Per Violation, Per Day
The FTC can levy civil penalties up to $53,088 per violation, per day (2025 amount, adjusted annually for inflation).
Don't let a data breach put your dealership in the headlines. The FTC Safeguards Rule is now the law for every dealership handling customer financing. Violations mean fines, lawsuits, and personal liability.
Compliance built for how dealerships actually operate.
The FTC Safeguards Rule is not optional, and the consequences of ignoring it go far beyond a fine.
The FTC can levy civil penalties up to $53,088 per violation, per day (2025 amount, adjusted annually for inflation).
Owners, GMs, and officers can be held personally liable for compliance failures. Your personal assets are at risk.
A data breach at a non-compliant dealership opens the door to class-action litigation.
Carriers increasingly deny claims from businesses that lacked a documented compliance program.
Simple. Fast. Compliant.
We audit your current practices against all nine FTC Safeguards Rule requirements and deliver a written report identifying every gap.
We design and implement a complete, written information security program tailored to your dealership: policies, controls, training.
Compliance is ongoing. We handle annual risk assessments, continuous monitoring, staff training updates, and the annual report.
Every dealership that arranges financing must satisfy all nine requirements. How many does yours currently meet?
Appoint one employee responsible for coordinating and overseeing your information security program.
Identify and assess internal and external risks to customer information in each relevant area.
Design and implement safeguards to control the risks identified through your assessment.
Regularly test or otherwise monitor the effectiveness of your safeguards' key controls.
Provide security awareness training to all staff, including phishing and incident reporting.
Take reasonable steps to select and retain service providers capable of maintaining appropriate safeguards.
Evaluate and adjust your program in light of testing results, changes, and new risks.
Create a written plan for responding to security events that could compromise customer data.
Prepare and present an annual written report on your program to the Board or senior owner.
Get a free, no-obligation gap assessment. We will show you exactly which of the nine requirements you meet and which need work.