Introduction
Dealership F&I departments are under unprecedented regulatory scrutiny. In April 2026, the FTC and Maryland Attorney General secured a record-breaking $78.1 million settlement against Lindsay Automotive Group for deceptive pricing practices and charging customers for unwanted add-ons—the largest penalty in automotive retail history. State Attorneys General in New York, Maryland, and Rhode Island have collectively imposed over $7 million in penalties against dealerships for hidden fees and undisclosed add-ons in the past year alone.
F&I compliance is the foundation of a sustainable, profitable dealership—not a box to check. Even after the Fifth Circuit vacated the FTC's CARS Rule in January 2025, enforcement hasn't slowed. The FTC has shifted to case-by-case enforcement using its Section 5 authority, issuing warning letters to 97 auto dealership groups nationwide and making clear that advertised prices must include all mandatory fees.
This post covers the essentials for dealerships navigating today's enforcement environment—with a specific focus on independent and BHPH dealers who often lack the compliance infrastructure of large franchise groups:
- What F&I compliance actually means in practice
- Which federal and state regulations apply to your dealership
- The real cost of violations (fines, litigation, reputational damage)
- How to build a practical compliance program that holds up to scrutiny
TLDR
- F&I compliance means following federal and state laws governing vehicle sales, financing, and product disclosures at every customer touchpoint
- Regulation Z, ECOA, FCRA, the Gramm-Leach-Bliley Act, and state "junk fee" laws are the primary compliance frameworks
- Federal fines reach $53,088 per violation, with state penalties and restitution adding significant exposure on top
- Independent and BHPH dealers can run compliant, profitable F&I programs with standardized processes, staff training, and the right compliance partner
What Is F&I Compliance — and Why It's Non-Negotiable for Dealerships
F&I (Finance and Insurance) is the dealership department responsible for finalizing vehicle financing, presenting aftermarket products like service contracts, GAP insurance, and extended warranties, and completing all regulatory disclosures. F&I compliance refers to adherence to the full body of federal and state laws governing these activities.
The F&I office is one of the most heavily regulated areas of a dealership. It handles consumer credit applications, personal financial data, loan structuring, and insurance product sales — each area governed by overlapping oversight bodies including the FTC, CFPB, and state attorneys general.
The Current Enforcement Climate
Even after the CARS Rule was vacated, enforcement has intensified. The FTC now uses case-by-case UDAP enforcement, resulting in massive penalties:
| Dealership Group | Date | Penalty/Restitution | Key F&I Violations |
|---|---|---|---|
| Lindsay Automotive Group | April 2026 | $78.1 million | Charging for unwanted GAP, service plans, and tire protection without consent |
| Leader Automotive Group | Dec 2024 | $20 million | Unauthorized pre-installed add-ons (Xzilon, LoJack) |
| Passport Automotive Group | Oct 2022 | $3.38 million | Discriminatory financing markups against Black and Latino customers |
The FTC's civil penalties now reach $53,088 per violation as of 2025. When violations affect hundreds of customers, penalties compound into the tens of millions.
Why Compliance Doesn't Have to Cost You Profits
Dealers often treat compliance and profitability as competing priorities. They aren't. A properly structured F&I process, built on clear product menus, consistent disclosures, and fair lending practices, maximizes per-deal revenue by building customer confidence and reducing deal fall-through rates.
A compliant process delivers measurable business benefits:
- Reduces deal fall-through by giving customers a transparent, trustworthy experience
- Increases product attachment rates when customers aren't pressured or confused
- Protects against regulatory penalties that can dwarf any short-term F&I gains
- Strengthens referral rates through a process customers feel comfortable recommending
Key Regulations That Govern Your F&I Department
F&I compliance covers overlapping federal laws, state statutes, and agency rules — and violations in any one area can trigger fines, investigations, or consumer lawsuits. Knowing what each regulation requires, and who in your dealership owns that responsibility, is the starting point for a defensible compliance program.
Federal Laws and Regulations
Regulation Z (Truth in Lending Act): Requires clear disclosure of credit terms before consummation of the transaction, including the creditor's identity, amount financed, finance charge (dollar cost of credit), APR, payment schedule, and total of payments.
Equal Credit Opportunity Act (ECOA): Prohibits discriminatory credit decisions based on race, sex, age, or national origin. Dealers must notify applicants of credit decisions within 30 days after receiving a completed application. Adverse action notices are required when credit is denied or offered on terms substantially different from those requested.
Fair Credit Reporting Act (FCRA): Governs how dealers use and protect credit report data. Requires proper disposal of consumer information and accurate reporting to consumer reporting agencies.
Gramm-Leach-Bliley Act (GLBA): Requires written privacy notices and secure handling of nonpublic personal information collected during financing. Violations carry institutional fines up to $100,000 per violation and personal liability fines up to $10,000 for officers and directors.
FTC Safeguards Rule: By 2023, dealerships were required to implement a formal Written Information Security Program (WISP) covering encryption, access controls, employee training, and third-party vendor oversight. As of May 2024, dealers must notify the FTC within 30 days of discovering a data breach affecting at least 500 consumers.
Red Flags Rule: Requires a written identity theft prevention program to detect fraud in credit transactions.
Form 8300: Dealers must file IRS Form 8300 when receiving more than $10,000 in cash in a single transaction or related transactions within 24 hours. The form must be filed within 15 days of receiving the cash.
OFAC Checks: Dealers must screen customers against the Specially Designated Nationals list. As of March 2025, recordkeeping requirements extend to 10 years—up from five years previously.
Magnuson-Moss Warranty Act: Requires clear, accurate warranty disclosures for any warranties offered to consumers.
State-Level Regulations and Emerging "Junk Fee" Laws
State attorneys general have made dealer fee transparency a priority enforcement area. The settlements below show how quickly exposure accumulates:
| State | Dealership | Date | Penalty | Violation |
|---|---|---|---|---|
| New York | 8 Nissan Dealers | May 2025 | $3.2 million | Adding junk fees or falsifying lease buyout prices |
| Maryland | Darcars of Bowie | Mar 2025 | $3 million | Hidden 2% "sales commissions" and undisclosed markups |
| Rhode Island | 6 Dealerships | Aug 2024 | $1 million | Charging $169-$199 for theft deterrent warranties without consent |
State Fee Transparency Laws:
States are enacting strict price transparency requirements:
- California SB 478: Effective July 2024, makes it illegal to advertise a price that doesn't include all mandatory fees (excluding government taxes and shipping)
- Minnesota: Effective January 2025, prohibits advertising prices without all mandatory fees
- Massachusetts: Regulations effective September 2024 require total price disclosure including all mandatory charges
State Data Privacy Laws: 19 states have enacted comprehensive consumer data privacy laws. States like Montana and Connecticut have eliminated broad GLBA entity-level exemptions, meaning dealers must comply with state privacy laws for marketing data and website tracking even if financial data is GLBA-exempt.
The Real Cost of F&I Non-Compliance
Financial Penalties Scale Rapidly
Federal and state penalties compound quickly when multiple violations or customers are affected:
- FTC violations: $53,088 per violation (2025 rate)
- GLBA violations: Up to $100,000 per institutional violation; $10,000 personal liability for officers and directors
- Consumer restitution: Often exceeds regulatory penalties—Lindsay Automotive paid $75 million in refunds on top of $3.1 million in penalties
Non-Financial Costs
Beyond fines, compliance failures create compounding business damage:
- Reputational exposure: Enforcement actions generate negative press and online reviews that linger in search results long after the case closes
- Lender relationship risk: Finance sources can cut off dealers with compliance violations. The CFPB has stated that indirect auto lenders may be liable under ECOA for dealer markup disparities. Lenders now scrutinize dealer compliance more closely as a result.
- Operational drag: Regulatory investigations and lawsuits consume management time and legal resources for months or years
Class Action Exposure
F&I compliance failures frequently trigger massive class-action litigation. In 2021, a federal court approved a $500 million class-action settlement against Wells Fargo for failing to refund unearned GAP insurance fees to consumers who paid off auto loans early.
Personal Liability for Officers and Directors
Some regulations hold officers and directors personally liable. GLBA carries personal fines up to $10,000 per violation for individual officers. That exposure means compliance cannot be delegated down the org chart. It requires ownership at the management level.
How to Build an F&I Compliance Program That Protects Your Dealership
A dealership compliance program isn't a single document—it's a system of interconnected policies, processes, training, and oversight. Build your program on these four pillars:
1. Appoint a compliance officer with real authority
- Not a figurehead—someone empowered to halt deals that violate policies
- Responsible for monitoring regulatory changes and updating processes
2. Develop a written code of ethics
- Cover F&I-specific behaviors: rate markup limits, no payment packing, no unauthorized add-ons
- Require acknowledgment signatures from all F&I staff
3. Standardize the deal process
- Use checklists and product menus to ensure every required disclosure is captured on every deal
- Document OFAC/ID verification on every transaction
4. Implement ongoing monitoring
- Conduct internal audits and deal reviews
- Schedule periodic outside compliance assessments
Each pillar requires its own documented process. Here's what that looks like in practice.
Standardized F&I Processes
Your standardized F&I process should include:
- Present all aftermarket products (service contracts, GAP, protection plans) as clearly optional, with individual pricing displayed separately
- State explicitly in writing that no product is required for financing
- Maintain deal jackets with all signed disclosures, credit applications, and adverse action notices
- Screen every customer through OFAC/ID verification and retain records for 10 years
Training Requirements
Regular, documented training is non-negotiable for F&I staff. Cover:
- Federal and state regulations (Regulation Z, ECOA, FCRA, GLBA)
- Fair lending practices and non-discriminatory pricing
- Proper handling and protection of customer data
- Your dealership's code of ethics and compliance policies
Employees should sign acknowledgment forms confirming they understand compliance policies. This creates a paper trail that protects the dealership if violations are later alleged.
Record-Keeping Requirements
Good documentation is both a legal requirement and your primary defense in regulatory investigations:
- Regulation Z: Retain evidence of compliance for 2 years after disclosures are made
- ECOA: Retain applications, adverse action notices, and related information for 25 months for consumer credit
- OFAC: Retain sanctions screening records for 10 years (as of March 2025)
- GLBA: Retain privacy policy acknowledgments and security program documentation
DealerRE's Full-Service Compliance Administration
For many independent and franchise dealers, managing all these compliance obligations in-house is operationally overwhelming. DealerRE provides full-service compliance administration as part of its F&I program—managing legal forms, filings, compliance reporting, and renewals on behalf of dealers—so dealers can focus on selling while staying protected.
Founded in 1994 and serving 400+ dealers nationwide, DealerRE handles the administrative and legal side of compliance so nothing falls through the cracks. In-house CPAs and legal counsel review dealership and reinsurance programs to confirm they meet regulatory requirements—giving dealers documented protection rather than just a checklist.
F&I Compliance for Independent and BHPH Dealers
Independent and Buy Here Pay Here (BHPH) dealers operate under the same federal and state regulations as large franchise groups — without the same legal teams or compliance staff to manage them. That gap creates real exposure.
Regulators Are Targeting Independent and BHPH Dealers
Enforcement is not limited to franchise groups. In 2024, the CFPB obtained a default judgment resulting in a $42 million penalty against USASF Servicing, which operated 31 BHPH dealerships. The CFPB alleged the company incorrectly disabled vehicles using starter-interrupt devices over 7,500 times, failed to provide GAP refunds, and conducted illegal repossessions.
According to the NIADA 2025 Used Car Industry Report, independent dealers sold 9.8 million used vehicles in 2025, with BHPH financing claiming a 32.6% market share—larger than banks or credit unions. This massive market presence in vulnerable credit segments ensures BHPH dealers will remain a primary focus for CFPB and FTC enforcement.
Specific Compliance Pressure Points for BHPH Dealers
Because BHPH dealers finance their own customers in-house, they are directly subject to ECOA, FCRA, Adverse Action Notice requirements, and the Red Flags Rule as creditors—not just as dealers arranging credit. The CFPB notes that a dealer is a creditor under ECOA when it evaluates an applicant's information, establishes a buy rate, and finances the transaction.
BHPH dealers must:
- Provide TILA disclosures (APR, finance charges) before contract consummation
- Issue Adverse Action Notices within 30 days for denied or unfavorable credit decisions
- Implement a Red Flags Rule identity theft prevention program
- Ensure vehicle service contracts or mechanical breakdown products are properly disclosed and administered
- Provide GAP refunds when customers pay off loans early
Building Compliance Infrastructure Without Large Legal Teams
Meeting these obligations without a dedicated compliance team is where most independent dealers struggle. DealerRE's F&I training programs — available online and in person — help independent and BHPH dealers build a compliant F&I process that also improves product penetration and per-deal profit. Compliance administration covers:
- Legal forms, filings, and annual renewals
- F&I menu structure aligned with disclosure requirements
- Adverse action and TILA documentation support
This lets dealer staff focus on selling rather than tracking regulatory deadlines.
For independent dealers, compliance also builds credibility with lenders and customers — both groups that have other options. Dealers who are members of NIADA or state independent dealer associations gain access to compliance resources and regulatory advocacy that keep them ahead of changes. DealerRE is a member and sponsor of NIADA and multiple state associations, connecting its clients to a broader network of industry compliance support.
Frequently Asked Questions
What is F&I compliance?
F&I compliance refers to a dealership's adherence to all federal and state laws governing its Finance and Insurance office, including credit disclosure rules, fair lending laws, data privacy requirements, and truthful advertising standards. It ensures dealers operate legally and ethically when financing vehicles and selling protection products.
What does car dealership F and I mean?
F&I stands for Finance and Insurance: the dealership department that finalizes vehicle financing (loan terms, lenders, credit applications) and presents optional protection products like extended warranties, GAP insurance, and service contracts to customers at the point of sale.
What are the financial compliance requirements for dealerships?
Dealerships must meet several overlapping federal and state requirements:
- Regulation Z — Truth in Lending disclosures
- ECOA — Fair lending and adverse action notices
- FCRA — Credit reporting obligations
- Gramm-Leach-Bliley Act — Data privacy and security
- Red Flags Rule — Identity theft prevention
State-specific consumer protection statutes, actively enforced by state attorneys general, add another layer on top of these federal rules.
What is dealership compliance?
Dealership compliance is the broader practice of operating within all applicable federal, state, and local laws—covering advertising, employment, environmental, and safety regulations. For F&I, that means transparent sales practices, proper disclosures, and secure handling of customer data.
How much does it cost to get F&I certified?
F&I certification costs vary by provider, typically ranging from a few hundred dollars for online courses to several thousand for in-person programs. That said, compliance isn't a one-time credential — it requires continuous training, updated processes, and a reliable compliance partner like DealerRE to stay ahead of regulatory changes.
