Debt Collection Law Ranks High in Safety and Security

Debt collection law gets a bad rep. Just Google “debt collection,” and you’ll stumble across a thousand stories about crooked collectors, deceptive ruses and stringent regulations to maintain the climate of lending, borrowing and repayment.

If you’ve been following our blog, you likely already know that debt collectors must follow specific federal guidelines to avoid violating consumer rights and maintain their own responsibilities. Well-known laws that we’ve discussed include the Fair Debt Collection Practices Act (FDCPA), the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA).


However, what you might not know is that in the entire field of law, the legal debt collection industry is in the top 10 percent for IT security, data security, physical security and third party vendor management.

Because of the nature of the practice, collections tops all other areas of law in disaster preparedness, disaster recovery plans and employee training and conduct.

The industry as a whole is more likely to have superior call recording capabilities that record 100 percent of incoming and outgoing calls, email encryption and email programs that recognize and restrict the sending of a 16-digit sequential number (ie—credit card numbers).

The licensed and recognized creditors bar is the least likely to be hacked among all law firms nationwide, and although there have been attempted website hacks, there are no known data breaches in the entire industry of legal collections.

While the stringent standards placed on collectors are to protect the consumers, they make the practice of debt collection very expensive. Collectors rank high in the areas of safety and security, and that is a positive thing, but they pay handsomely to do so.

The bottom line after paying out for security systems and other third party vendors depends entirely on a collectors’ ability to connect with debtors and work toward a payment plan that benefits both parties.

Despite the horror stories, these statistics shine a positive light on the field of legal debt collection. Collectors are doing their best to ensure a safe and secure relationship with debtors, protect important and private information and collect money in order to regain economic balance in the area of lending.

Best business practices, Part II

Disaster Recovery Plan

“Life is what happens to you while you’re busy making other plans.” – John Lennon

sky diving

A Disaster Recovery Plan (sometimes referred to as a Business Continuity Plan) is a necessary element of any business.

The purpose of such a plan is to prepare your business, staff and infrastructure for the event of a major disruption of business and getting back on track as quickly and effectively as possible.

Having an effective and meaningful business continuity plan is particularly important in a business controlling data or funds of clients.

Any worthwhile plan will be written, thorough and tested. 

Best practices teaches us that if your plan is not written down, then it does not exist. It is that simple. Actually writing the steps of your plan down will help highlight holes or flaws.

Above all, the plan must be thorough.

In his article, 12 Attributes of a Successful Business Continuity Plan, Michael J. Corby emphasizes that a business continuity plan is one of the four basic components of an organizations’ risk management strategy.

While a business continuity plan used to be as simple as deciding where to set up shop if there were a fire or flood in the brick and mortar structure, there is a much higher standard now—as there should be. Considerations include all manner of disaster or coincidental occurrence, from area blizzard or flood, bombing, electrical failure, to the death of a key employee. After all manner of risks have been assessed, then all manner of critical business functions must be identified.

Finally, a written plan and contingencies for each possible incident must be identified for carrying out all critical business functions.

The entire plan can be complicated, as it works as one long “if – then” statement. Ultimately no plan matters unless personnel understand it, and that only happens upon periodic review and testing.

Unfortunately, testing can be time consuming and costly.   It will usually cause some disruption in business. Nevertheless, aspects of a business continuity plan should be tested and reviewed each year, with records kept on the results.

This does not just apply to debt collection practices. Many of the best known data companies, such as AT&T, have well-documented industry briefs on their business continuity plans.

To borrow the line, and paraphrase:  Much like a parachute, a disaster recovery plan is one of the only mechanisms in your office that you should work diligently to keep in perfect working condition, only to hope you never have to pull it out of the package.

Drop by next week for Better Business Practices, Part III on vendor management!