TM Obtaining Optimum Compliance Performance Foundational Training on ACA’s Professional Practices Management System (PPMS TM) © 2014 ACA International. All Rights Reserved. Obtaining Optimum Compliance Performance This information is not to be construed as legal advice. Legal advice must be tailored to the specific circumstances of each case. Every effort has been made to assure that this information is up-to-date as of the date of publication. It is not intended to be a full and exhaustive explanation of the law in any area. This information is not intended as legal advice and may not be used as legal advice. It should not be used to replace the advice of your own legal counsel. © 2014 ACA International. All Rights Reserved. TM Course Outline Federal Compliance State Law Compliance Compliance Resources © 2014 ACA International. All Rights Reserved. Areas to Examine Federal Compliance Fair Debt Collection Practices Act (FDCPA) Fair Credit Reporting Act (FCRA) Bankruptcy Gramm-Leach-Bliley Act (GLBA) Telephone Consumer Protection Act (TCPA) Health Insurance Portability and Accountability Act (HIPAA) Servicemembers Civil Relief Act (SCRA) © 2014 ACA International. All Rights Reserved. Federal Compliance - FDCPA FDCPA Areas of Risk Communications Disputes Prohibited Practices © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications Communications with Consumer Oral Written Electronic Communications with Third Parties Authorized Third Parties Unauthorized Third Parties © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications with Consumer Oral Communications Mini-Miranda requirements Overshadowing Element 8 – Process control Element 11 – Identification of non-conformity Hours allowed to contact Element 5 – Purchasing © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications with Consumer Written Communications Validation Notice Verification Element 13 – Handling, Storage, Preservation, & Delivery Mini-Miranda Element 15 – Internal Management Audits Element 9 – Inspection & Testing Overshadowing Element 12 – Corrective Action, Preventive Action & Continuous Improvement © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications with Consumer Electronic Communications E-mail Web site Element 8 – Process Control Element 13 – Handling, Storage, Preservation, & Delivery Caller ID Element 3 – Review of Client Issues © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications with Third Parties Authorized Third Parties Spouse (sometimes) Attorney for consumer Element 14 – Management of Records/Data Element 7 – Data Identification & Traceability Parent of minor consumer (sometimes) Element 16 - Training © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications with Third Parties Authorized Third Parties (cont’d) Guardian Executor/administrator Element 6 – Control of Client & CustomerSupplied Data Element 13 – Handling, Storage, Preservation, & Delivery Attorney for creditor or debt collector Element 8 – Process control © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Communications with Third Parties Unauthorized Third Parties Consumer Credit Counseling Services Power of Attorney Element 12 – Corrective Action, Preventive Action & Continuous Improvement Element 16 – Training Employers and Others Element 14 – Management of Records/Data © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Disputes Oral Disputes Element 2 – Management Systems Written Disputes Element 6 – Control of Client & CustomerSupplied Data © 2014 ACA International. All Rights Reserved. FDCPA Areas of Risk: Prohibited Practices Section 806 – Harassment or abuse Section 807 – False or misleading representations Section 808 – Unfair practices Element 8 – Process Control Element 11 – Identification of non-conformity Element 12 – Corrective Action, Preventive Action & Continuous Improvement Element 16 – Training © 2014 ACA International. All Rights Reserved. Federal Compliance - FCRA FCRA Areas of Risk Data Furnishers Disputes Permissible Purpose Identity Theft © 2014 ACA International. All Rights Reserved. FCRA Areas of Risk: Data Furnishers Date of delinquency Accurate and complete information Element 6 – Control of Client & CustomerSupplied Data Element 4 – Document and Data Control Report disputes Element 12 – Corrective Action, Preventive Action & Continuous Improvement © 2014 ACA International. All Rights Reserved. FCRA Areas of Risk: Disputes Disputes from Consumer Written Oral Element 13 – Handling, Storage, Preservation, & Delivery Element 7 – Data Identification & Traceability Disputes from CRA Element 8 – Process Control © 2014 ACA International. All Rights Reserved. FCRA Areas of Risk: Permissible Purpose Review or Collection of an Account Employment Purposes Element 9 – Inspection & Testing Element 14 – Management of Records/Data Legitimate Business Need Element 11 – Identification of nonconformity © 2014 ACA International. All Rights Reserved. FCRA Areas of Risk: Identity Theft Required Consumer Notices Element 9 – Inspection & Testing Duty to Update CRA(s) of ID theft notice Element 8 – Process Control © 2014 ACA International. All Rights Reserved. Federal Compliance Bankruptcy Bankruptcy Areas of Risk Automatic Stay Discharged Debt © 2014 ACA International. All Rights Reserved. Bankruptcy Areas of Risk: Automatic Stay Actual vs. Constructive Notice Element 6 – Control of Client & CustomerSupplied Data Ceasing Collection Activity Element 16 – Training © 2014 ACA International. All Rights Reserved. Bankruptcy Areas of Risk: Discharged Debt Cease Collection Attempts Element 8 – Process Control Update Credit Reports Element 12 – Corrective Action, Preventive Action & Continuous Improvement © 2014 ACA International. All Rights Reserved. Federal Compliance - GLBA GLBA Areas of Risk Privacy Rule Safeguards Rule © 2014 ACA International. All Rights Reserved. GLBA Areas of Risk: Privacy Privacy Notice and Opt-Out Policy Element 7 – Data Identification and Traceability Annual Notice Element 14 – Management of Records/Data © 2014 ACA International. All Rights Reserved. GLBA Areas of Risk: Safeguards Develop, Implement and Maintain Written Security Program Element 2 – Management System Contract Requirements Element 11 – Identification of nonconformity © 2014 ACA International. All Rights Reserved. Federal Compliance - TCPA TCPA Area of Risk Use of ADADs/Prerecorded Messages © 2014 ACA International. All Rights Reserved. TCPA Areas of Risk: ADADs/Prerecorded Messages Identification Requirements Element 10 – Inspection & Test Status Calling Wireless Numbers Element 5 – Purchasing © 2014 ACA International. All Rights Reserved. Federal Compliance - HIPAA HIPAA Areas of Risk Privacy Rule Security Rule © 2014 ACA International. All Rights Reserved. HIPAA Areas of Risk: Privacy Rule Covered Entity vs. Business Associate Business Associate Agreements Element 3 – Review of Client Issues Minimum Necessary Requirement Element 2 – Management System Element 7 – Data Identification and Traceability Commingling Data Element 4 – Document and Data Control © 2014 ACA International. All Rights Reserved. HIPAA Areas of Risk: Security Rule Develop and Implement Security Measures Element 2 – Management Systems Maintain and Monitor Security Measures Element 9 – Inspection & Testing © 2014 ACA International. All Rights Reserved. Federal Compliance – SCRA Areas of Risk Adverse Action Interest Rates Element 16 – Training Element 7 – Data Identification & Traceability Legal Actions and Statutes of Limitations Element 11 – Identification of non-conformity © 2014 ACA International. All Rights Reserved. Areas to Examine State Compliance Areas of Risk License or Registration Bond requirements Communication requirements/restrictions Trust account requirements © 2014 ACA International. All Rights Reserved. State Areas of Risk: License or Registration Main and/or branch office Collection Manager Element 5 – Purchasing Element 3 – Review of Client Issues Individual Collectors Element 13 – Handling, Storage, Preservation & Delivery © 2014 ACA International. All Rights Reserved. State Areas of Risk: Bond Requirements Statutory Element 5 – Purchasing Client Contract Element 3 – Review of Client Issues © 2014 ACA International. All Rights Reserved. State Areas of Risk: Communication Requirements/Restrictions Hours to contact Frequency of contacts Element 14 – Management of Records/Data Contacts at PoE Element 13 – Handling, Storage, Preservation & Delivery Element 16 – Training Recording conversations Element 9 – Inspection & Testing © 2014 ACA International. All Rights Reserved. State Areas of Risk: Communication Requirements/Restrictions Adding fees/interest Element 6 – Control of Client & CustomerSupplied Data Special text requirements Element 9 – Inspection & Testing © 2014 ACA International. All Rights Reserved. State Areas of Risk: Trust Account Requirements Commingling funds Element 14 – Management of Records/Data Remittance Element 8 – Process Control © 2014 ACA International. All Rights Reserved. Areas to Examine Compliance Resources ACA website Campus ACA™ ACA International Publications FDCPA Guide FCRA Guide State Guide Statutory Penalties Guide HIPAA Implementation Guide and DVD © 2014 ACA International. All Rights Reserved. Thank You! ACA International Compliance Department http://www.acainternational.org/compliance © 2014 ACA International. All Rights Reserved.