Buy Here Pay Here Compliance
Best Practices for Used Car Dealers
BHPH Summit logo

Solid buy here pay here compliance best practices protect your customers, your reputation, and your bottom line. Whether you operate one rooftop or multiple locations, consistent standards for advertising, sales, underwriting, collections, data security, and repossessions reduce risk while improving payment performance. This page explains practical steps to align with federal and state requirements, including FTC, CFPB, GLBA Safeguards Rule, FCRA, ECOA, and UDAAP expectations. You will also find links to deeper training and education built for BHPH operators. Use these guidelines to benchmark your policies, close gaps, and build a culture where every deal is both profitable and compliant. Explore related resources like buy here pay here compliance education, buy here pay here operations best practices, and dealer compliance best practices to put these principles into daily practice across your team.

Get Registered Now!
SUMMIT REGISTRATION
Use this page to register members of your dealership ASAP!
ONLY $599 for First Registered Attendee
ONLY $299 For Each Addt'l Dealership Attendee
CAESARS ROOMS DISCOUNTED TO $189 a night
(Plus Resort Fee)
Vendors interested in attending the Summit please click here, submit your information and a member of our staff will contact you.

Compliance is not a single policy or a binder on a shelf. It is a daily process that starts with accurate advertising and ends with secure data retention and fair collections. The guidance below highlights the highest impact actions for BHPH stores. For deeper dives, visit subprime federal compliance education, buy here pay here collections best practices, and our blog for practical updates you can use in the store today.

2023 Conference Photo
2023 Conference Photo
2023 Conference Photo
2023 Conference Photo
Sales Techniques
Advanced Marketing Strategies
Underwriting Best Practices
Collections Management
Smart Inventory Control
Service & Reconditioning
Human Resources
AI Dealership Integration
... and much, much more!

What buy here pay here compliance means for your dealership

Buy here pay here compliance covers the full life cycle of a deal. It starts before the first lead with truthful advertising, continues through credit evaluation, disclosures, contracting, ongoing payment handling, customer communication, loss mitigation, and concludes with proper account closure or recovery. A robust program blends written policies, standard operating procedures, training, oversight, documentation, and independent testing. The goal is to treat customers fairly, follow the law, document what you did, and prove it when auditors or regulators ask.

Federal rules every BHPH operator should operationalize

Most BHPH dealers act as both retailer and creditor, so multiple federal laws can apply. The following are common pillars and practical actions to embed in your processes.

  • ECOA and Regulation B: Use consistent credit criteria, document reasons for adverse action, and issue adverse action notices on time. Train staff to avoid steering or discriminatory pricing across protected classes.
  • FCRA: Permissible purpose for credit pulls, accurate reporting to bureaus, dispute handling with timely investigation, and risk based pricing or credit score disclosure as applicable.
  • TILA and Regulation Z: Present clear, accurate APR and finance charge details in ads and contracts. If you advertise payment or rate, include required disclosures in close proximity and readable format.
  • GLBA Safeguards Rule: Maintain a written information security program, designate a qualified individual, conduct risk assessments, implement access controls and encryption, train staff, and monitor vendors with data access.
  • UDAAP: Avoid unfair, deceptive, or abusive acts or practices across marketing, sales, servicing, and collections. Review scripts, forms, and payment policies with a fairness lens.
  • FTC Holder Rule: Ensure the Holder Notice is included in retail installment contracts where required.

To translate federal rules into store level execution, consider targeted programs like buy here pay here federal compliance education and subprime federal compliance education.

Know your state requirements

State laws shape critical steps such as maximum interest rates, late fee caps, grace periods, disclosure language, title and lien handling, and repossession notice timing. Multi state operators must tailor procedures by location without losing consistency. Maintain a state matrix that summarizes key rules and links to statute citations. Update it at least quarterly and after industry alerts. Use checklists at delivery, collections, and recovery to confirm state specific items are completed before a file moves forward.

Build state specific expertise with buy here pay here state compliance education and subprime state compliance training.

Advertising and lead management

Compliance starts with the first impression. Ads must be accurate, include material terms, and avoid promises that only apply to a small subset of customers. If an ad mentions price, payment, or down, ensure clear and conspicuous disclosure of conditions. In digital channels, the required disclosures should be on the same page and near the claim. For lead forms, present privacy notices, secure data capture with encryption, and limit fields to what you need. Track each campaign, retain screenshots, and approve creative through a standardized review before publishing.

Sales process and disclosures

Train sales and F and I staff to deliver disclosures consistently and in plain language. Use a deal jacket checklist that covers the retail installment contract, privacy notices, risk based pricing or credit score disclosure, adverse action when applicable, Holder Rule, and state forms. Present add on products with clear price and coverage terms. Do not condition approval on the purchase of add ons. Require customer initials next to key terms such as payment amount, due date, late fee, and default provisions. Audit a sample of files weekly to confirm signatures and dates are complete and accurate.

Reinforce these steps with buy here pay here operations training and used car dealer compliance education.

Underwriting and credit policy

A written credit policy enables fair, consistent decisions and supports ECOA compliance. Define required stipulations, stable residence and job criteria, income verification, debt to income or payment to income limits, and maximum loan to value. Approvals and exceptions should be documented with reasons and supported by data. For declines, issue adverse action notices within required timelines. For conditional approvals, specify the exact conditions and document how they were satisfied. Calibrate policy with portfolio performance data quarterly to balance risk and approval rate.

Explore deeper guidance in buy here pay here credit policy education and dealer underwriting education.

Payment handling, communication, and collections

Clear expectations drive better payment performance. Provide written payment options, hours, acceptable methods, and any fees. Offer receipts for every payment and reconcile daily. For customer outreach, adopt scripts that are firm, fair, and compliant. Obtain consent for text and prerecorded calls before using automated tools. Honor do not contact preferences. Document every contact and promise to pay. Track roll rate, extensions, and broken promises to identify accounts that need early intervention, not just repossession.

When accounts default, follow a state specific repossession and sale process. Confirm the right to cure, send accurate notices, and retain proofs of mailing or delivery. After sale, calculate deficiency balances correctly and communicate them with supporting documentation. Review your vendor agreements and monitor repossession agents for conduct standards.

Strengthen your team with buy here pay here collections best practices, buy here pay here real world collections training, and buy here pay here repo process education.

Data security and privacy

Customer trust depends on how you protect sensitive information. Map where data enters, travels, and is stored. Limit access by role, enforce strong passwords and multi factor authentication, encrypt data in transit and at rest, and train staff to spot phishing. Keep an incident response plan that assigns roles, defines vendor escalation, and sets timelines for notifications as required by law. Test backups and recovery quarterly. Review your privacy notice annually to confirm accuracy and alignment with your actual practices.

For program level support, see dealer technology training education and privacy policy.

Training, culture, and accountability

A policy is only as strong as the people who apply it. Build role based training paths for sales, F and I, collections, and managers. New hires should complete foundational modules before touching a deal. Provide refreshers at least twice per year and whenever laws or forms change. Track completion and quizzes in your learning system. Empower team members to pause a deal that feels wrong without fear of missing a unit. Celebrate clean audits and coach misses quickly.

Consider programs tailored to BHPH teams such as buy here pay here dealer training program, buy here pay here operations education, and dealer professional development training.

Monitoring, testing, and audit readiness

Monitor early and often. Use checklists and exception logs to capture issues as they happen. Complete monthly file reviews across a random sample and a targeted sample of high risk scenarios like exceptions, same day deliveries, or high APR deals. Report findings to leadership and track remediation through closure. Once or twice per year, run a mock exam that simulates a regulator request. Keep a clean document vault with current policies, procedures, forms, training records, vendor due diligence, and sample files. Ensure you can produce any required record within a short time frame.

Improve readiness with used car dealer audit preparedness education and buy here pay here audit preparedness training.

Multi location and growth considerations

As you scale, standardization and governance become essential. Create a core policy set that applies to all rooftops, then bolt on state supplements. Use a single system of record for deals and collections with role based permissions and automated audit trails. Centralize advertising approval, legal reviews, and vendor onboarding. Conduct cross store scorecards with peer comparisons to identify outliers in early stage delinquency, exceptions per deal, or incomplete disclosures. Rotate managers to share best practices and spread a compliance first mindset to every lot.

For expansion planning, explore buy here pay here multi location operations training and dealer operations management training.

Key checklists you can put to work today

  • Advertising checklist with disclosure review, screenshot retention, and approval signature
  • Deal jacket checklist covering disclosures, signatures, Holder Notice, and state forms
  • Underwriting checklist for income verification, DTI or PTI thresholds, and exception approvals
  • Collections checklist for contact consent, documentation, and hardship options
  • Repossession checklist for notices, redemption, sale, and deficiency steps
  • Data security checklist for access controls, encryption, backups, and incident response

Helpful resources on this site

Frequently Asked Questions

Focus on ECOA and Reg B, FCRA, TILA and Reg Z, the GLBA Safeguards Rule, UDAAP, and the FTC Holder Rule. Build written procedures and training for each area and verify execution with regular file reviews and testing. Link your procedures to the forms you use every day.

Review core policies at least annually and after any law, form, or technology change. High impact areas like data security, disclosures, and collections scripts should be reviewed quarterly. Keep version control and a distribution log to show when staff received updates.

Include the retail installment contract, privacy notices, risk based pricing or credit score disclosure as applicable, the Holder Notice where required, state specific forms, proof of identity and income, verification of residence and insurance, and a signed delivery checklist. Confirm all signatures and dates are complete and legible.

Set clear payment expectations at delivery, verify income accurately, and engage early when payments are missed. Offer structured hardship options that are applied consistently and documented. Use consent based communication, track promises to pay, and escalate with a state compliant cure and repossession process.

Start with a simple gap check: confirm the right disclosures are in every file, privacy notices match practice, and data security basics are in place. Next, train the team on a standardized sales and collections script. Finally, implement a weekly file audit with a short exception report to leadership.

The information on this page is for education and planning. It is not legal advice. Always consult qualified counsel for your specific situation and state rules.

LATEST NEWS   |   Read More

BHPH United Summit logo
BHPH United was formed for the sole purpose of providing education and resources to Buy Here Pay Here dealers. BHPH United and its partners are excited and passionate about the Buy Here Pay Here industry and believe the best way to support it is through current, relevant, and comprehensive education.
2026 All Rights Reserved by
BHPH United
Login