Nexa Collections

Debt Recovery

Impact of the GLBA on Collection Agencies

As per FTC, starting June 9, 2023 all collection agencies will be treated as financial institutions. This means all collection agencies must secure consumer data nearly the same way as banks.

Failure to comply with GLBA can have severe consequences for the collection agency, especially the owners and the higher management. Each violation can result in fines up to $100,000 and may extend to criminal penalties, including jail time. We will try to cover only the important parts of GLBA per our understanding.

GLBA covers your employees and even your vendors that have access to your customer and debtor data. This includes your collection letter printing vendor, your software providers that access your data, and even your Sales Representatives.  Any data access outside your company network must be secured through the VPN and their laptops should be encrypted.

If your associates can access emails through their cell-phone, you must evaluate if their emails can potentially have sensitive data and take appropriate steps to secure their mailbox or completely disable mobile access to these emails.  The GLBA Privacy Rule only applies to nonpublic personal information (NPI), including (Debtor) Name, Address, Income, Social Security number. Transaction information such as account numbers, payment history, loan balances and information from court records or consumer reports.

After the recent changes done by CFPB and these upcoming GLBA laws will result in significant operational challenges and cost additions for all collection agencies in America.

When consumers turn to a financial institution for services, they want to know that their private information is being kept safe and sound. None of us want our information shared with companies we do not approve of. The Gramm-Leach-Bliley Act (GLBA) is a law that was enacted with this desire for security and privacy in mind. The act was passed in 1999 to protect consumers’ private information within financial institutions and give them the power to choose what happens with that personal information.

What Types of Businesses Are Impacted by the Gramm-Leach-Bliley Act?

The GLBA covers any institutions that provide financial services, including:

  • Handling loans
  • Handling savings
  • Exchanging or transferring funds
  • Providing financial advising
  • Investing for others
  • Career counseling (of those who are seeking employment with financial services)
  • Collecting debt
  • Banking
  • Insurance
  • Credit union

The law covers a wide variety of institutions that handle finances and can include institutions one may not expect, such as car dealerships that collect and distribute the personal information of their consumers or retailers that grant credit cards to their customers.

Protecting Your Customer’s Nonpublic Personal Information (NPI)

When a consumer decides to work with a specific financial institution, they must be able to trust that institution with their private information. Often, the information given to these institutions by their customers can be highly confidential and leave the customer vulnerable to a number of personal and legal issues should their information be shared or leaked to the wrong party.

Under the Gramm-Leach-Bliley Act, financial institutions are legally obligated to protect all of their private consumer’s nonpublic personal information (NPI). An NPI is defined as the individually identifiable financial information collected by a financial institution that cannot be found in the public domain. This can include information like:

  • Address
  • Income
  • Social security numbers
  • Payment history
  • Account information
  • Loan balances
  • Purchase history
  • Credit history
  • Consumer reports

Under the GLBA, a financial institution must uphold and ensure the safety, security, and confidentiality of any information their customers have trusted them with. A financial institution must always have security measures in place to prevent security breaches and data leaks. In order to ensure this, the Federal Trade Commission (FTC) has the power to audit any financial institution at any time. Should the financial institution have a need to share the customer’s information with an outside party, the customer must be made aware of the ways in which their information will be shared and given a choice in whether they would like to “opt-in” or “opt-out.”

The Gramm-Leach-Bliley Act and Privacy Notices

Whether you are opting in to sharing your customer’s NPI or not, the GLBA requires every financial institution to provide their customers with a privacy notice before a customer-business relationship has been established. Should this cause issues with the timeliness of completing the customer’s transactions with your business, there is an exception to this rule- as long as the client agrees, you may provide the notice within a reasonable time frame after the relationship has already been established.

Along with a privacy notice, customers must have an option to opt-out of sharing their NPI with outside parties. This opt-out notice must emphasize that the customer has a right to opt out, give a sensible method of opting out, and grant the customer a reasonable time frame to opt-out. The customer must also be given a copy of the privacy notice annually for the duration of the business-customer relationship.

The FTC’s Recent Amendments to the Gramm-Leach-Bliley Act

The FTC has recently made a few amendments to the GLBA. Due to this, multiple changes will become effective on June 9, 2023, including:

  • Risk assessments– financial institutions will now be required to maintain a formal risk management program that includes a written risk assessment
  • Designation of a single responsible and qualified individual– while it has already been required that the financial institution has designated employees overseeing the security program, financial institutions must now appoint a qualified individual to hold the ultimate responsibility of the program.
  • Employee training– this new requirement means financial institutions must ensure their staff have received proper security training from qualified personnel if they have access to private information like customer names, addresses, social security numbers, and date of birth. This training must be done regularly.
  • Monitor own providers to whom data is outsourced or serviced– financial institutions must monitor and complete risk assessments regarding the third-party service providers they are deciding to work and share information with. It is the financial institution’s responsibility to ensure the third-party vendors they share information with have the proper security measures to continue protecting their customer’s NPI.
  • Information Systems Monitoring & Penetration Testing– financial institutions must now regularly test and monitor their safeguards, systems, and procedures for any attempts at a security breach or weaknesses
  • Incident plan– a new requirement of the GLBA is that financial institutions will now be required to have a written incident response plan that addresses seven particular topics- the goal of the plan, internal processes for a response, external and internal communication, requirements for identified weaknesses, how the security event will be documented and reported, and the changes and evaluations needed to the incident plan after the occurrence of a security event
  • Specified security controls– There have now been security controls added as specific requirements to maintain GLBA compliance, including access controls, system inventory, encryption, secure software development, multi-factor authentication, data retention, change management, and system monitoring
  • Accountability of the responsible and qualified individual– the individual who has been designated the responsible party is now required to annually report their security program’s status to the executive leaders of the financial institution in order to maintain a sense of accountability and the motivation to uphold the highest security measures for customers.

In Conclusion

The GLBA has been put in place to protect consumers’ personal information from falling into the wrong hands. It is the responsibility of financial institutions to have security measures in place to protect their consumers and themselves. Staying up to date on the newest GLBA requirements can be crucial to ensuring your financial institution is doing everything you can to maintain compliance.

References:

https://www.fdic.gov/consumers/consumer/alerts/glba.html#:~:text=GLBA%20became%20law%20in%201999,insurance%20companies%20and%20securities%20firms.

https://www.ftc.gov/business-guidance/resources/how-comply-privacy-consumer-financial-information-rule-gramm-leach-bliley-act

https://globalcerts.com/wp-content/uploads/Whitepaper-2022-GLBA-Amendments.pdf

Industries with the Best and Worst Recovery Rates

It is recommended to assign accounts for collections roughly when they are between 60-90 days past due for a maximum recovery rate.

The recovery rate dips as the account gets old. The following chart demonstrates the relationship between the Account-age and Recovery-Rate.

Debt Recovery Chances

Still, there are some industries where the average recovery rate is better than others.

Based on clients we came across last year (2021), here is the average recovery rate we have seen, along with our collection agency partner(s).

This is purely our own experience. No collection agency publically publishes the results they achieve by industry. But it should give an idea of what to expect.

Industry Recovery Rate
Transportation 84.33%
Pool Services 73.67%
Cooperative 70.39%
Propane 66.40%
Fuel/Oil 61.25%
Snow Removal 60.39%
Lawn & Garden 59.87%
Printing 58.19%
Plumbing, Heating, Air 53.30%
Engineering 52.95%
Interior Design 52.90%
Mortgage 48.11%
Travel Agent 44.18%
Distribution 43.30%
Medical / Athena 42.46%
Construction 41.49%
Publishing 40.78%
Credit Unions 40.27%
Retail/Consumer Misc. 39.72%
Pest Control 38.95%
Auto Supply & Repair 38.02%
Restoration Companies 37.73%
Commercial 36.95%
Contractors, Special Trade 36.76%
Industrial 36.38%
Optometrists 36.27%
Dental 33.29%
Repair Services 31.59%
Waste Management 31.40%
Funeral Services 31.09%
Day Care 29.55%
Business Services 29.43%
Government 28.38%
Utilities 28.36%
Farm Supply 27.52%
Auto Dealers 27.04%
Fire 26.65%
Telephone Communications 25.48%
Member Organizations 25.13%
Elementary/ High School 24.59%
Personal Services 22.83%
Schools Misc. 22.78%
CPA / Accounting 22.16%
Security 21.63%
Trucking, Nonlocal 21.34%
Clothing 20.86%
High Tech 19.87%
Veterinarian 19.25%
Advertising 19.17%
Drug Store 19.11%
Aviation 19.07%
Medical Supplies 18.03%
Rentals, Equip, etc. 17.71%
Newspaper 17.48%
Non Profit 17.28%
Hotel 17.21%
Manufacturing 17.08%
Pharmaceutical 17.00%
Wholesale, Durable 16.94%
Social Services Misc. 16.66%
Insurance 15.38%
Real Estate Management 15.34%
Media 15.22%
Bank 14.93%
Computer Services 14.90%
Bail Bonds 13.97%
Nursing Homes 13.87%
Medical Other 12.94%
College/Univ/ Prof. School 12.08%
Gym/Sports Org 11.41%
Electronics 10.25%
Legal Services / Lawyers 9.94%
Cleaning Service 9.06%
Accounting 8.40%
Moving / Storage 8.32%
Chiropractor 8.26%
House Rent Collection 6.96%

Commercial accounts (B2B) have a better recovery rate than (B2C) accounts.

 

Can I Hire Multiple Collection Agencies at One Time?

You can legally hire more than one collection agency at a time, provided you do not assign the same account to multiple collection agencies. If one debtor starts getting contacted by different agencies, you can be sued for harassment. 

However, hiring more than one collection agency will be very hard to manage. Keeping track of which accounts have been assigned to Collection Agency “A” and others to Collection Agency “B” is always confusing. Then each collection agency has its own way of recovering the debt. Two different client portals training will be required, and each agency will have separate ways and dates when they pay you or raise an invoice. Moreover, whenever a debtor calls you directly to make a payment or discuss something else about his debt, you will have to figure out which collection agency has the account of this debtor. It can be quite confusing. 

When does it make sense to hire two collection agencies?

  1. Transitioning from Agency A to Agency B: You want to fire your existing collection agency “A” ( say you are unsatisfied with their collection results). Meanwhile, you start assigning all new accounts to this collection agency “B”. Eventually, all your accounts to your old collection agency “A” complete their collection lifecycle, and you are left only with the new collection agency “B”.
  2. You are a large company with multiple offices across US. You also have hundreds or thousands of accounts that require collections every month. You decide to hire collection agency “A” for one set of offices and collection agency “B” for other offices. Both collection agencies will work hard to give you better results since you are such a large account for them. They will always have a fear of losing you.

Overall, we recommend that you hire only one collection agency that is licensed nationally. Do your due diligence to shortlist the best one.

Contingency Collections: Is it the best Debt Recovery Service?

Collection agencies typically offer two types of collection services to their clients. “Fixed Fee” and “Contingency Only” service.

In the Fixed fee service a collection agency sends multiple written demands only.

In the Contingency service one written debt validation notice is sent, followed by collection calls from an experienced debt collector.

Although the sales guy from the Collection Agency may attempt to sell you a “Fixed Fee” service, that costs around $20 an account. Fixed-fee may appear more beneficial after hearing all the sales pitch, however it may not be the best service for you after all. The biggest advantage that a collection agency gets is that the moment you buy their “Fixed Fee” service, they have made money from you even before a single account is placed for collections. 

Unless your accounts are less than 180 days past due, the “Fixed Fee” service may be of little help. After the collection agency fails to recover money for you in the “Fixed Fee” service, they will later insist that you should transfer accounts to the contingency service.

Why go for the “Contingency Only” service?

  • No upfront fee is involved.
  • A collection agency makes money only if they collect for you.
  • Credit Bureau reporting is done for free by most agencies.
  • Calls from a debt collector are more impactful than written demands. 
  • Most agencies do USPS change of address check only in Fixed fee service. They do not perform skip-tracing, which is a more accurate tool to locate the debtor and his phone number. In Contingency service, almost all collection agencies rely on skip tracing.
  • A debt collector is able to negotiate payment terms even with those tough debtors. For example, he may put the debtor in installments or settle the amount in one lump sum payment slightly lower than the original amount due.
  • A debt validation letter is sent out anyway, even during the Contingency only service therefore your debtor knows the account is with a collection agency. So you do get a considerable benefit from this written demand as well.
  • A collection agency takes all the headaches involved in the negotiation and takes money from the debtor. In a fixed fee service, you have to be the one to manage payment acceptance and negotiation. 

When is the Fixed Fee service beneficial?

In our experience, it is a better service only if your accounts are no more than 180 days past due. If accounts are less than 120 days past due, then most likely it will result in significant cost savings over contingency collections.

Overall, if you want less hassle-based recovery, go for Contingency Only collections.

Your Collection Agency has Shut Down? What to do Next?

You had submitted accounts to a collection agency, however, they have ceased operations. What happens to the accounts they were working on, and what about those debtors who were in the middle of a payment plan. Are there any legal aspects involved?

There is a systematic procedure to hand over accounts from one collection agency to another that is legally compliant and convenient. Not all collection agencies are experts to handle this transition.

Need a new collection agency: Contact us today
Please mention that your existing agency has closed, and we’ll make the transition easy.

Many collection agencies have shut down recently due to the following reasons.

  • Covid-19 Pandemic: Collection agencies were barred from collecting money in many states during the pandemic, impacting revenue from existing accounts. Moreover, the new business had stopped coming since people were not going to their offices and debt recovery was the last thought in their minds.
  • CFPB rules: On November 30, 2021, the CFPB’s new Debt Collection Rules became effective, becoming a major roadblock for the entire Collections industry. Many collection agencies found that it was better just to wind up the business than to become compliant with these new CFPB rules.
  • Credit Bureau Reporting changes: Starting July 2022, the top 3 credit bureau agencies made it harder to report medical debts for credit reporting. Medical debts form nearly 50% of consumer debt collections.

What to do if your collection agency shuts down

Most collection agencies that shut down were small collection agencies. It is always advisable to hire medium-sized collection agencies that have the license to collect consumer and commercial debt all across the USA. 

  • Immediately hire a collection agency (without delay) because there may have been quite a few of your debtors who were about to pay or were paying their debt in installments.
  • Hire a collection agency that offers both fixed fee and contingency fee collections. Accounts less than 90 days past due should ideally be submitted for fixed fee collections.
  • Your new collection agency should keep itself up to date with new federal and state laws. You should also be able to download a collection performance report for all your accounts online. 
  • They should have the license to collect money in all 50 states, which takes care of issues in case your debtor crosses state lines.

 

Pay in Installments or Full: Which is Better?

A debt collection agency will almost always allow you to make payments in installments. Should a borrower/debtor go for it or not?

Benefits of Paying in Full (in one lump sum payment)

  • You will likely strike a deal to settle the debt for a lower amount (keep insisting). Installments result in more work for collection agencies. They would rather accept a lower amount ( like a 10% or a 20% lower settlement) than linger a debt for months. Moreover, if a borrower misseses an installment, it results in even more work for them.
  • Peace of mind. The matter is closed, and there are no pestering reminder calls each month from a debt collector.
  • If you have cash available or can arrange it, then it is best to close the matter in one lump sum payment rather than dragging the matter. Debt collectors are persistent callers, they get paid a commission on whatever you pay, and they will keep pestering you till the payment is made. 

Benefits of paying in installments

  • The borrower who pays in installments has effectively communicated to the debt collector that he does not have a bunch of money sitting in the bank. He is genuinely tight on cash. He can usually settle the deal on the principal amount only and avoid paying any additional interest and fees.
  • It gives more time to pay and avoid immediate cash flow problems. 

Benefits of Both (Installments and Full Payment):

  • You avoid damaging your credit report.
  • No more harassment from collection agencies or their lawyers.