

Along with these updates to the Safeguards Rule, let’s examine a few other specifications of the updates.

What are other updates to the Safeguards Rule?

The expanded scope of financial institutions that are subject to the Safeguards Rule is significant. Under the new Final Rule, “financial institutions” now include entities engaged in activities that the Federal Reserve Board determines to be incidental to financial activities, such as:

It is important to note that the Final Rule does not apply to national banks, savings and loan institutions, and federal credit unions, as these institutions are not subject to the FTC’s jurisdiction.

The Final Rule requires these covered financial institutions to comply with specific new requirements, such as:

  • Encrypt all customer information held or transmitted in transit over external networks and at rest
  • Multi-factor authentication for any individual accessing any information system, unless the use of reasonably equivalent or more secure access controls has been approved in writing by a qualified individual at the financial institution
  • Conduct periodic written risk assessments, and the results of such risk assessments should drive the information security program
  • Create procedures for evaluating, assessing or testing the security of externally developed applications used to transmit, access or store customer information
  • Set procedures for secure disposal of customer information no later than two years after the last date the information is used
  • Implement policies, procedures, and controls designed to monitor and log the activity of authorized users and detect unauthorized access or use of, or tampering with, customer information by such users
  • Provide personnel with security awareness training, and provide information security personnel with training to address relevant security risks; and that key information security personnel take steps to maintain knowledge of changing information security threats and countermeasures
  • Written incident response plan designed to promptly respond and recover from any security event affecting the confidentiality, integrity, or availability of customer information
  • Qualified individual to regularly, and at least annually, report in writing to an organization’s governing body (e.g., board of directors) regarding the status and material matters of the information security program
  • Regularly test or otherwise monitor the effectiveness of the safeguards’ key controls, and conduct required penetration testing annually and vulnerability assessments at least every six months and whenever there are material operational or business changes

Given the expanded definition of “financial institutions,” some of these organizations may be unfamiliar with the extent of these requirements, and even those familiar with GLBA previously must be ready to comply or face the consequences.

What are the penalties for non-compliance with GLBA?

Whether it’s GLBA, Regulation F, or any of the numerous state laws, companies can face serious penalties for compliance failures—monetary, reputational, and even criminal. When it comes to GLBA, non-compliance penalties include:

Section 5 of GLBA grants the FTC the authority to audit policies to ensure they are developed and applied fairly—all the more reason to follow the Safeguards Rule’s provisions of self-audits and testing. 

Learn More About Compliance and Collections

Now that you have the breakdown of the Gramm-Leach-Bliley Act updates to the Safeguards Rule, are you familiar with the other laws and regulations governing debt collection? Check out our Collections & Compliance resources to see what other regulatory guidelines may impact your business or schedule a consultation to get started»»

Call-and-Collect vs Digital-First Engagement for Debt Recovery

By on June 1st, 2023 in Compliance, Customer Experience, Industry Insights, Product and Technology, User Experience

Outbound calling has been the main mode of collections for decades, but the cost of a call center or in-house full-time employees (FTEs) making calls is no longer justifiable when most consumers simply don’t answer the phone, on top of the mounting compliance restrictions limiting opportunities to call in the first place.

But outbound dialing isn’t completely obsolete—digital-first omnichannel strategies can turn traditional call-and-collect operations around by integrating new digital channels into the communication mix.

Let’s compare traditional outbound calling methods versus a digital-first approach in three key areas impacting your business’s ability to collect more, faster:

  • COST
  • COMPLIANCE
  • CONSUMER PREFERENCES

Get even more statistics and data in our latest eBook — Why Evolve from Outbound Calling to Omnichannel Engagement? Cost, Compliance, & Consumer Preferencesavailable for download now»»

COST: Call-and-Collect

The cost to collect has been on the rise for traditional methods for years, whether you outsource to a call center or have FTEs dialing the phones.

One reason for this rise is based on the fact that many lenders still practice old strategies to prioritize contacting customers based on their risk profiles, balance, and average days delinquent—completely missing portions of their portfolios. Factoring in propensity to pay is important to successful engagement, but it means that agents’ time is focused on only a small portion of accounts, leaving potential repayments on the table.

Add in the overhead costs, inflation, and hiring challenges of using agents as first attempts at engagement and watch the expenses continue to climb past what you’re able to collect through outbound calling.

COST: Digital-First Omnichannel

Right off the bat, digital-first shows the cost of collections can fall by at least 15%.

Since digital is infinitely scalable, this communication tactic can touch every single account, regardless of scoring models—unlike human dialers who can only physically call a certain number of accounts on any given day. Going digital-first cuts down on the time billed for making repeated outbound calls that are never answered or returned, and it allows agents to interact with customers that want to speak directly to a person.

Overall, digital-first has shown to boost customer engagement by 5x, the first step towards repayment.

COMPLIANCE: Call-and-Collect

It’s no secret that it’s increasingly complicated to reach customers with all the legal communication restrictions.

While all debt collection communication is subject to compliance rules, outbound calling has specific laws and regulations that can carry costly penalties for non-compliance—and it’s only becoming more complex with new state-specific rules rolling out right and left. But no matter where your business is doing business, if you’re making collection calls you must follow these federal guidelines:

  • Inconvenient Time Rule: prohibits calling before 8am or after 9pm
  • Regulation F’s 7 and 7 Rule: Cannot call more than seven times within a seven-day period
  • Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act) tagging legitimate businesses as spam
  • FCC Orders further restrict dialing to landlines and include opt-out requirements for prerecorded voice messages

But there is a more streamlined way to ensure your collection communications are following all the rules: enter code-based compliance.

COMPLIANCE: Digital-First Omnichannel

Code-based compliance works by programing rules that ensure all communications fall within all federal and state laws and regulations, such as:

  • Frequency and harassment restrictions
  • Consent requirements*
  • Disclosure requirements

This digitally designed approach to compliance greatly reduces the opportunities for human error that are bound to occur in more manual processes. Additionally, the digital-first approach allows companies to continue to collect during times that calling would violate certain regulations, like the Inconvenient Time Rule. In fact, 25% of payments come in after 9pm or before 8am (the determined inconvenient times), since these hours can actually be more convenient for consumers to catch-up on digital communications they received throughout the workday.

*Generally, there is no requirement in the federal law to send debt collection communications by email, though some states are more restrictive. This is not legal advice, please consult an attorney for guidance on your unique circumstance.

CONSUMER PREFERENCE: Call-and-Collect

46% of consumers want to be reached through their preferred channels—so what are today’s consumers’ preferences?

Here’s a hint: phone calls aren’t at the top of the list.

And today’s Right Party Contact rates show it, ranging between just 0.5% – 4.0%. And out of those that do answer the phone, 49.5% of consumers take no action after a collection call. The old call-and-collect tactic may actually do more harm than good if compliance rules are ignored: out of the communication tactic complaints received by the CFPB in 2020, over half complained of frequent or repeated calls.

CONSUMER PREFERENCE: Digital-First Omnichannel

So if phone calls aren’t consumers’ preferred method of communication, then what is? For 59.5% of consumers, email is their first preference when it comes to debt collection communications. This is especially important considering that first contacting a customer through their preferred channel can lead to a more than 10% increase in payments.

This digital preference isn’t surprising since nearly nine in ten Americans are now using some form of digital payments—why would they expect collections to be any different? 14% of bill-payers prioritize payments to billers that offer lower-friction payment experiences, and digital is often preferred because of it. Digital communications are easily controlled by consumers and are tightly managed by service providers with built in mechanisms to prevent harassment (like with code-based compliance), which we know has historically been a challenge for call-and-collect practitioners.

Digital-First is the Future of Collections

And it’s here today, working for TrueAccord clients and customers.

At TrueAccord, we find that more than 96% of customers resolve debts without any human interaction when digital options are offered—reducing costs associated with outbound calling, lowering risks with code-based compliance built in, and delivering an experience that consumers prefer.

Get even more statistics and data in our latest eBook — Why Evolve from Outbound Calling to Omnichannel Engagement? Cost, Compliance, & Consumer Preferencesavailable for download now»»

Ready to go digital-first with your debt recovery operations? Schedule a consultation to get started today!

Coast to Coast: the State of Privacy and Compliance in 2023

By on April 20th, 2023 in Compliance, Industry Insights, Webinars
Coast to Coast: The State of Privacy and Compliance in 2023

Disclaimer: The information provided in this blog post does not, and is not intended to, constitute legal advice. 

Protecting consumer privacy is not an unfamiliar concept in our industry and it’s something that should already be woven into our policies, procedures, and practices. With the rapid increase of state privacy laws across the United States, any company that collects, uses, transmits, or receives consumer data has to stay up-to-date on all related compliance issues.

In a previous webinar, Coast to Coast—the State of Privacy and Compliance in 2023, TrueAccord’s legal experts discussed the newest federal privacy laws and all the related compliance issues. Watch the full webinar on-demand now!

The passage of the FTC’s Safeguards Rule, amending the Gramm Leach Bliley Act (GLBA), has been a big topic in data security conversations across the financial services industry as businesses prepare to be in compliance on or before the extended effective date of June 9, 2023. Meanwhile, several states have actively been considering and passing new legislation requiring additional policies, controls, and practices not only in the data security space but also for data privacy and data breaches. It is important for Chief Information Security Officers, Privacy Officers, and Chief Compliance Officers to stay on top of this legislation, as well as Chief Executive Officers since we have seen many federal and state actions naming the CEO in their individual capacity for failing to properly secure and protect data or to properly delegate these responsibilities to the appropriate persons within their organizations. 

**Please note this article is not legal advice. This is not an exhaustive list of all laws. You should consult a lawyer if you have questions about federal and state data security, privacy or breach laws.

Data Breach Laws

All 50 states have data breach notification laws on the books. In 2022, 19 states considered enhancing their data breach laws.

Those states that passed revised data breach laws, tightened up notification timelines, added additional definitions of what constitutes personal information, and expanded the notification requirements to include additional state agencies. For example, Arizona’s law HB 2146, amending Arizona Revised Statutes section 18-552, not only requires that notification be made to consumers but also to the Director of Arizona’s Department of Homeland Security. If the breach impacts more than one thousand people, then the law requires the notification also be given to the three largest nationwide credit reporting agencies, the attorney general, and now the Director of Arizona’s Department of Homeland Security. 

While most states are shortening the time frame in which a consumer must be notified of a data breach to 45 days or less, some of these laws include exceptions or a short list of situations in which a delay in notification is permissible. For example, Indiana’s revised law, H.B. 1351, amending Indiana Code 24-4.9-3-3, limits a permissible delay in notification three circumstances: (1) when the integrity of the computer system must be restored, (2) when the scope of the breach must be discovered, or (3) when the attorney general or a law enforcement agency asked to delay disclosure because disclosure will impede a criminal or civil investigation, or jeopardize national security.

Both Maryland (H.B. 962, amending Maryland Personal Information Protection Act and section 14-3501 of the Annotated Code of Maryland)and Pennsylvania (S.B. 696, amending the Pennsylvania Breach of Personal Information Notification Act) expanded the definition of “personal information” to include medical and health information, including a definition of “genetic information” in Maryland’s law.

Since the webinar, Utah Governor Spencer Cox signed into law Senate Bill 127 on March 23, 2023, which amends the state’s data breach notification statutes. The amendments go into effect May 2, 2023.*

Along with updates to states’ laws, Federal regulators are also providing additional guidance too. For example, the Office of the Comptroller of the Currency (OCC) recently released more information regarding when banks need to know from their vendors about data breach including ransomware notifications.

Data Privacy Laws

In addition to creating and updating laws to help consumers in the event of a data breach, states have also been enacting laws dedicated to protecting consumer privacy. There are six states with comprehensive data privacy laws: California, Connecticut, Colorado, Iowa*, Virginia, and Utah. These laws give consumers various rights over their personal information, such as the right to know what information companies collect and use, a right to correct their information, a right to opt-out of the sale of such information, and a right to request deletion. 

In 2022, Congress introduced a federal privacy law, HR 8152, the American Data Privacy and Protection Act; however, it did not make it to the finish line despite having bipartisan support. It contained some preemption of state privacy and data protection laws, which would have been a relief to many companies navigating the existing patchwork of state laws.  As of January 2023, many states have introduced privacy-related bills and this is likely to continue throughout the years to come. 

California took the privacy law lead in passing the California’s Consumer Privacy Act of 2018 (CCPA) that went into effect in January of 2020 to protect the use and sharing of personal data. California recently expanded the CCPA with the California Privacy Rights Enforcement Act (CPRA) that took effect on January 1, 2023. The law created the new California Privacy Protection Agency and gave it the power, authority, and jurisdiction to implement and enforce CRPA. Additionally, businesses must regularly submit their risk assessment on the processing of personal information to this new agency. 

The four other states that followed suit have substantially similar laws with broad definitions of personal information. These laws typically apply to persons that conduct business in the state and processing a set minimum of consumer data records (typically 25,000 or more) or businesses who earn at least 50% of their revenue from the sale of consumer data. 

These laws give consumers various rights, such as the right to access their personal data, correct inaccurate personal data, delete personal data, in certain circumstances, obtain a copy of the personal data they previously provided to a controller, opt-out of the processing of their personal data if related to targeted advertising, sale of personal data or certain profiling activities, appeal a controller’s refusal to take action on a request, and submit a complaint to the attorney general if an appeal is denied. Interestingly, Colorado’s law makes clear that a consumer’s consent is not valid if obtained through the use of a “dark pattern.” 

These laws do not give consumers a private right of action but are enforced by the state’s attorney general with civil monetary fines calculated per violation. These laws also contain exemptions for data already protected by other laws, such as HIPAA, FCRA, and GLBA.

Virginia’s law took effect January 1, 2023. Both the Connecticut and Colorado Data Privacy Acts will go into effect July 1, 2023. The Utah Consumer Privacy Act takes effect December 31, 2023. The Iowa privacy bill (SF 262) was signed into law by Gov. Kim Reynolds on Tuesday, March 28, 2023. The legislation is set to take effect Jan. 1, 2025.*

Best Practices for the Future of Data Security & Privacy 

Having good security practices in place is not only beneficial for both consumers and businesses, but is absolutely critical to stay compliant with all the new laws and amendments being introduced. 

So what are some of the best privacy and security practices to implement to protect customers, companies, and stay compliant? 

  • Practice data minimization.
  • Know where personal information lives at all times by creating a data map of where the data goes and is stored throughout your systems, which includes knowing your vendor’s data security and privacy practices and controls. 
  • Know who has access to personal information and routinely examine if that access is necessary to complete that job function.
  • Be intentional with how data is organized and stored so it can be easily segmented and treated differently if need be (think network segmentation). 
  • Have a public facing Privacy Notice–and make sure it accurately reflects your practices for use, collection, deletion and correction.
  • Conduct an annual data security and privacy risk assessment to continually reassess areas for improvement and where you may need additional controls.
  • Ensure contracts with parties whom you receive and/or give personal information to specifically address each parties’ obligations and restrictions for how personal information is used, shared, disclosed, stored, and sold (if permitted).

Compliance with data privacy and data security requirements will continue to progress as new laws and regulations are passed. Best practices will continue to evolve as well, as we continue to learn more about the expectations from Federal and state legislators and regulators, and as companies navigate evolving threats and vulnerabilities. Watch the full Webinar: Coast to Coast— the State of Privacy and Compliance in 2023 here »»

Learn more in our Compliance & Collections Resource Center or schedule a consultation today

Footnotes: 

*The Iowa privacy bill (SF 262) was signed into law by Gov. Kim Reynolds on March 28, 2023 after TrueAccord’s Coast to Coast webinar. 

*The data breach law for Utah was passed on March 23, 2023 after TrueAccord’s Coast to Coast webinar