I have hesitated to write about compliance because let’s be honest…while critical to a successful debt management operation, it is not the most glamorous topic. I do not know anyone who ever said, “Oh goody, I’m spending next week with my regulators.”
Compliance across the myriad of regulations can be a daunting task. In debt management, leaders usually focus their attention on several areas:
- Employee conduct/employee error
- Breach of private data
- Technology and business process/control risks (e.g., automation risks, robotics, AI)
- Physical events (e.g., natural disasters)
As you look over this list, the question is: How confident are you to have the visibility, controls, and remediation in place to address these compliance issues?
Employee conduct/employee error
One of the riskiest and least detectable compliance risks is employee conduct or error. How do you ensure that all your collectors know and adhere to an ever-growing list of regulations? Does your current solution allow you to script both training and compliance into the collection work screen? Can your system prohibit your collector from taking any action before acknowledging they have executed a required compliance action such as a mini-Miranda or identity validation? If not, it is time to consider moving to a solution that supports your compliance efforts!
Breach of private data
By the time a data breach happens, you may be subject to not only significant fines but also may find yourself on the 6 pm news defending your company’s reputation! Some employers have banned mobile phones in their call center so employees cannot take screenshots of customer data. But the most significant risk lies in your various applications. How secure is the data across your applications? Is your collections system assured to a recognized information security standard such as PCI DSS or SOC2? Your customers count on you to protect their data. Can you count on your system to protect you?
Technology and Business Process/Control risks (e.g., automation risks, robotics, AI)
Technology is a blessing and a curse. It has allowed us to create great efficiency within our collections operations. I am old enough to remember collecting accounts from three-by-five cards, dialing each phone number manually, and handwriting the notes on the back! Technology has certainly allowed us to gain much-needed productivity, but it comes at a price.
Technology advances allow collections leaders to create automation in ways we never thought possible. But with automation, the use of robotics – and in increasing ways – the use of AI, there is a higher than ever level of complexity within your operation. The need for compliance oversight is at an all-time high. With technology automating how you interact with your customers, how confident are you that your automation is not having unintended consequences? How simple is it for you to validate your automation, and make revisions in near real-time to address any concerns? Does your collections system have a complete audit trail whereby you can easily identify each step taken in a customer’s journey?
Compliance with business processes and controls goes hand in hand with technology monitoring. The ability to visualize your business processes allows you to quickly identify any process gaps or unintended outcomes. Does your collection solution make it easy for you to visualize your account movements to ensure that all your customers receive equal treatment in accordance with your policies? Does your collections system support the graphical visualization of prior and current collection strategies to reduce and thus minimize the disruption of the audit burden? If it does not, it may be time to consider moving to a more user-friendly solution.
Physical events (e.g., natural disasters)
Unexpected events can disrupt any business operation. I once ran a collections team in Virginia, and our building was impacted by a tornado. As water poured in from the ceiling through live lighting fixtures, my immediate concern was to get my associates to safety. Once we ensured everyone was safe, in the hours and days following, we needed to quickly exclude the zip codes of those customers impacted by the event. How quickly can you adjust your workflows while resuming business quickly? Does your current collections system make it easy to identify and move cohorts of customers to a temporary alternative treatment strategy?
Modern platforms support compliance through a combination of:
- Real-time processing – data is always current and can update other systems without delay.
- Graphical workflow builder and visualization with annotation to automate consistent policy-based strategies and manage contact cadence.
- Documented historic automated treatment strategies for ease of audit.
- Native integral scripting – can be ‘compliance’ scripts or ‘training’ scripts.
- Full History & Audit – every panel viewed, every manual or automatic action taken is time/date/user stamped, and NPPI field masking.
- Robust vendor specific privacy & information security practices and standards accreditation (SaaS)