Protect your customers with coded collections compliance
Collections compliance in the United States can feel like a minefield. Here we’ll dive into how regulations are built-in by code to Collect, to protect your business and customers.
How are compliance regulations built into intelligent debt collection?
We follow a three step compliance process:
- Build: We only onboard clients in new regions or debt types after our product is 100% compliance automated for that specific need.
- Maintain: Our specialist Compliance team stays on top of local regulations in all our markets.
- Enhance: We work closely with clients to reduce compliance related costs and continuously improve the customer experience, using automated quality control tools.
Collect is built from a compliance-by-design philosophy. This means end-to-end automated compliance for all accounts, in all regions. Every action that a customer takes to interact with their debt is tracked as an ’event’. This could be their activity in the customer App, or their response to a specific message. All events are tracked, which minimizes non-compliant actions and provides a robust audit trail. Coded compliance essentially acts as a fail-safe, removing the potential for human error.
What regulations are built-in to Collect?
Understanding both the legal policy and local customer engagement patterns is critical to our overall collections strategy. We see compliance regulations as the legal maximum, as their thresholds are usually more than what we consider necessary to provide a great customer experience.Â
For example, the United States have a ‘7 and 7 and 7’ policy which states a creditor must not call customers more than 7 times in 7 days. It also means that if you do connect with the customer, you can’t attempt to contact them again for 7 days. Here, our product understands that:
- 7 and 7 and 7 is the overall maximum - Ensuring compliance
- Exceeding 7 and 7 and 7 will not create a positive customer experience - Ensuring customer centricityÂ
Collect also recognises where a customer is located to prevent non-reactive communication outside FDCPA regulations. As a digital service provider, we also have agents that can respond dynamically after hours if a customer does get in touch.
How does Collect ensure communications are compliant with regulations specific to where the customer is located?
Collect understands where customers are located based on the addresses provided by our clients. The address links the account to a set of hardcoded rules and policies that apply to that specific jurisdiction. This includes both federal and state requirements like time of day limitations, frequency of communications, and ability to use certain channels. This makes sure that any communications sent to customers are within the boundaries of those regulations.
With outbound calls, our Customer Service team can see the customer’s timezone in our agent tool. This assures that any outbound calls are only made within compliant windows for that region and to add an additional layer of protection, we use external dialler services.Â
When it comes to digital communications, Collect is powered by a unique intelligence system. This system incorporates all relevant jurisdictional regulations, providing a robust framework to guarantee that Collect maintains an unwavering adherence to compliance standards.
How are communication templates created?
All communication is designed to provide customers with clear and helpful information on their debt, along with payment options. We use this philosophy to underpin every single message, including email and SMS. We include clear links to the simplest payment path, or how to get in touch if they need support.
Our template creation process involves:Â
- Specialist copywriters / AI copywriter: We use both specialist copywriters and custom generative AI tools to create templates, carefully crafting messages that encourage and empower customers with the information they need to take action on their account.
- Compliance team: Review all templates and ensure compliance. Before any new templates are deployed, they go through a final approval process to ensure any relevant disclaimers or regulatory requirements are included in each template, in line with relevant laws.
- UX designers: Ensure the layout, design, and display is clear and consistent, builds trust in our brand, and is formatted in a user-friendly way. This applies to emails and letters.Â
- Data team: Manage templates using our automated template management system. This tool deploys templates, measures all template performance and has analytics dashboards built-in.
Disclosure and opt-out rules are developed and enforced by the product, based on the customer’s address. We include clear links to the simplest payment path, or how to get in touch if they need support.
All templates are performance tested across key metrics like open rate, click through rate, and payment conversion rate. Low-performing templates are reviewed and removed, so only high-performing communications are active. Collect’s machine learning models choose the best template for each individual, learning from historical data on how they prefer to engage.
What measures are in place for data and infrastructure security?
In the fintech world, data security is paramount. All information is protected to the highest industry requirements, and certified under global standards such as ISO27001, ISO9001, SOC II Type 2 and PCI. We’re FTC Safe Guards Rule compliant and use several failsafes to give our clients full confidence - audits, risk management processes, state-of-the-art encryption protocols and regular reviews of all our systems and processes.Â
To establish a robust infrastructure, we use Amazon Web Services to host Collect. This ensures our product is secure and scalable across all our key markets. We also make full use of their embedded security products, with regular third-party penetration tests. For our customer-facing experiences, they’re built using modern frameworks like React. This combination means our entire collections architecture provides enterprise-grade security and reliability, for all our clients and their customers.
What about the Customer Support team?
For those customers who want to directly speak to someone, they can reach out to our specialist Customer Support team on live chat, phone, SMS or email. Every member of the team is trained on all aspects of collections communications including cybersecurity, regulatory compliance, interaction handling (calls, email, SMS), data security and quality management. We also provide internal training for particular client requirements, to ensure that individual client needs are consistently met.Â
How are new compliance requirements built into Collect?
When entering any new market, our internal teams work closely together to ensure:
- Clear understanding of the compliance requirements for the specific region
- Processes that need to be built into Collect and how this will be carried out
InDebted’s Compliance team is made up of seasoned experts who are specialists in their respective markets. We have specific leaders for each of our locales (United States, Canada, Australia, New Zealand and the United Kingdom), who safeguard operations and ensure we’re at the forefront of any regulatory changes. To bolster our own internal team, we have a network of local legal consultants to call on if needed.Â
Our Compliance team stays on top of any regulatory changes that need to be reflected in our product, to protect both our clients and customers. They work with our Engineering and Data teams to review our existing processes and determine the impact and resources required to remain compliant within the timeframe provided by the regulator.
We proactively plan for legislative changes to minimize any impact to customers, and give clients peace of mind that collections activity will always be up to date with current regulations. A recent example was Visa’s decision earlier this year to prohibit the use of credit cards for collections. This major industry shift was raised internally, and our Finance, Engineering and Client Success teams worked cross-functionally to consult clients, measure the impact and implement the necessary solution.
Learn moreJoin our newsletter for the latest collections insights
Thank you for subscribing!
Join our newsletter for the latest collections insights
Thank you for subscribing!
Share
Other resources
Debt collection in 2025: trends, technologies and opportunities
Key predictions and expert insights on where the collections industry is headed in 2025.Is debt collection right for your subscription business? Weigh up these pros and cons.
Sending your subscribers to collections? We answer your most commonly asked questions here.5 reasons why leading subscription businesses partner with InDebted
InDebted is the trusted solution with five-star reviews, industry-leading performance, flexible payments, self-serve and personalisation that keeps your subscribers happy.The revenue impact of failed subscription payments — and how to recover it
The hidden costs of unpaid subscriptions may be doing more damage to your subscription business than you think.