OFFICIAL PUBLICATION OF THE MONTANA AUTOMOBILE DEALERS ASSOCIATION

Pub. 2 2022 Issue 2

FTC Safeguards Rule Compliance: More of a Trick and Hardly a Treat

As we get closer to wrapping up 2022, it should come as no surprise by now that the Federal Trade Commission (FTC) remains active in directing its attention toward dealerships across the country. Aside from the Motor Vehicles Trade Regulation Rule that is taking up most dealer attorneys’ attention as of late (as well as the National Automobile Dealers Association), another looming, and arguably just as important, regulation will come knocking at your showroom door come December 9th called the Gramm-Leach-Bliley Act’s revised Safeguards Rule. They won’t be looking for candy.

Oh yes, the Safeguards Rule. Dressed up as a set of consumer protection regulations (and for all intents and purposes, they are), the Safeguards Rule represents another arrow in the FTC’s quiver as it goes hunting for violating dealers. Having provided Safeguards Rule compliance services to over 6,000 dealerships of all sizes for over a year now, I can tell you now that the FTC should drop the bow and pick up a rifle because the concept of data protection in the automotive retail space likens dealerships to fish in a barrel more than deer in the great outdoors.

Your IT or MSP Company is Not Enough – ComplyAuto Works with Them
A quick read of the regulations suggests that the Safeguards Rule is a set of data protection and cybersecurity requirements that all dealerships must follow by December 9 this year. It is tempting to think that your IT company or Managed Service Provider (MSP) can provide you with all of the tools necessary for compliance, but contrary to popular belief, they are just one piece to the equation.

The Safeguards Rule consists of both technical and non-technical requirements. Some of the non-technical requirements that IT companies and MSPs may not be equipped to help you with are:

  • Creating an Information Security Program (and designating a “Qualified Individual”)
  • Creating required policies in the Incident Response Plan, IT Change Management Plan, and Data Retention Plan
  • Training all employees in security awareness that complies with applicable state and federal rules
  • Create written physical/administrative and technical risk assessments
  • Overseeing and monitoring Service Providers in fulfilling their obligations
  • Annual reporting to the Board of Directors (or equivalent)

ComplyAuto can help you in all of these areas and more. Some dealers are happy with their existing providers, and ComplyAuto will work closely with them to help get your dealership in full compliance with federal regulations.

ComplyAuto is a Turnkey Solution for Safeguards Rule Compliance
From the written policies for the organization to the multi-factor authentication on all of the dealership’s devices, ComplyAuto also has the tools to resolve the technical requirements of the Safeguards Rule. By also doing it all ourselves in-house, ComplyAuto is now able to provide a more harmonious integration for the dealership so that it can view all of its services for Safeguards Rule compliance from a single dashboard. No multiple log-ins. No subcontractors giving you the runaround. The buck starts – and stops – with ComplyAuto.

The Montana Automobile Dealers Association has partnered with ComplyAuto to offer our suite of tools to MTADA dealer members at a significant discount of 50% off their monthly subscription for single rooftops and 30% off for auto groups of two to nine rooftops. In addition, MTADA dealer members will have access to the following training at no additional cost:

  1. Adverse Action Notices
  2. Cash Reporting & Anti-Money Laundering (Form 8300)
  3. Credit Score Disclosure (Risk Based Pricing)
  4.  Identity Theft Prevention (Red Flags)
  5. OFAC Sanctions Compliance
  6. Unfair and Deceptive Acts and Practices (UDAAP)

MTADA dealer members interested in learning more about their data privacy and GLBA Safeguards Rule compliance tools can contact us at info@complyauto.com or (661) 214-9760. Visit us at https://complyauto.com.