Teresa Dodson

It’s difficult to avoid the media attention given to the importance of data security and the protection of consumer information. And given the damage that can occur (see, for instance, this story on the Global Payments Breach of over 10 million credit and debit card account numbers), and the potential financial losses incurred by all parties, maybe that’s a good thing.

The ARM industry has long been aware of the requirements placed on it by regulators to safeguard consumer data, and over the years the industry has taken great strides to improve its practices to safeguard consumer information. Many firms have now made significant investments in security and compliance, and more and more firms are adding compliance officers to their teams to ensure they stay current with the myriad changing regulations at the federal and state levels (see the story on “Compliance Officers: Necessary or a Luxury?”).

One of the strongest drivers of these comprehensive data security practices were the card issuers who were placing accounts with collection agencies and sharing NPPI data with debt buyers during the course of the negotiation of a sale. ARM industry participants who have recently endured the onboarding process and subsequent security audit from a card issuer understand how serious these organizations view data security in this environment of increased regulatory scrutiny.

ARM companies today must operate under a number of different compliance certifications such as PCI- DSS 2.0, SSAE 16 SOC 1 and SOC2 (the new SAS 70) and/or ISO 17799. While the cost and implementation of these policies and standards requires a significant investment by companies, the risk of a data breach or regulatory action against a company would be far more costly and the reputational damage can be long lasting and severely impact the ongoing operations of a company caught on the wrong side of an enforcement action.

In a recent survey published by insideARM.com (“Debt Settlement Survey: How Creditors and Collectors Utilize the Debt Settlement Industry to Increase Collections”) inside ARM.com found that roughly 50% of respondents stated that they now work with debt settlement companies as a way to increase their collections. When asked the reasons why firms chose not to work with debt settlement companies, over 29% reported security, compliance, and legal concerns as chief reasons for not working with the industry. It’s not surprising that a high percentage of respondents shared this concern at a time when agencies and buyers are operating under a heightened state of scrutiny in these areas. More interesting was the fact that over half of those who indicated they don’t work with debt settlement companies today, said they would change their minds and employ debt settlement as a strategy if provided a secure, PCI-complaint, aggregated platform through which they could settle accounts with debt settlement companies.

Reasons Provided for not Working with Debt Settlement Companies



Settlement Percentages too low


Legal concerns about dealing with third parties


Security/Compliance Concerns


Industry Perceived as not reputable


Prohibited by agency agreement with creditor


Limited resources to dedicate to this channel


Break rates too high


Too hard to locate and manage multiple debt settlement providers


Not enough knowledge of the industry to make this channel effective




This underscores the perception by the ARM industry that debt settlement companies need to do more to change the way creditors and collectors perceive this industry and they way its managing sensitive consumer data. The Debt Settlement Industry associations should take the lead in this area, much like the ACA International and DBA International have done in the ARM industry, in providing operational guidelines, resources for education and training and adopting “Best Practices” of operations as it relates to compliance and security. Doing so could lead to a greater adoption of the debt settlement industry by collectors and creditors resulting in more recoveries for creditors, agencies and buyers, more revenue via settlements for debt settlement companies and greater relief for the consumer as a result of resolving their outstanding accounts.