.png)
The challenge for businesses engaging with consumers digitally has become not if they should, but how they can do so at an effective and compliant scale. Artificial intelligence (AI) offers a solution to enable customized, digital communications at scale, and to do so compliantly. Let’s take a look at compliance considerations for digital communications, the benefits AI can bring to stay compliant, and the risks of missing the mark with requirements.
Understanding the regulations that apply to your business is the first step, and the landscape is complex and can change quickly. While using a SaaS tool to enhance your in-house customer engagement for first-party debt recovery and collection does not mean you’re beholden to the same regulations guiding third-party debt collectors, following these guidelines will keep you well clear from existing compliance issues and help safeguard around future developments that may impact your operations.
The Fair Debt Collection Practices Act (FDCPA) and its Regulation F dictate rules for debt collection activities, along with various state and local laws, including rules for validation notices, time and frequency of communications, required message content, required disclosures, clear and conspicuous unsubscribe, monitoring deliverability, and collector identification details.
And while there hasn’t been any federal laws regarding the use of AI in debt collection yet, federal agencies have put out significant guidance on using these advanced technologies and what sort of protections businesses need to have in place over them. The Department of Treasury is very interested in how organizations are using AI and have undertaken various initiatives to provide information to the public on AI security and best practices in the financial sector including bringing in industry members and government regulators to talk about the risks and the benefits and what sort of controls would be best to put in place.
Let’s look at the benefits AI brings to keeping up with compliance in digital communications, and the inherent risks of non-compliance and not properly vetting digital solutions or service providers utilizing AI.
Benefits AI brings to keeping up with compliance in digital communications:
- Digital customer engagement solutions infused with AI can offer code-based compliance, but what is code-based compliance? Code-based compliance refers to the programmed rules and controls that ensure communications fall within all of the identified federal and state laws and regulations that a business needs to adhere to. When an algorithm is used to help make decisions on delinquent customer communications, compliance controls could be coded into that algorithm or work side-by-side with the algorithm to ensure that all digital communications fall within federal and state laws and regulations.
- This code-based approach powered by AI helps with several collection-related regulations that creditors, law firms, and debt buyers benefit from following (for both compliance and customer satisfaction):
- Communication frequency restrictions: Regulation F’s "inconvenient time" rule restricts debt collectors from contacting a customer before 8:00am and after 9:00pm local time at the customer’s location. Digital automation dictated by compliance-driven AI and machine learning can help avoid violations and perceived harassment by preventing communications from being sent outside the approved times.
- Consent & disclosure requirements: a code-driven method means that digital communications sent to individual customers contain all the necessary disclosures appended, such as out-of-statute disclosures, state disclosures, etc.
- Digital paper trail for audits: digital communication using advanced technology can automatically capture and create a traceable digital footprint to enhance transparency and compliance with regulatory standards.
- Utilizing AI can enhance existing processes. Compliance controls in an AI-powered system can ensure compliance with these regulations, minimizing the risk of human error while code-based guardrails mentioned above can be easily updated to reflect the latest rules and best practices.
Risks of Using AI in Digital Debt Collection Communications:
- Non-compliance with regulations opens your business to risk—even if the violations come as the result of using a SaaS solution not up to date with the rules and laws your organization must adhere to. Consequences of non-compliance are very vast: fines and penalties, increased consumer complaints and lawsuits, erosion of consumer trust, and more.
- Precaution: Always perform rigorous due diligence when considering any software or service provider that offers AI-based solutions. This means including not only your procurement team, but compliance and any technical and information security teams available to vet the solution based on your business’s risk appetite.
- Tech fads can quickly turn into tech debt. Even if advanced technology is implemented and adopted it can be hard for in-house teams to keep up with fast-evolving compliance requirements. As mentioned above, there is no comprehensive federal law or regulations regarding AI yet, but the Department of Justice (DOJ) recently revised their Evaluation of Corporate Compliance Programs guidance and placed significant emphasis on the need for companies to implement structured processes to assess and manage risks tied to AI and other emerging technologies.
- Precaution: These updates to the DOJ’s guidance underscore the need for organizations subject to compliance requirements to have a competency level when it comes to artificial intelligence and all of the various tools and solutions that may be used or inadvertently used through vendors.
- Which leads to the risks of skipping the vetting process and due diligence of digital solutions and partners, especially for debt collection. Code-based compliance isn’t “code it and forget it.”
- Precaution: Organizations should check that providers of debt collection SaaS solutions design their processes so that they promptly and effectively adapt to new regulations and are proactive with cybersecurity and data privacy.