Press Enter to Search
Compliant Texting for Collections: 7 Things You Need to Know About Consent

Compliant Texting for Collections: 7 Things You Need to Know About Consent

By Rozanne Andersen | Feb 20, 2020 | ARM

This is the second post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.

 

For third-party debt collectors, texting can be a scary proposition. Overlapping requirements and restrictions, and the confusion surrounding them—not to mention the potential backlash from consumers—are enough for many ARM leaders to throw up their hands and say, “No thanks.”

Some agencies, however, have braved this new frontier and succeeded. This begs a simple question: are industry fears of texting overblown?

Previously, we outlined three reasons why adopting text messaging is essential for ARM businesses. Not only does digital communication improve collection results via personalized engagement and convenient self-service tools, but it’s also proving to be the only way to curtail the sharply rising costs associated with live agent calls, paper letters, and first-class postage.

At the heart of many ARM agencies’ compliance fears is uncertainty about how to obtain and manage consent. What constitutes proper consent, and what are the pitfalls to avoid? Here are seven things you need to know, and should discuss with legal counsel, before moving ahead with a text messaging program.

 

 

1. A Text Message Is the Functional and Legal Equivalent of a Phone Call

Text messages trigger the same legal and regulatory requirements as phone calls placed to mobile devices using an automated telephone dialing system (ATDS), prerecorded message, or artificial voice. The Telephone Consumer Protection Act (TCPA) applies to text messaging, as do the Fair Debt Collection Practices Act (FDCPA) and the requirements put forth by CTIA (formerly the Cellular Telephone Industry Association).

But not all text messages trigger state calling times and frequency restrictions.

In the case of self-service text message programs, consumers can request information about their accounts and make payments 24/7. These sorts of self-service actions are initiated by the consumer with the expectation and understanding on the part of the consumer an automated response will be provided to their self-service text request.

For example, if a consumer requests the balance on their accounts at 3:00 a.m., the consumer will immediately receive a text from the agency indicating the total balance due on all active accounts. The automated response sent by the agency’s text messaging service informing the consumer of the balance due should not be deemed a communication that must satisfy state calling times and frequency restrictions.

On the other hand, if the agency initiates a text to the consumer, any such text would trigger state calling times and frequency restrictions. For example, if the agency notifies the consumer their last payment failed, such a text would not be deemed a self-service request. It would be deemed an agency- initiated text similar to an agency initiated outbound call.

The Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act complicates matters for collectors, as it fails to address ARM industry concerns about the TCPA and punts the ball for rulemaking to the FCC.

As we await the FCC’s proposed rules, which should be published in the coming months, the U.S. Supreme Court will revisit TCPA’s federal debt collection carve-out. This decision could have big implications for TCPA compliance when it comes to collecting debts owed to the Federal government and any other type of exemption from the TCPA based on the content of the message.

 

2. Inviting and Convincing Consumers to Text Can Be Challenging

Unless an ARM agency has received consent to text from the creditor (sometimes referred to as pass-through consent), the debt collector will want to create opportunities for the consumer to subscribe to its text messaging program. These opportunities could include the live-agent talk off, the inbound IVR script, a manual text invitation using a Zortman-type voicemail message, verbiage within the text of the collection notice, and the agency’s consumer portal.

If an agency has obtained pass-through consent to text from the creditor, the agency may initiate a text message inviting the consumer to subscribe to its text message service. The caveat to relying on pass-through consent is that this does not solve the reassigned number conundrum (see below).

Apart from compliance concerns, ARM agencies must somehow convince consumers to subscribe to their text messaging service. To the average consumer, the benefits of texting with a debt collector might not be immediately clear. I recommend starting off with a self-service text messaging program that allows consumers to choose the type and frequency of messages received and manage their accounts with ease.

 

3.  The Reassigned Number Conundrum Is Real, but the Risk Is Manageable

When a consumer relinquishes their mobile number to a carrier, the carrier will reassign the number to another consumer. The law remains unsettled as to whether a text or ATDS call placed to the new consumer using a mobile number for which the calling party once had consent is a violation of the TCPA after the number is reassigned.

At least one court recognizes the conundrum, holding that the calling party is not liable for the call placed in error. In Sandoe v. Boston Sci. Corp. (Civil Action No. 18-11826-NMG, 2020 U.S. Dist. LEXIS 2800 [D. Mass. Jan. 8, 2020]), the Court granted summary judgment in favor of the defendant, ruling a calling party may reasonably rely on consent associated with a mobile number

“This Court declines to contravene the FCC’s regulation by interpreting the TCPA as requiring callers to do what the competing expert reports in this case demonstrate is either impossible, or at least highly unreliable.”

To avoid any issue over the validity of pass-through consent, debt collectors should conduct a scrub to ensure the consumer who originally granted the consent is still associated with the mobile number.

 

4. Text Consent Need Not Be Specific to Meet the Requirements of the TCPA

Under the TCPA, you do not need consumers’ specific permission to text as long as you properly obtain consent (whether verbally or in writing) to meet the minimum requirements of the TCPA. From a legal standpoint, consent to autodial, leave a prerecorded message, or use an artificial voice in an outbound communication to a mobile phone includes consent to text.

Nevertheless, most creditors and third-party collection agencies err on the side of caution by seeking express, specific consent to text—not just to avoid legal complications, but to be sensitive to consumers’ wishes. This is a smart move, especially now that service quality has become a leading differentiator in the ARM market.

 

5. CTIA—the Mobile Industry Standard for Short Code Text Messaging—Requires More Than the TCPA

CTIA (formerly the Cellular Telephone Industry Association) is the self-regulatory body governing the use of short code text messages. The CTIA’s consent-to-text requirements are more stringent than the TCPA’s.

Unlike the TCPA, which recognizes a consumer’s verbal permission to text, the CTIA requires consumers to affirmatively subscribe to or join a text message program. Consumers can do so by replying to a text message inviting them to participate or by initiating a text message to a short code using a keyword such as YES, ENROLL, or SUBSCRIBE.

Although the CTIA’s guidelines for text messaging consumers do not establish a private right of action,  operating outside of them could lead major carriers to block your text messages.

 

6. Prior Express Consent Gives Third-Party Collectors the Green Light to Text First

If you have received pass-through consent to text from the creditor, or the consumer provides their consent to text verbally, you are permitted to send a text message to that consumer’s mobile number inviting the consumer to agree to terms and conditions and opt into your text messaging program by way of a text message response.

 

7. Invitations to Text Should Be Transparent—with No Strings Attached

CTIA comes down hard on what it considers unfair practices—not just the failure to properly obtain consent, but also unreasonable claims and demands.

For example, carriers prohibit the use of the word “free” in describing a standard messaging rate texting campaign. Any messages a consumer receives from a business may trigger text and data charges for which the consumer must pay.

CTIA also prohibits a business from requiring a consumer’s consent as a condition of an opportunity—e.g., a settlement or type of payment. If you’re going to offer consumers the option to text, you must offer it as a service without demanding anything in return.

Clarity and transparency are key to a compliant, successful text messaging program. Make sure your invitation to text is worded in a simple, straightforward way, with no inflammatory language (intentional or not). This will help ensure consumers understand exactly what they’re consenting to—and help you avoid service failures, legal problems, and lost opportunities to collect.

 

Learn More About Compliant Texting for Collections

To successfully make the leap to digital communications, you’ll need to focus your efforts in three areas: 1) applicable laws, regulations, and industry standards; 2) consumer expectations for service; and 3) day-to-day compliance management.

I’ve outlined what you need to get started in our complementary eBook “Ready to Text 2.0: The Collection Professional’s Guide to Compliant Communication in 2020.” In it, you’ll learn why texting is important, what recent legal decisions mean for collectors, and how to mitigate your legal risks and serve consumers well.

If you missed my recent webinar “Game-Changing TCPA Cases & the TRACED Act: The Bottom Line for Collectors,” I encourage you to download the recording today so you can better understand how these laws intersect and the steps you should take to protect your business.

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2020 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Ready to Text in 2020?

Text messaging for collections is complicated. It’s also mission critical. Our brief ARM industry texting guide, newly updated for 2020, has the insights and advice you need to get your digital communications program up and running.

Don’t get left behind. Download your copy today!

Get the eBook

Are You Ready to Text?

Take charge of compliance and start texting with confidence. This free eBook (newly updated for 2020) explains how.

GET THE EBOOK
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

RMAI Recap: Top 4 ARM Industry Topics and Key Takeaways

RMAI Recap: Top 4 ARM Industry Topics and Key Takeaways

By Rozanne Andersen | Feb 18, 2020 | ARM

If the Receivables Management Association International’s (RMAI) 2020 annual conference was any gauge of the accounts receivable management (ARM) industry’s future, I would say business is in for another good run. More than 1,300 debt buyers, first- and third-party collectors, government officials, and service providers descended on Las Vegas for what I believe was the best education conference I’ve attended in years.

Session attendance was so strong, presentations were often made to standing room–only crowds, and the Exhibit Hall was no exception.

Over the course of the four-day event, certain themes dominated the conversation: digital consumer communications; diversity, inclusion, and ADA compliance; the CFPB’s new rules for debt collection; and new legal theories plaintiffs’ attorneys are formulating in the name of consumer protection.

Let’s dive into each of these RMAI themes one by one.

 

Digital Communications

One-way and two-way text messaging, along with email communications and the use of secure URL links, are coming of age for debt collectors. Yet E-Sign consent remains a challenging topic both conceptually and technically for the industry as a whole.

To properly obtain a consumer’s consent to substitute the digital delivery of a legally required disclosure or legally required written document (such as a validation notice or post-dated payment reminder), a collector must require the consumer to demonstrate their ability to send and receive the information at the mobile number or the email address they choose for this purpose. E-Sign consent is not valid until the demonstration is complete.

 

Diversity, Inclusion, and ADA Compliance

Three years ago, these topics would not have been included in a session agenda for an ARM industry conference. Today, they’re among the industry’s hottest topics.

First- and third-party collectors employ over 130,000 people of diverse backgrounds. Understanding how to manage individuals who vary by age, socioeconomic status, race, gender, and religious beliefs has become critically important to organizational success. By including people from diverse groups in the decision-making process—from the front line all the way to the C suite—companies can positively impact their employee retention rates, brand reputation, and profitability.

ARM businesses should be equally focused on meeting the needs of diverse consumers—including those with disabilities. The Americans with Disabilities Act (ADA) has traditionally applied to brick-and-mortar businesses, but the 9th Circuit made the ADA come alive for the ARM industry in the matter of Domino’s Pizza LLC v. Robles.

Domino’s argued that companies were not required under the law to make their websites and mobile apps fully accessible so long as they offered customers with disabilities other options for accessing the goods and services, such as a telephone hotline.

The 9th Circuit disagreed. The Court held the ADA applies to a company’s website and mobile app as well as any brick-and-mortar presence it may have. In the Court’s opinion, the ADA “applies to the services of a place of public accommodation, not services in a place of public accommodation” (emphasis added).

 

CFPB’s New Rules for Debt Collection

The RMAI conference buzzed with the unofficial announcement that the Consumer Financial Protection Bureau (CFPB) will be publishing its final rules for debt collection in Q2 or Q3 of 2020. The new rules will take effect one year after the date of publication in the Federal Register.

If the CFPB is true to its “word,” albeit unofficial, this means agencies will have months, not years, to adapt—i.e., update their policies and procedures, reengineer their software applications, modify creditor-client contracts, embrace technology to communicate digitally, and incorporate artificial intelligence in their contact management workflow.

Attendees also learned the CFPB plans to publish a new rule for out-of-statute debt. In its notice of proposed rulemaking for debt collection, the CFPB reserved the right to study issues pertaining to the collection of out-of-statute debt. After many months of research, the CFPB has identified disclosure requirements for the collection of out-of-statute debt. The new rule for out-of-statute debt collection, once final, will be included in the comprehensive final rules for debt collection.

 

New Legal Theories and Claims

One of the required courses for RMAI certification is the ever-popular Hot Topics session presented by a panel of RMAI-certified attorneys. This year’s Hot Topics included an explanation of a new claims attacking the validity of a judgment on the grounds:

  • The judgment was obtained by an unlicensed debt buyer;
  • An incorrect interest rate was applied to the judgment total; or
  • The underlying debt was not valid, and the original service of process was insufficient.

Other hot topics included a discussion of the difference between convenience fees charged by agencies and convenience fees charged by third-party processors as well as issues relating to credit reporting and trade line deletion practices.

 

Final Thoughts

Throughout the conference, Solutions by Text did a fantastic job updating the attendees with information about the networking events and providing them with access to PowerPoint decks and materials for the sessions.

For additional information about the RMAI conference or any of the topics mentioned above, visit https://rmaintl.org/.

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2020 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Ready to Text in 2020?

Text messaging for collections is complicated. It’s also mission critical. Our brief ARM industry texting guide, newly updated for 2020, has the insights and advice you need to get your digital communications program up and running.

Don’t get left behind.

Download your copy today!

Get the eBook
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.
 

Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today.
 
Maybe you haven’t made the leap because you’re uncomfortable with the idea of going digital. You aren’t sure how to avoid the pitfalls (of which there are many). You’re hoping that at some point, texting will become less of a compliance risk.
 
Let’s face it. If you’re waiting for just the right moment to start texting, you never will—to the ongoing detriment of your business.
 
Communication technologies continue to advance at lightning speed and change the way businesses and consumers interact. Relying solely on letters and phone calls to reach consumers is no way to operate, much less get ahead in the marketplace. In fact, playing it safe may be the greatest threat to your business long term.
 
Still wavering on the idea of texting consumers? Here’s why you need to act, and act soon.
 
 
 

3 Reasons Why Text Messaging Is Essential for Collections and ARM Industry Success

To achieve breakout success in 2020, you need an omnichannel communications strategy that includes text messaging. The benefits of going digital, and the downsides of ignoring these channels, are too great to ignore.
 
 

1. The World Has Gone Mobile

In 2017, according to CTIA (formerly the Cellular Telecommunications and Internet Association), Americans used 16.7 trillion megabytes of data. That’s 40 times the volume of traffic in 2010. In just one year (2017–2018), mobile data usage in the U.S. increased by 82%.
 
CTIA’s 2018 report reflects not only a growing shift to 5G and surge in data-only devices including connected cars and wearables, but also the widespread use of text messaging as a preferred method of communication. In 2018, 2 trillion text messages were exchanged—the equivalent of 63,000 per second. Of those 2 trillion text messages, 95% were opened within a few minutes of receipt.
 
There’s no pretending these trends aren’t relevant to the ARM industry. Texting is, far and away, the best way to reach consumers and engage them effectively.
 
 

2. Texting Offers Unparalleled Advantages

Not only is text messaging more cost effective than other types of communication, but it can help improve efficiency by offering consumers a convenient way to manage their accounts and make payments without having to interact with a person. This frees collection teams to pursue higher priority accounts as needed, helping boost revenue recovery across the board.
 
 

“You’re in trouble with a credit card. You’re behind, and the company keeps chasing you with letters and calls, which you stopped trying to deal with weeks back. It’s 89 days in of the 90-day window before things go to a deeper level of seriousness.

 

And then you get a text, which you answer. And before long, you have come to an arrangement with the finance company you were too stressed out/ashamed/embarrassed to call back.”

 

Contactcenterworld.com

 
 
Quality of engagement matters, too. By offering consumers a channel they want and getting their permission to communicate via text, you can provide a positive experience that exceeds their expectations and leave them more inclined to work with you on outstanding debts.
 
Almost immediately, you’ll be operating at less cost and improving your collection results through better customer service. As a result, you’ll become “stickier” to your existing clients and a force to be reckoned with in your industry. 
 
 

3. Texting Technology Can Simplify Compliance Management

Texting for debt collections is complicated. Your program will be subject to CTIA requirements, the Fair Debt Collection Practices Act (FDCPA), the Telephone Consumer Protection Act (TCPA), and other applicable laws. You’ll need to draft your terms and conditions, consider opt-in/opt-out requirements, and manage consent with the utmost precision.
 
Believe it or not, this is all very manageable—even day to day, on an ongoing basis.
 
Your first step is to determine how your program will satisfy your business needs and strategies as well as all legal and industry requirements that apply. Sounds daunting, but a good legal partner and an automated, compliance-minded text messaging platform—technology that’s readily available today—are all you need to minimize your risks, reduce your operating burdens, and position your business for accelerated growth.
 
 

If You Plan to Text, You Won’t Want to Miss These RMAI Sessions

If you’ll be traveling to Las Vegas next week for RMAI, I hope you’ll join Ontario Systems Chief Compliance Officer Rozanne Andersen for these two sessions. She and her fellow panelists will tackle digital communications in more detail and share some important insights and practical tips you can use to get started with texting. (You can find brief session descriptions and panelist bios on the RMAI 2020 Agenda page.)
 
 
  • The New World Order—Communicating with Consumers via Email and Text—What You Need to Know (with Mike Cantrell, Solutions By Text): Wednesday, February 5, 3:00–3:50 p.m., Juniper 2
  • Current Issues in Receivables Management (with Tomio Narita, Simmonds & Narita LLP, and Jackson Walker, Resurgent Capital Services): Thursday, February 6, 9:00–10:50 a.m., Juniper 2
 
 
In the meantime, be sure to read our newly revised and updated eBook, Ready to Text 2.0: The Collection Professional’s Guide to Compliant Communication in 2020. You’ll learn the basics of text messaging, how to navigate compliance issues, and what recent landmark decisions could mean for you.
 

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2020 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Ready to Text in 2020?

Text messaging for collections is complicated. It’s also mission critical. Our brief ARM industry texting guide, newly updated for 2020, has the insights and advice you need to get your digital communications program up and running.

 

Don’t get left behind. Download your copy today!

Get the eBook
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

What the TRACED Act Means for Third-Party Collectors—and 5 Tips for Protecting Your Business

What the TRACED Act Means for Third-Party Collectors—and 5 Tips for Protecting Your Business

By Rozanne Andersen | Jan 28, 2020 | ARM

During the waning hours of the first session of the 116th Congress, robocall practices were attacked with lightning speed in the form of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act. Sponsored by South Dakota Republican Senator John Thune and New Jersey Democratic Congressman Frank Pallone, this bipartisan bill was signed into law by President Trump on December 30, 2019.
 
Arguably hidden behind its stated purpose, which was to modify sections of the Telephone Consumer Protection Act at 47 U.S.C. § 227 (TCPA), the TRACED Act is essentially a codified directive to the Federal Communications Commission (FCC) to enact rulemaking on a number of issues relating to robocalls. This was a very formal way for Congress to push the sticky business of reforming the TCPA to the chief regulator of the communications industry, the FCC.
 
For all practical purposes, the TRACED Act is a win for both consumers and the telecommunications industry. But it represents a devastating loss for third-party debt collectors.
 
 

ARM Industry Concerns Left Unaddressed

Since 2005, the accounts receivable management (ARM) industry has fervently lobbied Representatives and Senators on both sides of the aisle for amendments to the TCPA. During this time, the industry also advocated before the FCC for modifications to the agency’s 2003 TCPA regulations.
 
The ARM industry’s proposed changes sought clarification of the following issues: 
 
  • Consent requirements to use an auto dialer, prerecorded message, or artificial voice when contacting a consumer using their cellular number;
  • Revocation of consent requirements to use an auto dialer, prerecorded message, or artificial voice when contacting a consumer using their cellular number;
  • The definition of an automatic telephone dialing system (ATDS) and its alter ego, a manual contact system; and
  • Transferability of consent when a carrier reassigns a mobile number from one person to another. 
 
Unfortunately, not one of the amendments offered by the ARM industry was included in last year’s landmark legislation.
 
Notwithstanding this defeat, third-party debt collectors as well as organizations or businesses that call consumers need to understand the TRACED Act and how it may impact them. This is not because their calls should be placed in the same category as robocalls launched by bad actors, but because in its zeal to stomp out robocalls from the bad actors, Congress included legitimate calls in its regulatory web.
 
 

Summary of the TRACED Act’s Key Provisions

As outlined by Contact Center Compliance DNC.com, the main provisions of the TRACED Act are as follows:
 
  • Stopping Robocalls — The TRACED Act directs the FCC to take final action on its June 2019 Declaratory Ruling on Advanced Methods to Target and Eliminate Unlawful Robocalls.
  • SHAKEN/STIR — Service providers are required to implement SHAKEN/STIR, or Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR). These are authentication protocols for digitally validating a phone call as it passes through the complex web of telecom networks, allowing phone providers to verify that the call is actually coming from the party that appears to be placing the call.
  • Monetary Penalties — The FCC is authorized to assess penalties of up to $10,000 per call for violation with intent.
  • Statute of Limitations — The statute of limitations for a general violation is one year, while the statute of limitations for violation with intent is four years.
  • Protections from Spoofed Calls — The TRACED Act instructs the FCC to enact a rulemaking to “help protect a subscriber from receiving unwanted calls or text messages from a caller using an unauthenticated number.”
  • Report on Reassigned Number Database — Within a year of the date of enactment, the FCC must give a report to Congress on its progress in implementing its proposed official database of reassigned phone numbers.
  • Protection from One-Ring Scams — The FCC is required to “initiate a proceeding to protect called parties from one-ring scams.”
 
Each of these provisions requires careful analysis. The SHAKEN/STIR requirements alone present challenging call authentication protocols that will be fleshed out by the FCC over the next months and years and enacted in the form of new rules.
 
It would behoove members of the ARM industry to study any proposed rules published by the FCC and to file comments. For in the end, any violation of the TRACED Act could trigger a penalty as high as $10,000 per violation. Whether SHAKEN or STIRred, that’s one costly martini.
 
 

5 Things You Must Do to Mitigate Your Risks

We at Ontario Systems have closely monitored the robocall movement for several years. We’ve participated in work groups on behalf of various industries, advocated before the FCC, and monitored the TRACED Act legislation as it moved through both chambers of Congress. We’ve also conferred with our clients about their concerns with the TRACED Act.
 
Based on what we know, here’s what we recommend. If you communicate with consumers—whether you’re a third-party debt collector, credit issuer, healthcare provider, or Federal, State, or local government—you should seek the advice of independent legal counsel to determine exactly how the TRACED Act may impact your communications with consumers.
 
You should also consider the following next steps and ongoing practices: 
 
  1. Enhance consent and revocation of consent documentation per consumer and per number.
  2. Establish a process to pull reports on caller ID display on all outbound calls.
  3. Ensure outbound calls are made using numbers associated with the proper company.
  4. Monitor and analyze fraud and scam scores assigned by carriers to your outbound calls.
  5. Ensure all outbound calls comply with state, Federal, and client call restrictions.
 
For additional information about the TRACED Act and other contact/compliance management issues, visit Ontariosystems.com or reach out to me at Rozanne.andersen@ontariosystems.com.
 
 
 
 
 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2020 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Ready to Text in 2020?

Text messaging for collections is complicated. It’s also mission critical. Our brief ARM industry texting guide, newly updated for 2020, has the insights and advice you need to get your digital communications program up and running.

 

Don’t get left behind. Download your copy today!

Get the eBook
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

ARM Insights for 2020: Top 5 New Year’s Resolutions for Greater Collections Success

ARM Insights for 2020: Top 5 New Year’s Resolutions for Greater Collections Success

By Rozanne Andersen | Jan 9, 2020 | ARM

At the close of each year, I’m routinely asked to share new year’s predictions for the accounts receivable management (ARM) industry. Several publication editors have already asked me for my thoughts on what lies ahead in 2020.

 

This year, however, I’m steering clear of the predictions game.

 

With a Presidential election in sight, more than an average amount of chaos in Washington, and a stock market that seems impervious to political winds, I’m inclined to reflect upon what we do know rather than try to predict the unknowable.

 

One thing we know for sure: 2019 was a landmark year for the ARM industry.

 

  • The Consumer Financial Protection Bureau (CFPB) finally published its long-awaited proposed new rules for ARM debt collection.
  • With California as a cornerstone, privacy legislation swept the country.
  • Robo call practices were attacked with lightning speed by both houses of Congress (TRACED Act).
  • The credit and collection industry finally embraced digital communication technologies.
Big changes are underway, and the ARM industry is growing more complex by the day. Yet despite increasing regulatory limits and uncertainty, ARM decision makers have unprecedented opportunities to operate and compete more effectively.

 

The extent of your gains in 2020 and beyond will be determined by how well your business balances compliance, customer service, and operational efficiency. As you reflect on past wins and losses, consider these 2020 resolutions as the means to a more successful year.

 

Resolution #1: Read These Three Publications (and the Fourth if You Credit Report)

I highly recommend you set aside time to read these publications. They won’t change your life, but they may change how you approach your business.

 

  • The State of Third-Party Collections 2019: Challenges, Trends and Innovations (TransUnion) – This TransUnion Report (Copyright 2019, Transunion LLC) is the best in its class, and something that’s all too rare: an accurate, well-designed study about the third-party collections industry. Topics include relevant industry trends, collection operations and related outcomes, tools and technology, and consumer communications.  >>> Download the State of Collections 2019

 

  • CFPB Supervisory Highlights, Issue No. 18 (Winter 2019) and Supervisory Highlights, Issue No. 19 (Summer 2019) – In these reports, the CFPB shares its findings in the areas of UDAAPs, debt collection, credit reporting, and other markets subject to its supervision completed between December 2018 and March 2019 (Winter 2019) and between June 2018 and November 19 (Summer 2019). Understanding how the credit and collection industry’s chief regulator is interpreting and enforcing the law and directing remediations is a great way for you to learn what to stop doing and what you should start doing to improve your operations.  >>> Download Winter 2019 Supervisory Highlights   >>> Download Summer 2019 Supervisory Highlights

 

  • CFPB Supervisory Highlights, Consumer Reporting Special Edition (Aug 2, 2019) – Topics include the Fair Credit Reporting Act, supervision, credit reports and scores, identity theft and fraud, debt collection, banking, and financial service providers. In this special edition of CFPB Highlights, the CFPB focuses on the numerous root issues plaguing consumers and data furnishers alike.  >>> Download Supervisory Highlights Consumer Reporting Special Edition

 

Resolution #2: Reduce Your Head Count

According to the Transunion Report, the number of people employed by firms in the third-party collections industry is steadily declining. In 2007, these firms employed over 141,000 people; by 2016, that number had dropped to around 120,000.

 

While this contraction is partly the result of mergers, acquisitions, and firms exiting the market, it’s primarily driven by increasing adoption of automation and other efficiencies within existing firms. Inbound and outbound communication strategies, coupled with the use of self-service options for consumers, are already helping ARM businesses streamline operations, transition to a 24/7 service model, and increase profitability per full time equivalent.

 

The role of automation, and the extent of its use, will only grow in 2020. Firms that aren’t running lean risk getting left behind. This is one resolution you can’t afford to let slide.

 

Resolution #3: Move Up the Food Chain, and Walk Away from Out-of-Statute Debt

If you’re not collecting pre-charge-off debt, you’re behind the industry curve. More than two out of five collectors (42%) report that their company collects on pre-charged-off debt, and that number will likely continue to rise. Not only will this service increase the stickiness between your creditor clients and your firm, but if done properly, it will also allow you to sidestep the requirements of the Fair Debt Collection Practices Act.

 

if you’re collecting out of-statute debt, you’re playing with fire. It’s time to walk away for good. The CFPB plans to issue new rules for the collection of out-of-statute debt sometime in Q1 of 2020, and litigation over the verbiage required in collection notices as a condition of collecting out-of-statute debt remains strong.

 

Resolution #4: Watch the Expense Column, and Invest in Your Future

Sometimes, watching your expenses does not mean spending less. Rather, for third-party debt collectors, watching expenses means making sure you are spending money today on line items that prepare you for tomorrow.

 

If you Google the phrase “consumer delinquency rates,” you will see that consumer delinquency rates have remained at or slightly above pre-2008 Great Recession rates. Yet consumer debt is growing to worrisome levels. If history is any indicator, the credit bubble will burst yet again. You’ll want to be prepared.
“Ben Mohr, senior research analyst of fixed income at investment consultant Marquette Associates, calculated that total U.S. consumer debt hit $14 trillion in the first quarter of 2019, surpassing the roughly $13 trillion of leverage accumulated in credit cards, auto loans and mortgages and other debt back in 2008, when those souring loans and securities pegged to them helped to send global markets into a tailspin.” – Mark DeCambre, MarketWatch
There’s a clear message here for third-party debt collectors: prepare for a pending boon in the collection industry market, and start building the technology and compliance infrastructure needed to handle the increase in assignments.

 

The Transunion report reveals the following breakdown in tools and technology agencies are investing in today:

 

  • Manual skip tracing (80%)
  • Collection management software (77%)
  • Online payment portal (72%)
  • Toll-free number (63%)
  • Call recording (63%)
  • Letter vendor (57%)
  • Batch skip tracing (52%)
  • Consumer data (45%)
  • Compliance software (35%)
  • Predictive dialer (31%)
  • Interactive voice response (IVR) (21%)
  • Speech analytics (17%)
  • Other (7%)

 

ARM, collections, collection agencies

 

Resolution #5: Accept, Understand, and Embrace Real Time Payments (RTPs)

Waiting for an electronic funds transfer to clear or an ACH batch to upload and process overnight is, plainly and simply, old school. Fortunately, these scenarios may soon be relegated to the past.

 

For a number of years now, I’ve had the privilege of sharing breaking compliance stories within the collection industry. Today, I’m happy to be the first to announce this breaking story: the Federal Reserve and the National Automated Clearing House Association are well on their way to rolling out Real Time Payments (RTPs) in the U.S.

 

Real-time payment systems offer an instant, 24/7, interbank electronic funds transfer service that can be initiated through a variety of channels: smart phones, tablets, digital wallets, and the web.

 

Here’s how RTPs work. A low-value real-time payment request is initiated, enabling an interbank account-to-account payment fund transfer and secure transaction posting with immediate notification features. Posting funds are made immediately available—and by immediate, I mean within 30 minutes.

 

The introduction of RTPs in U.S. credit and collection markets will be a game changer. Make sure you’re prepared by learning all you can now and making the switch when the time comes.

 

Make 2020 a Year of Ambitious Goals and Even Greater Results

Exciting times lie ahead for the ARM debt collection industry. Even with rampant litigation raging through the consumer attorney bar, opportunities for thoughtful, resilient, nimble players (first- and third-party collection agencies, debt purchasers, and collection firms) abound.

 

At the heart of every success story in this industry is an eye toward a more efficient, profitable future and recognition of what it takes to get there: a dynamic technology infrastructure built on top of a robust compliance management system. With these strengths, you can operate efficiently, serve customers well, minimize daily compliance concerns, and become indispensable to your clients.

 

We’ve developed a roadmap of sorts to help ARM decision makers eliminate barriers to business success and accelerate their revenue and market gains. Read The ARM Ecosystem: Advancing Beyond Integration,” our free eBook, and you’ll learn how simple the process can be.

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2020 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Are You Ready to Text?

Take charge of compliance and start texting with confidence. This free eBook explains how.

GET THE EBOOK
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

Why Ransomware Is Serious Business (and How to Minimize the Threat)

Why Ransomware Is Serious Business (and How to Minimize the Threat)

By Rick Clark | Dec 17, 2019 | ARM, GOV, RCM

Everywhere you look these days, it’s in the headlines: another healthcare network, business, or government entity has suffered a debilitating ransomware attack. What used to be a curiosity is now a raging epidemic that shows no signs of slowing—and no sector is immune. By 2021, ransomware damages could cost the world $20 billion (57 times more than in 2015).
 
Even worse, cybercriminals are shifting their strategy. Not only are they demanding larger sums of money—from a few thousand dollars to upwards of $50,000 in just the past few years—but they’re increasingly targeting small and midsize businesses, which may be less sophisticated on the IT front and more willing to pay.
 
I recently sat down with Steve Lodin, senior director of cybersecurity operations/corporate security at Sallie Mae, to discuss this growing threat. We also offered advice for organizations looking to harden their defenses and prepare to respond in the event of an attack.
 
Here are a few highlights from our webinar, “Be Smart, Take Charge: What You Need to Know About Cybersecurity and Ransomware Prevention, Detection, and Response” (you can access the free webinar here).
 
 

How Does Ransomware Work?

Ransomware is malicious code that’s designed to encrypt files on an infected system or storage device to prevent the owner of the data from accessing it. Cybercriminals demand a ransom in return for a decryption key.
 
Ransomware can infiltrate in various ways. Among the most common are phishing emails containing embedded links and innocent-looking email attachments. Email attachments don’t have to contain ransomware code; once opened or downloaded, they can simply run additional code that instructs the host system to download ransomware code from a website.
 
Think about what this means. Among tens, hundreds, or thousands of employees, it takes just one person, one email, one visit to a malicious website. Once that ransomware code finds a vulnerability in the host environment, it can take over in short order.
 
Now, here’s the really bad news: paying these criminals doesn’t always bring data back. In fact, according to a 2017 study, only 26% of businesses that paid a ransom in 2017 received a decryption key. (Of those organizations that paid, 73% were attacked again.)
 
 

How Can You Protect Your Business and Limit the Fallout?

Every organization needs a three-pronged approach to effectively address the ransomware threat: prevention, detection, and response. You’ll want to begin with proactive measures that lessen your odds of a successful attack and limit your vulnerabilities when ransomware strikes.
 
 
SYSTEMS
  • Limit access to your systems, including local admin access (the principle of least privileges).
  • Ensure your system is patched, along with third-party apps like Adobe and Flash.
  • Secure the system with antivirus, anti-malware, and email security services that block known threats; implement tools that scan incoming emails or flag employee activity on known malicious websites.
  • Invest in good data backups.
  • Evaluate and monitor connections with third-party vendors. Allow access only as required for them to provide services, and only on network segments they need.
 
PEOPLE
  • Instruct employees to report suspected phishing emails.
  • Communicate with employees about current ransomware threats.
  • Test employees periodically with sample phishing emails and unfamiliar attachments to maintain awareness.
 
PLANNING
  • Create an incident response plan, ideally involving IT, legal counsel, internal and client communications, and forensic analysis; test and refine it regularly based on newly identified weaknesses and threats.
  • Invest in cybersecurity insurance, with a full understanding of what’s covered in the event of an attack.
  • Make sure vendor contracts include language requiring vendors to notify you within a short period of time of any attack on their systems. Know how to shut down connectivity quickly in case of attack.
  • Enhance your tech stack. An incident response manager tool will allow you to see how/where you’ve been compromised, act fast, and minimize the impact of a ransomware attack; a file integrity management solution can tell you whether any changes made were authorized by your existing change management system.
  • Make sure you have access to enough Bitcoin in case paying ransom is your only option; you might want to establish a Bitcoin account expressly for this purpose.
 
EMERGENCY RESPONSE
  • Check with law enforcement to determine your odds of recovering data. Depending on the type of ransomware deployed, you might be able to get a decryption key from the FBI’s database.
  • Perform a system analysis to determine what communications went outbound and what specific actions were taken on the system. These details will help you determine what gaps in your security stack need fixing.
 

Want to Learn More About Ransomware Preparedness?

If this post left you with more questions than you had before, you’ll want to tune into our recent webinar, “Be Smart, Take Charge: What You Need to Know About Cybersecurity and Ransomware Prevention, Detection, and Response.” You’ll learn more details about the ransomware threat and come away with more resources and specific tips you can use to better secure your systems and develop a thorough, effective response plan.
 
Don’t wait till ransomware strikes to understand what you’re up against and fortify your business. Access the free recording here, and start taking steps to minimize the threat.
 
 
 
 
 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2019 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Info and Insights You Won't Want to Miss

Here on the OS Blog, we aim to give you just the right mix of high-level views, tactics, and tools you can use to optimize your collection operations and results. Subscribe today for a steady stream of practical, empowering content delivered to your inbox weekly.

Subscribe to the Blog
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

For Leading Collection Agency, Ontario Reports™ Offers Simpler, More Sophisticated Reporting

Nov 25, 2019 | ARM, GOV, RCM

Asset Recovery Group (ARG), a premier collection agency with 5.8 million account records and a growing client base, was struggling to fulfill extensive reporting requirements and glean timely business intelligence from its FACS® database. ARG’s overburdened team needed a better way to build and share reports, but most available solutions were too complex and costly.

Recently, ARG discovered Ontario Reports™, an intuitive reporting tool that integrates seamlessly with its FACS system (and all Ontario Systems’ core receivables platforms). An easy five-minute installation led to huge gains in efficiency, reporting capabilities, and report quality.

Read More

How to Use Email and Text for Collections Without Getting Burned (Part 2)

How to Use Email and Text for Collections Without Getting Burned (Part 2)

By Rozanne Andersen | Oct 17, 2019 | ARM, RCM

 
If you read part 1 of this two-part blog series or listened to part 1 of our AccountsRecovery.net webinar “Email Is Hot, Texting Is Hotter: Don’t Be the First to Get Burned,” you might have found some of our comments surprising. Perhaps you left with more questions than you’d had going in. Or you wonder how in the world communicating compliantly via email and text—consistently, day in and day out—is even possible.
 
I understand completely. There’s no shortage of legal requirements and practical issues to wade through, and there’s a lot riding on your communication practices.
 
That’s why I’m here today with part 2. It’s based on my continuing discussion with David Kaminski, chair of the Consumer Financial Services Law Practice at Carlson & Messer LLP in Los Angeles. (Part 2 of the AccountsRecovery.net webinar is available here.)
 
Let’s dive straight into some of the webinar highlights.
 
 

Work Email Addresses and Mobile Numbers: Are They Safe to Use?

If a consumer provides you with a work email address or mobile number, you should tread carefully. These channels may not be fully under the consumer’s control. If the consumer ends his or her employment, he or she could miss important communications. If a current or previous employer monitors or accesses email or text messages, you run the risk of third-party disclosure.
 
Here’s what David and I recommend:
 
  • Always ask consumers for personal contact information. Your best bet, legally speaking, is to minimize the number of work accounts your organization uses for collection-related communications.
  • Get consumers to agree to notify you if their employment status changes. If your terms and conditions are detailed enough, and the consumer assumes responsibility for keeping you informed, you’ll have done your part to ensure the integrity of the collections process. This will afford a good measure of protection in the event of a legal claim.
 
“So if that consumer had given you consent . . . but now you’ve added in the additional wrinkle of the fact that the person has left the office. She’s no longer there, but they’re monitoring her email. They open the email, and therefore the company gets the . . . analytic results saying, ‘I sent my 1692g notice.’ [ . . . ] Did she receive the notice, or did she not?” – David Kaminski
 
 

Text Messages: Navigating Carrier Demands, Consumer Expectations, and the Law

The Cellular Telephone and Internet Association (CTIA) is a self-regulatory body that represents mobile service providers and other industry organizations. The CTIA has its own messaging principles and best practices, but they’re not legally binding. You can’t be sued for violating them.
 
Still, it’s important to comply with CTIA guidelines so you know your texting practices align with carrier and consumer expectations.
 
  • Use simple, straightforward language. Consumers must fully understand anything they’re signing up to receive. Opt-in mechanisms must be clear, and when consumers unsubscribe, they must receive an acknowledgement of the action.
  • Be careful with abbreviations. Acronyms can’t spell out inflammatory words (I’d call this one a no-brainer).
  • Terms and conditions are essential. By getting a consumer to agree to terms and conditions upfront, you can effectively nullify gaps and inconsistencies between CTIA and Fair Debt Collection Practices Act (FDCPA) requirements.
 

E-Sign: How It Applies, and How to Comply

A consumer’s E-Sign consent gives debt collectors permission to substitute electronic delivery for snail mail delivery of legally required written documents. You don’t need E-Sign consent to email or text a consumer everyday collection-related communications such as paid-in-full statements, responses to balance inquiries, payment receipts, etc.
 
However, you DO need to obtain a consumer’s E-Sign consent before you may deliver legally required written documents and disclosures to the consumer electronically. Examples of legally required written documents and disclosures include post-dated payment reminders, validation notices not provided in initial consumer communications, and copies of Reg E recurring electronic funds transfer authorizations.
 
FACT: Obtaining E-Sign consent is a two-step process.
First, you must inform the consumer of his or her rights. There are several ways to inform consumers of their E-Sign rights:
 
  • During a recorded conversation with the consumer;
  • In an email;
  • In a text message;
  • In a writing;
  • On a website. 
 
Second, you must ask the consumer to demonstrate his or her ability to access the email address or use the mobile number he or she provided you for E-Sign purposes to receive legally required notices and disclosures.
 
The consumer can demonstrate his or her ability by: 1) sending you a text message or keyword using the mobile number they provided you for E-Sign; or 2) replying to an email or text message you sent to the email address or mobile number they provided you in connection with their E-Sign consent.
 
E-Sign consent takes effect only after the consumer has consented to using a particular channel (email or text) AND has demonstrated he or she can use that particular email address or mobile number.
 
FACT: An initial communication that includes the 1692g validation notice DOES NOT trigger the E-Sign requirement.
This is because there is no writing requirement in play for the initial communication. Section 1692g of the Fair Debt Collection Practices Act (FDCPA) makes clear you only need to “send” the consumer the validation notice [in writing] if you DID NOT provide it in the first communication (e.g., in the body of an email or verbally in a phone call) or if the consumer has already paid the debt.
 
Since E-Sign consent is required only for notices and disclosures that must be provided to the consumer in writing as a matter of law, it does not apply to the validation notice provided in the first communication.
 
FACT: A communication subsequent to the initial communication with the consumer DOES trigger the E-Sign requirement.
This is because the FDCPA imposes a writing requirement on a validation notice if it’s provided in a communication subsequent to the initial communication.
 
For example, if your first communication with the consumer was a text or phone call and you did not include the 1692g validation notice in that communication, you must send the consumer the validation notice within five days of that communication. In this context, the word “send” means by first class or certified mail with return receipt requested.
 
If you would prefer to email or text the written validation notice to the consumer, you may substitute the U.S. Postal Service mail delivery method with a digital delivery method if you first obtain the consumer’s E-Sign consent to do so.
 
Just remember: if you have an initial communication with the consumer that did not include the validation notice, you would be legally required to obtain E-Sign consent within the five-day window and electronically deliver the validation notice or link to the validation notice within the same five-day window.
 
If you fail to obtain the E-Sign consent, the validation notice is not opened, or the link to the validation notice in the email is not clicked within the five days of that initial communication, you must send the validation notice to the consumer using first class U.S Postal Service mail delivery.
 
TIP: To obtain proper E-Sign consent, provide detailed information and terms and ask for a response.
To obtain E-Sign consent properly, you’ll need to specify, among other things, the scope of consent (e.g., all active accounts now and in the future), the option to withdraw at any time, hardware and software requirements, whether any fees apply, instructions for obtaining paper disclosures, how to update contact information, and how to reach an agent.
 
When you send disclosures and terms, request a response (for example, “text YES”) so you can confirm the validity of the email address or mobile number and lock down the consumer’s formal consent.
 
TIP: Always confirm receipt of legally required documents.
There is no mailbox rule for electronic communications. Once you hit “send,” be sure to verify receipt via analytics. You can ask consumers to verify receipt themselves, but having indisputable proof on your end is essential legal protection for your business. Remember to verify open rates of emails as well as any links you use to provide information to the consumer.
 
“Revocation is that word that I think is so important in this whole context . . . . Anytime someone withdraws consent, whether you believe they did that in the proper manner . . . once that’s communicated, the best and safest course to minimize your risk is to honor that and comply with it.” – David Kaminski
 

Recommended Reading From Our Resource Library

Email and text may seem daunting, but you can implement an omnichannel communications strategy with confidence. It’s easier than you think, especially with compliance-minded tech that streamlines collection operations while safeguarding your business by helping prevent noncompliant communications.
 
If you’re eager to distinguish your service and strengthen your market position via consumer-friendly electronic communications, here are a few resources we recommend for further reading:
 
 
 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2019 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Info and Insights You Won't Want to Miss

Here on the OS Blog, we aim to give you just the right mix of high-level views, tactics, and tools you can use to optimize your collection operations and results. Subscribe today for a steady stream of practical, empowering content delivered to your inbox weekly.

Subscribe to the Blog
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

How to Use Email and Text for Collections Without Getting Burned (Part 1)

How to Use Email and Text for Collections Without Getting Burned (Part 1)

By Rozanne Andersen | Oct 8, 2019 | ARM, RCM

Is communicating via email and text still a pipe dream for your collection operations? If so, you might want to settle in and keep reading. It really isn’t as scary as you might expect.
 
Despite the high costs and marginal returns of relying on phone calls and printed letters, many ARM agencies and healthcare providers have yet to embrace email and text. Widespread confusion and uncertainty about various state and federal requirements (including the proposed CFPB rules and E-Sign) can make digital communication an intolerable compliance risk.
 
I recently had the pleasure of discussing email and text compliance standards as well as their practical implications for businesses with David Kaminski, chair of the Consumer Financial Services Law Practice at Carlson & Messer LLP in Los Angeles. Although we weren’t in a position to offer legal advice, our goal was to help listeners better understand the laws governing electronic channels so they can move forward with greater confidence.
 
Here are a few of the topics David and I covered in detail during part 1 of our two-part AccountsRecovery.net webinar, Email Is Hot, Texting Is Hotter: Don’t Be the First to Get Burned.”
 
 

Legally Speaking, Emails are Considered Writings

Emails are writings. If sent to a consumer by a third-party debt collector, emails must comply with the  Fair Debt Collection Practices Act (or FDCPA). If the email communication pertains to healthcare debt, the Health Insurance Portability and Accountability Act (HIPAA) applies.
 
Emails trigger compliance with the CAN SPAM Act as well, meaning they must (among the law’s other requirements) include an opt out or unsubscribe provision. Emails must also include any state-required disclosures and special verbiage requirements.
 
There is no legal requirement per se to obtain the consumer’s consent to email. This means third-party collection agencies may rely on client-provided email addresses. Just remember to include the required opt out/unsubscribe language in the body of every consumer-facing email and, as a routine practice, ask consumers to confirm their consent for you to email the particular address.
 
Whether you’re sending legally required documents via email or text, you’ll need E-Sign consent (more on that below).
 
 

Legally Speaking, Text Messages are Considered Calls

Text messages are calls. As such, texts must comply with the requirements of the Telephone Consumer Protection Act (TCPA). The TCPA requires the “calling” party to obtain the express prior consent of the consumer associated with the mobile phone number.
 
The TCPA is not limited to debt collection calls. In fact, it applies to any person placing a call or text to a consumer using the consumer’s mobile number. As is the case with emails, text messages sent to a consumer by a third-party debt collector must comply with the FDCPA.
 
Text messages initiated by a third-party debt collection agency are subject to call restrictions and auto dialer rules, and frequency of delivery can run afoul of state harassment laws and FDCPA laws. If you don’t have TCPA-mandated consent, you may be subject to legal action. Even prior verbal consent is fine, as long as you record it for legal purposes.
 
Mobile numbers are often reassigned, so consider the source of the number you’re using and the currency of the information to gauge the risk of third-party disclosure. Certain technologies can determine whether a mobile number has been deactivated or ported and, if so, block any further text communications.
 
As a practical matter, both emails and text messages may contain links to secure URLs and must encrypt data at rest and in transit.
 
 
“People think, ‘If I’m sending an email, I’m not really bothering anybody, they can get an email anytime. Although Federal and state call time restrictions do not apply to emails, excessive emailing could be viewed as harassment and cause the agency to be blacklisted.” – David Kaminski
 

When and How Does E-Sign Apply?

Informal consent and formal consent (E-Sign) come into play at different times, depending on the nature of the communication. Informal consent relates to getting the consumer’s permission to use email or text to relay basic information—payment receipts, account balance, verifying a payment plan, etc. Formal consent, or E-Sign, is needed for all legally required notices.
 
For an initial communication—which you would use to introduce your organization and purpose, confirm you’re dealing with the correct person, and secure permission to use that channel—E-Sign is not needed. You’re free to send your 1692G notice in that first communication. But for validation notices and other legally required documents not included in the initial communication (a post-dated payment notice, for example), E-Sign is a must.
 
“E-Sign has been an enigma for so many of you. Everyone has come up to me and said, ‘What is this E-Sign? I don’t really understand it. People throw it around like a frisbee.’ Rozanne and I are going to really lay out what it is, what it means, what you need to be concerned about, and how to launch your program.” – David Kaminski
 
 

What Should Collectors Consider When Crafting Emails and Texts?

You’ll need to think carefully about how emails and texts are worded and what they will include. Even the most (seemingly) minor details can mean the difference between a positive, productive interaction and a costly legal challenge.
 
For emails, you’ll want to include your true name in the “From” field (an attorney might advise you to use a DBA), keep subject lines simple and professional (e.g., “Your [Creditor Name] Account,” “Your Payment Date”), and avoid any verbiage that might trigger a spam filter.
 
Text messages must include certain disclosures as required by the Cellular Telephone and Internet Association (CTIA). Short codes can be used in text messages to allow consumers self-service options such as accessing account information, making payments, and communicating with you. Avoid using words that could be confusing, misleading, or inflammatory. If you don’t have prior written consent, including any type of marketing or solicitation in a text message can land you in hot water.
 
“Just be careful when you’re rolling out the language that you’re going to be using in your text messages to consumers. Make sure you’re not using something that will mislead, misrepresent, or potentially even harass the consumer, especially when you’re looking at federal and state laws.” – David Kaminski
 
 

Coming Up: Creating the Right Setup for Compliant Emails and Texts

In the second half of this blog series, I’ll recap the rest of my discussion with David about emails and texts—particularly when it comes to technology and what you’ll need to launch a program you can trust. Stay tuned for more actionable insights from our two-part webinar, Email Is Hot, Texting Is Hotter: Don’t Be the First to Get Burned.”
 

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2019 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

Info and Insights You Won't Want to Miss

Here on the OS Blog, we aim to give you just the right mix of high-level views, tactics, and tools you can use to optimize your collection operations and results. Subscribe today for a steady stream of practical, empowering content delivered to your inbox weekly.

Subscribe to the Blog
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

Data Privacy and Security: What’s Next for Debt Collectors?

Data Privacy and Security: What’s Next for Debt Collectors?

By Rozanne Andersen | Oct 3, 2019 | ARM

Data privacy and data security are two very hot topics in the ARM industry today. The California Consumer Privacy Act (CCPA) is set to take effect in January 2020, with additional privacy bills now pending in at least 25 states. Meanwhile, cyber crimes involving consumers’ personal data are growing in number, size, and sophistication.

While ARM business leaders are rightly focused on these issues, many are uncertain about the true nature and extent of their compliance and security risks. They’re also not sure how to manage these risks effectively.
 
Recently, I had the privilege of joining two distinguished industry colleagues for a panel discussion about data privacy and security: Odia Kagan, partner and chair of the GDPR Compliance and International Privacy division at Fox Rothschild LLP; and Ben Johnson, director of risk management for Cornerstone Support.
 
Here are some, but not all, of the major issues and topics we addressed (you can access the full webinar here).
 
 

Data privacy: Understanding and Preparing for the CCPA

The CCPA applies to any business or service provider that collects personal data, determines the purpose and means of data use, or controls or is controlled by such a company.
 
Starting January 1, 2020, the CCPA will grant California residents certain rights pertaining to personal data collected since January 2019 (a 12-month look-back window). Residents will be able to file claims for data access or deletion or for an opt out. Companies subject to the CCPA will have 45 days to respond.
 
Types and uses of data covered under the law run the gamut. Personal data can include everything from Social Security numbers and birth dates to lead generation activity, online browsing history, and interactions with mobile apps.
 
 
“Information like name, email address, collections history, purchase history, payment history, and determinations that you make off this (this person is likely to pay on time, they’re not likely to pay on time)—all of those things were not considered personal information in the traditional sense under U.S. law. That all has changed.” – Odia Kagan
 
Your business may be in scope if you do business in California and meet the minimum business thresholds listed below.
 
For purposes of CCPA compliance, doing business in California means:
 
  • Your headquarters are in California;
  • Your employees are in California;
  • Your company is incorporated in California;
  • Your company satisfies the definition of a California foreign entity; or
  • You conduct out-of-state sales or transactions into California.

 

Minimum business thresholds are defined as:

 

  • You conduct business activities in California and your annual revenues exceed $25 million;
  • You’re involved with personal data of more than 50,000 consumers, households, or devices (this could even include unique blog visitors); or
  • Sales of personal information—including value acquired from its use (via data analytics, for example)—accounts for at least 50% of your annual revenues.
 
To better understand how CCPA might affect your business and to prepare for its impact, you’ll want to take the six important steps Odia outlined in detail:
 
  • Map your data flows and processes
  • Determine your role under the law (independent business, service provider, or vendor)
  • Look carefully at legal purpose as well as GLBA and FCRA exemptions and whether they apply
  • Determine how you’ll comply with consumer requests within the required 45-day window
  • Reevaluate your internal processes
  • Plan for CCPA disclosure
 
 
“So it’s basically looking at processes, looking at the information, seeing how [you] get to it, how [you] can produce it. Then the other question is, ‘Once I know how to collect all of this information, how do I provide the disclosure that CCPA requires me to provide along with all the information I am giving?’” – Odia Kagan
 
 

Data security: Reducing the Risk and Impact of Cyber Crime

As Ben reminded us, cyber crime has been called “the greatest transfer of wealth in history.” The exchange of consumer data via ID theft, phishing, hacking, etc. has been compared with the global drug trade and is estimated to be worth as much as a trillion dollars per year.
 
Guarding against breaches and developing a breach response plan are essential for managing risk and minimizing disruption, financial losses, and potential harm to client relationships.
 
 
Have a specific plan in place
In a security breach “fire drill,” you should know whom to call and what steps to take. Ben recommends, among other things, a cyber liability insurance policy (with full limit breach notification response), an established reporting process, and discussions with a claim adjuster and legal counsel. A breach response should also include forensic analysis to assess the source and extent of the damage.
 
 
“Some of you saw there was a high-profile breach in the collection space earlier this year. One of the things that came out . . . was that maybe they took a little bit longer to get a plan in place and respond. And so at times, that can make the cost even greater or the damage even greater.” – Ben Johnson
 
 
Monitor operations in real time
Many companies enlist a dedicated third-party provider to monitor operations and flag any security weaknesses and unusual activity. Identifying problems early on will allow you to limit or compartmentalize the damage.
 
 
Change the way you store old data
Many high-profile breaches have involved personal information that dates back 10 or more years. Storing too many old records is a serious potential liability. By encrypting older files and offloading them to an external (ideally cloud-based) server, you can effectively make the data worthless to hackers and avoid triggering notification responses.
 
 
“[Data] almost was seen as a . . . valuable asset—to have all this data, all of this knowledge, all of this experience. And secondly, data storage is relatively cheap. So another year goes by, another million records go on the server. [ . . . ] I think as an industry, collectively, we’ve really got to start sharing best practices, talking about what we’re doing to get old files offloaded.” – Ben Johnson
 
 

For More Answers and Advice, Catch the Complete Webinar

During our panel discussion, Odia and Ben covered a lot of territory. They offered detailed insights on the above topics and raised a number of other issues ARM business owners need to consider. “Straight Talk About Privacy, Security, and Cyber Liability for Debt Collectors” is one webinar you won’t want to miss. Download and view it today.
 

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2019 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....

CFPB Proposed Rules: 6 Debt Collection Practices Consumers Hope to Prevent

CFPB Proposed Rules: 6 Debt Collection Practices Consumers Hope to Prevent

By Rozanne Andersen | Sep 25, 2019 | ARM

The ARM industry and consumers see the CFPB’s proposed rules through very different lenses. Collection agencies are trying to get ahead of what may be the final rules so they’re ready to comply, while consumers are demanding clear, unequivocal protection from potential harassment and abuse.
 
Despite the CFPB’s best intentions and the commendable work it has done, its interpretation of the Fair Debt Collection Practices Act (FDCPA) isn’t exactly as either group had hoped.
 
For agencies, there are still open questions about how and when they can communicate with consumers across multiple channels without triggering complaints and legal action. For consumer advocates, the rules provide little reassurance and, if anything, give them new reasons to worry.
 
 
Consumer expectations alone do not create new legal requirements under the law, but creditors expect the agencies they enlist to treat consumers fairly.
 
For ARM businesses looking to become customer service and industry leaders, understanding how consumers view the proposed CFPB rules and why should be of utmost importance.
 
 
I recently sat down with my longtime friend Margot Saunders, senior counsel for the National Consumer Law Center and a former managing attorney for the NCLC office in Washington, D.C. We shared our perspectives on the CFPB’s proposed rules, and Margot raised a number of issues she believes the rules fail to address or, in some cases, create on their own.
 
 
 

1.  Confusion Over the Need for E-Sign Consent for All “Required Disclosures”

Consumers do not oppose the use of electronic delivery of written communications per se, but they do expect E-Sign to be followed, particularly when it comes to the electronic delivery of required disclosures.
 
This is a big point of contention for consumer advocates, who argue that sending writings to an email address previously used without having to verify consent or receipt of the message is wildly unfair. They hope the CFPB addresses the apparent E-Sign loophole that allows collectors to choose whether to comply, even when emailing validation notices.
 
 
“The new rules should not deviate from the statutory requirements of E-Sign. Regardless of what the statute says, you always must make sure that validation notice is sent either in paper form by snail mail or by email after receiving some kind of E-Sign consent from the consumer.” – Margot Saunders
 
 

2.  Excessive Calling, Unlimited Texting

The proposed rules allow for a high number of calls, as call caps are per debt (not per consumer), and there is no limit to the number of texts an agency can send. The rules appear to grant ARM businesses safe harbor from legal claims as long as they don’t exceed call caps—even if they place dozens of calls per week to a single consumer. To Margot and others, the CFPB has failed consumers in this regard.
 
 
“The rule does permit consumers to say, ‘Stop calling or stop texting or stop communicating with me via any particular medium,’ and we think that’s good. We’re a little disappointed there’s not some requirement to tell consumers they have that right.” – Margot Saunders
 
 

3.  Sending Emails and Hyperlinks Without Taking Internet Access Into Account

Millions of families access the internet only through their smartphones and have limited Wi-Fi access. For consumer advocates, this raises concerns about whether emails are received, hyperlinks are accessible, and information can be read on a small screen.
 
Consumer advocates believe the proposed rules effectively treat a lack of response to an email as consent, which Margot calls “an absurd proposal,” since emails are presumed received when they may not be.
 
 
“Tricking the consumer into paying something or having to respond to a garnishment notice because they missed all the prior notices isn’t good policy.” – Margot Saunders
 
 

4.  Texting for Non-Writing Communications

Consumer advocates fear collectors will send texts, and communicate back and forth, without knowing whether they’re engaging the right consumer. If the wrong consumer responds with a request to verify the debt, collectors may reveal personal or account-related information and violate consumers’ privacy.
 
 
“We’re proposing in our comments that for the original communication . . . texts comply with the reassigned number database to ensure they are actually dealing with [the right consumer].” – Margot Saunders
 
 

5.  Sending Limited Content Messages

The concept of a limited content message—a voicemail message, for example, or even a message left with a live person—is, to Margot and others, “nonsense.” Not only do consumer groups believe these messages go far outside of legal bounds, but they wonder why voicemails are even necessary in an age of smart phones and electronic communications.
 
 
“In my opinion, and the opinion of my colleagues and a lot of other people, there is no statutory authority for the Bureau to authorize communication that is not covered under the rules for all communications.” – Margot Saunders
 
 

6.  Threatening to Sue to Recover Out-of-Statute Debts

There is a possibility under the proposed rules that consumers could be persuaded to revive an old debt and then be threatened with a lawsuit (despite existing laws against such behavior), as the proposed CFPB rules don’t require agencies to notify consumers of their rights/risks related to out-of-statute debt. In addition, consumers would have a hard time proving that a years-old debt had, in fact, been paid off.
 
 
“We think it’s very hard to imagine why the new rules do not contemplate a disclosure that appropriately apprises the least sophisticated consumer of the risks of paying an out-of-statute debt. This proposed rule goes backwards in allowing threats of litigation or actual litigation.” – Margot Saunders
 
 

Tune in to Hear Both Perspectives

During my conversation with Margot, I shared my own legal and practical interpretations. At times, we engaged in a healthy debate. But Margot and I were in complete agreement that agencies must protect consumers from unfair practices. Where clear boundaries and directives are lacking, we’re both actively advocating for change.
 
If you want to better understand what consumers expect, and reevaluate your communications strategy in that light, I encourage you to take a listen to this informative discussion. You can download the free webinar here.
 

 

Disclaimer: Ontario Systems is a technology company and provides this blog article solely for general informational and marketing purposes. You should not rely on the content of this material for any other purpose or as specific guidance for your company. Ontario Systems’ advice, services, tools and products described herein do not guarantee compliance with any law or industry standard. You are ultimately responsible for your own company’s actions and compliance efforts. Because everyone’s situation is different, you must consult your own attorneys, accountants, and/or other advisors to obtain specific advice on your company’s compliance, legal, tax, regulatory and/or other business needs. Despite Ontario Systems’ efforts to provide current and up-to-date information, you need to recognize that the information contained herein may become outdated quickly and may contain errors and/or other inaccuracies.

© 2019 Ontario Systems, LLC. All rights reserved. Information contained in this document is subject to change. Reproduction of this publication is not permitted without the express permission of Ontario Systems, LLC.

An All-In-One Solution

What does it take to communicate with consumers on their terms, comply with changing rules, and keep operating costs low? Cloud-based contact management, fully integrated and automated, holds the key. Learn more about the all-in-one platform that can transform daily operations, customer service, and collection results.

Learn More
ARM Industry Leaders, Why Aren’t You Texting?

ARM Industry Leaders, Why Aren’t You Texting?

By Mike Meyer | Jan 29, 2020 | ARM

This is the first post in a new blog series highlighting the importance of text messaging for debt collections and what ARM businesses need to stay compliant.   Text messaging for debt collections might seem like a bridge too far. But it’s entirely within reach today....