Andrew Pace:

Welcome back to ACS Portfolio Perspective. I’m your host Andrew Pace Chief Client Experience Officer at Asset Complaint Solutions. 

I’m joined today by my colleague Greg Meyer, our CFO, CIO and sometimes our uh-oh guy, Greg has been with ACS for nearly 18 years. And in that time, he’s been very instrumental in shaping the company’s approach to data security, technology, infrastructure, and compliance. Beyond overseeing our financial operations, his leadership in implementing SOC2 compliance systems has helped set a new standard for secure data handling in the collections and recovery space. 

With deep expertise in both financial technology and risk management, Greg offers a unique perspective on how lenders can leverage secure tech to protect their assets and drive portfolio performance. Greg, welcome to the show.

Greg Meyer:

Thanks for having me, Andrew. I appreciate the opportunity to be part of your series here. So, it’s a fun conversation, I hope. 

Andrew Pace:

I’m looking forward to it.So let’s start with the foundation, data integrity, in an industry where systems rarely speak the same language, maintaining clean, consistent data can be a real challenge. 

So, Greg, how can institutions ensure data integrity across multiple systems and touchpoints?

Greg Meyer:

Well, I think the first part about data integrity is really that it’s a foundational concept, right? It’s those things that you need, you need in order to be able to do other stuff. There’s a saying around, going around now that says no data, no clue. And, you know, data is a super important thing. So data integrity, data hygiene is a super important foundational concept in all of

IT right now. And it’s a constant struggle. I think you have, you know, you’re fighting your users who, you know, are trying to work as efficiently as they can and maybe don’t want to collect data. We have issues with, you know, our clients, our lenders that, you know, data is an important part of the privacy aspects, the confidential aspects. So we have to be careful about what data we’re collecting and what we’re making available and how we’re sharing it, both with them and with their customers. And I think it’s a, It’s a really important concept that, you know, you have to work at every single day to make sure that you’re doing the best job you can there, so. 

Andrew Pace:

Absolutely, so, you know, so once, you know, let’s talk about accuracy, how, you know, once data is accurate, the next step is making it useful and obviously not all pipelines deliver insights that you can act on. 

So in your experience, what turns a basic data line into one that’s truly actionable?

Greg Meyer:

So, well, this is where the reporting aspect comes, comes in. Because once you start with clean data, you have to, as you said, be able to act on it in some way. I think there’s, there’s the, the concept of, you know, a lot of things you can report on or happen in the past, but you want to use that to inform your decision-making so you can use it to work towards the future. So are you selecting data points to measure that have the capability of, you know, making that determination or is it just telling you what happened? What happened is important. You know, we need to know what happened. But, you know, you want to have data points that can help you make decisions in the future on things. 

You know, for instance, when we’ve invoiced our clients for the services we’re doing, that can give us insight into what our cash flow is going to be like for the next few weeks, you know, based on the timing of all those things. The same goes from debtor collections. When we’re collecting money, depositing the account, we can use that information to tell our clients what we’re going to be sending them next week. So part of that’s the past, but part of that is talking about, you know, what’s going on in the future and how to make decisions on that stuff as we go along.

Andrew Pace:

Okay.

Greg Meyer:

And that makes sense. 

Andrew Pace:

Sure. And what do they say? Data for the sake of data doesn’t move the needle, but clean, well-structured data can be real differentiators. So how do you see clean data translating and do a competitive advantage, especially in portfolio management? 

Greg Meyer:

Yes, I’ll go back a little bit because you referenced earlier, and I don’t think I answer your question clean, cleanly about the idea that you have data points that maybe you’re interacting with multiple systems. We have integrations with clients, for instance, where some of them are automated, some of them are and some are just file exchanges and so on. So how do you make sure that the data stays consistent between the client system and our system? And then as we interact with the disparate systems that we actually use for some things. So being clean and all those things is important, making sure there’s consistency across those things. And any time you have a human enter the equation to move data from one place to another, you’re creating an opportunity for something to get a mistake to be made, you know, not maliciously necessarily, just by human error. So the more you can do through having computer systems talk to each other through an API type environment or some other integration will help keep the data consistency across the platforms too. 

So the clients are seeing the same thing we’re seeing if we have an integration with their system and so on. So, you know, I think that is a super important concept to start to continue working towards building systems that can talk easily to each other so that we’re all working from the same, the same, I think, basic truth, I guess. Sure, what’s going on. 

Andrew Pace:

Of course. Collecting, leveraging data comes with serious responsibilities.

With growing privacy regulations and rising customer expectations, how do you strike the bright balance between gathering enough data and protecting individual privacy?

Greg Meyer:

Yeah, so I think it has to start with what do we need to do the job. You know, we talk a lot about, you and I have talked a lot in the past about how clients, you know, they’ll send us their internal account number, which they consider non -public personal information. And we don’t really need that information. We need it. The clients want us to use it when we communicate back with them because it allows them to tie the information in their system to what we’re providing to them in an easier way. But we don’t necessarily need it to do our job. So where a client needs, you know, wants to limit and reduce the amount of information they’re disclosing to us then for security or confidentiality reasons with their clients. 

To reduce the risk around if there’s a data breach or something like that, what might get into the public, or into the public domain, you know, we can be clear to that. Well, we actually don’t need that data. We’re only using it for your convenience, you know, at that point. So if you want to not give it to us, that’s fine with us. You know, so things like that, I think, are important in making sure you’re only getting the data you actually need. So there’s less at risk if there were to be a problem.

Andrew Pace:

Gotcha. Yeah. So let’s shift to something you love to talk about: cybersecurity, you know, an area that’s become increasingly critical in financial services. Threats are constantly evolving. Collections and asset -based lending have huge, unique vulnerabilities. 

Greg, what are some of the most pressing and emerging cybersecurity threats you’re seeing in this space? 

Greg Meyer:

Yeah, so I think the biggest one is, you know, the concept of people trying to, we work with a lot of subcontractors and we’re making a lot of paying payments. I think the one area of risk for us is if one of those agents gets compromised in some way, are they able to somehow get it or spoof us or create a fishing campaign with us that allows us to change who we’re paying or something like that when we’ve done that. And we’ve actually had those things happen where a client or an agent’s email will get compromised. They’ll send up a message asking us to change where we send their payments. And, you know, it’s not a real message. It’s from a hacker of some kind. So being conscious of those kinds of things could lead to problems. 

You know, we’ve integrated a control, for instance, where any change to an agent’s payment information or a vendor’s paying payment information has to be voice verified by somebody from our office to try to make sure that, you know, we’re not falling for those kinds of things. You know, we do things, other things to prevent attacks too, like having good training programs from our employees and making sure that they are given the tools that they need to recognize things when they don’t seem right. And keeping track of that stuff, making a little bit competitive and gamifying a little bit. We have a competitive group, as you know. So, you know, giving them an opportunity to improve their scores and so on around their knowledge in IT is really, really a good tool for that to make sure that’s done. 

But also the technological tools we use to filter aggressive spam filtering and things like that to notify people that when they’re not faced with having to make the choice because the spam detectors are better and good enough to be able to do things like that. 

Andrew Pace:

So yeah, I mean, that’s you hit the nail on the head there. The number one threat is people, right? So it’s really about what are you, what are you doing to protect, you know, to protect your and your client’s information is to properly make sure that your people are trained. We have weekly micro training sessions, and there’s some annual questionnaires that go out as well. So let’s shift into Stockton Compliance. Go ahead. 

Greg Meyer:

Yeah, okay. Well, I was just going to clarify, too, that, you know, this financial information that we’re part of, that’s part of our domain and what we work with is super high value target, right? So we don’t want to be in the news and we don’t want to do that. So we want to do things that are best practice in terms of trying to cut down on that. And so you’re leading right into the SOC2, which I think is really important aspect for us. More and more of our lenders are asking for it. It really was a must for us at some point because it’s the gold standard right now for operational security in terms of making sure that we are doing all we can to protect our clients’ data, and their customers’ data, too, as well as our data, because we’re all part of that thing, though, too. 

So our SOC2, we focus on security, availability, and confidentiality so that our systems are secure, and we can’t get, You know, the opportunities for getting compromised are quite low. Our systems are available so that if there’s a problem that our clients can access our system and our employees can access our system too and we won’t be down. And then the confidentiality part of it to make sure that we have good processes and controls in place to make sure we’re not sharing information with people who it shouldn’t be shared with.

Andrew Pace:

Yeah, so let’s, for those who may not be familiar, how would you say SOC2 compliance helps protect both lenders and their consumers? 

Greg Meyer:

Well, I think in our case, you know, it forces us to have really consistent policies and procedures and do a good better job documenting those, those things as a company that doesn’t have the thousands of employees that one of our clients might have as a, you know, a boutique service provider, if you will, you know, we have less structure at times around some things. Our banks expect us to have some of that structure too. So it’s forced us to think about it in a way that our banks think, think about it and our clients think about it and make it a little more consistent. 

I think one of the funny things you and I’ve talked about before is a lot of our clients expressed that if we got a SOC2 audit at times, that that would be great. They would ask fewer questions, but it actually turns out they’re asking more questions now as we get it because we’ve actually increased our level of sophistication around that area, so they want to engage more in conversations about what specific things we’re doing and how it works to help all of them. So it’s been a very positive thing overall, I think, for making sure that we stay in our marketplace on the cutting edge of, you know, protecting our clients and their customers. 

Andrew Pace:

And it’s, you know, it’s an investment, right? And it’s not something that you just do once, right? I mean, you have to go through the audit annually, right?

Greg Meyer:

Yeah, yeah, correct. It’s an annual update. The audit period isn’t necessary in the annual period because you want to be able to issue the auditor at the same time every year. But it’s, you know, it goes through and you have to refresh it and make sure that if you’ve changed any of your policies and procedures through the year, that those are tested as part of the new, you know, the new time period and so on. 

So It’s a continuously updating process because the threats change, too. That’s another part of it as the years go by. And you want to make sure you’re keeping up in terms of how your policies and your technological controls can help mitigate risks there.

Andrew Pace:

Right. And obviously, data rarely stays with one organization, especially in what we do where we have lenders, we have service providers, vendors, where we need to exchange information regularly. 

What do you think are some of the most important considerations when sharing sensitive financial data between those institutions? 

Greg Meyer:

So I think that, first of all, maintaining a secure way of transmission. We have to encrypt everything, right? So whether that means we’re exchanging files directly through a certificate

exchange program directly with their server, we’re using a secure FTP site, which we make available to some clients, whether we’re just emailing encrypted spreadsheets back and forth or using a bank’s internal email system where we have to log into their system, I think, are all ways

to start. Start by encrypting your data as you exchange it so that even if someone were to be able to intercept it, that they can’t in any way get at it. That’s the number one. 

I think the second thing is to make sure you’re only sharing the data that actually needs to be shared. You know, we talked about that a little bit earlier, minimizing the amount of data that you have to maintain reduces the risk, you know, that you’re going to lose control of things, too. 

Andrew Pace:

You know, that’s great. 

Greg Meyer:

Yeah, I think SOC2 is a cultural shift, too. You have to think about it in terms of not just, you have to think about it in terms of not just how it affects our clients, but the cultural shift internally to think about that it has to be something that is everybody’s job to be secure. You know, we have to, hence the training and those kinds of things to make sure that everybody in the company understands the importance of not losing control of our data. And I don’t know, you know, this is another issue that, you know, we sometimes face is, you know, there’s a disconnect sometimes between the business people we deal with at a bank and their IT people that are trying to enforce security on some things. 

Our business people don’t necessarily care so much about the, I shouldn’t use the word care. It gets in their way sometimes of trying to do their job when they have to do these really secure ways of communicating with us. So where their IT people want to be super secure. I joke all the time that the IT security folks at banks would just rather close the vault and not do business with anybody to prevent any risk of them stealing stuff. And then you have the business people at the other end who are trying to make deals and make stuff happen where IT can slow them down. 

So dealing with that disparity too, I think, is a challenge that we have to face. That sometimes something a client asks for isn’t necessarily what is practical from an IT security standpoint. So we have to be in constant dialogue with both the business people that we work with every day and the IT people we might talk to once a quarter or once a year to make sure that we’re satisfying both of their needs.

Andrew Pace:

Right, right. So let’s pivot to technology optimization in recovery operations. And with so many tools available, it can be hard to separate the must -haves from the nice-to-haves. You know, we have that struggle internally. 

How do you go about evaluating the return on investment for technology and collections and recovery?

Greg Meyer:

Right. So I think that, you know, for instance, there’s what, maybe six, six or eight different GPS systems out there right now that our clients might choose from when they’re installing them in their units right now. And, you know, we’re not necessarily a customer of all six, six of those things. And so making sure the data that we have the right procedures around you access and using that data is important. And is it makes sense for us to try to connect our system to those systems right away? Does it make any sense to do it for one bank that has four units and a system that not a lot of people use? Probably not.

The ROI really isn’t really that high for that. We can create a procedural thing about that. But if we have a high volume on, we have 10 of our highest volume clients involved in it, that’s where you might want to look and see, can we connect our system to that GPS system through their APIs to bring that data down without having to have human interaction and making sure that people can log in and get that data in a manual way. So I think you have to look at whether you’re doing it for the sake of doing it because it’s cool or whether you get real benefit out of it. It doesn’t have to be a financial benefit. It can be a higher security benefit or it can be just an efficiency benefit you gain from doing something, too. 

Andrew Pace:

Sure. And even the best technology can fall short if systems aren’t even speaking to each other. In your experience, what are some of the most common? And you might have touched on this earlier, I think, when you talked about the APIs, but some of the most common integration challenges between the lenders and the server serviceers. 

Greg Meyer:

Yeah, I think what one of them is that, you know, the lenders seem to have a very different approach to how they manage their assets as in groupings. You know, we have some lenders that no matter how big their accounts are, they want to talk to us about individual assets all the time. We have others that want to deal with groups of accounts on an account by account basis. So there might be three assets on one account and four on another and one on a third, you know, versus that. And there’s others that want to talk to us about how the assets fit into our placements. You know, they all come together, even though they might be part of separate accounts or contracts. 

So building our system to be flexible enough to be able to accommodate those differences and how our clients deal with data is a very important aspect of being efficient, too, so that we can not have to have our people remember, oh, this client does it that way and that client does another way. You know, we have constant challenges trying to deal with those, those things, be it for complaints, be it for just how we invoice them at the end of the job and so on. So, you know, there’s accommodated the difference of being flexible enough to handle those things I think is really important.

Andrew Pace:

Absolutely. So automation continues to be a hot topic, but there’s a fine line between efficiency and in personal service. 

Where do you see automation adding value and recovery without hurting the most, you know, the important customer experience or client experience?

Greg Meyer:

Yeah. I think, I think where humans excel right now is in making judgments and communicating, I think that, you know, we can use AI tools to help us communicate better, but I think in deciding who to communicate and what information to convey is different than the format of it and are you communicating in a clear and concise way. So that’s where the AI tools can help on the communication side. But I think humans just making the decision about what is needed in this communication, you know, is an important place. And then the judgments about how do we handle a situation we might run into the field. 

We have so many different scenarios that happen out in the field when we’re working on a recovery that, you know, I don’t think AI tools can really be able to sort through that data to make a good decision at this point, but where those automation tools in AI can come into play are in repetitive tasks, You know, making sure consistency is maintained when we are any data in the system. Learning so that if certain things are true, those lead to other things being true. 

So creating some automations and some rules so that your people don’t have to be inputting every field, for instance, you can derive information from certain things. Being smart about those kinds of things is important. And then you have to make the choice. Is it something we program in as an automation or something we look for an AI tool to try to do as a more of a generic tool for that. So you have to make a decision about where is the cost lie in that? What’s the benefit of it?

Andrew Pace:

Right. Efficiencies are great, but you also, you don’t want to lose that personal interactions that you have with clients. It’s great. Hey, go log into our system you can grab updates anytime you want but if you know if that’s if that’s where you land and that’s the only interaction they’re having with you they’re you know you don’t have that personal you know connection with them.

Greg Meyer:

And this is where the flexibility comes in again too because we have we do have some clients that love to log into our system and look for updates on the report but with it we have others who have an IT compliance team that doesn’t want to have them log in directly to our system, they would prefer them only work out of their system. So we have to find a way to get the data back to them so that they can interact with us that way. We have other clients that would rather get an email. Every time we do an update, they want to get the update email to them so that they don’t have to worry about that, which is where we start to think about things. Well, what are we including in the update? 

And is it information that’s, Since email is a plain text system, can you actually send over an email system? We have some banks that are using internal email systems that require us to log into them to communicate with them. And we might not be able to create an automated message from our system to theirs because there’s no mechanism for our system to log into their email system or send something in that way. So trying to be flexible again, to be able to accommodate all of those different communication styles of the lender is important, too. So your automation tools have to be able to be flexible in that regard also, whether it’s through creating a spreadsheet once a day to drop on an FTP server versus sending an email update every time, time it happens, or creating the file and using an API to provide that. 

We actually have an API we’ve developed so that people can place accounts with us and retrieve the notes from the system directly. So if there’s us, you know, enough, enough will on the client side to take advantage of that with their system, then, you know, it’s a useful way of communicating too. Let me make another point here. I think that’s important because I think what we’re trying to move towards is more and more real-time integrations or more and more real -time information sharing, too. And that’s where some of these tools, the automation tools and integration tools can become helpful, too, to provide more of a real -time information. We have, you know, lots of clients that, you know, they want to know immediately when an asset is picked up. They don’t want to wait until the invoice shows up in a couple of days. The pay paperwork comes in. 

We have some clients that don’t necessarily, that can wait for that, but if we can create indications in real time of what’s going on in our system, I think they’re much more likely to trust the work that we’re performing, that we’re actually making progress on accounts and moving towards completion. So I think if we can use automation tools to move information around, more of a real -time way, that’s also very helpful to how we use technology to create efficiency.

Andrew Pace:

Yeah, I think where I was gonna go earlier, especially when we use the encrypted emails, it’s difficult for us because we don’t have access to those emails as far as from a historical purpose where any emails that we You know, we have, you know, we have to maintain those records for, you know, so many years. But when we use those encrypted emails, we can’t go back and see where, you know, where’s the, you know, the thread, what was the communication and back and forth. 

So that, you know, creates some challenges internally from a compliance standpoint from our perspective, right? 

Greg Meyer:

Yeah, no, that’s a great point. I think we have challenges where, you know, the lenders, rightfully so, want to protect their data. And so any confidential information, they don’t want to actually leave their email system so that they have an automated system that might flag that and require us to log into their portal to see whatever information that has to respond to it. That’s a challenge for us from a record’s retention requirement because we can’t keep a record of those communications. And there’s actually the FDCPA, for instance, requires us to keep all communications related to debt collections for at least a year after we cease collection activity on the account. So if we can’t get access to those emails, it actually creates problems for us that we need to find ways to overcome. 

Some of them are, and they’re competing requirements. They’re competing requests. And so you have to find a middle ground at times to be able to maintain both of our objectives in that case. So where we have communication in that way that we have to maintain, that’s where our system can come into place. We can take those emails through their system and add them into our system as notations on the account or updates on the accounts so that we can maintain that. But that’s a manual process right now because there’s no integration between these email systems at the firewall versus you know being able to have the system access them automatically.

Andrew Pace:

Right, well let’s get into our final topic. One of our favorites, I saved our most favorite for last. 

Regulatory compliance and risk management so let’s wrap up with the top of mind for many organizations operating across jurisdictions, regulatory compliance, managing different rules, different states, it can get complicated pretty fast.

What do you see as the biggest challenge when it comes to multi-state compliance? 

Greg Meyer:

So I think the biggest one is how aggressive some of the states are being right now. We’re seeing the CFPB with the most recent change in administrations get way more, way less aggressive in terms of how it’s approaching compliance or, you know, the regulatory part of lending at a national level. And you’re seeing states like California step in and try to be more aggressive to push the envelope even higher. You know, there’s going to be a new law in California that requires us to treat small business debt like consumer debt at times. And the CFB had talked, CFPB had talked about that a couple of years ago, but they backed off that clearly, and it’s not going to happen with the Trump administration now. 

But now that creates a difference than how we have to treat things in California versus some other states and staying abreast of all things, those things are important, which is why we maintain a, you know, relationships with the CLA, for instance, which is the conference I’m currently at in Chicago, to make sure that we’re staying abreast of all of those things that are changing out there, and we can make sure compliance is part, part of what we’re doing. It is a challenge, and we have a compliance challenge because we deal not only in collection, but recovery. We have different laws and states related to repossessions and how you recover those assets and the notification requirements you need to provide to police and to be licensed in a certain state. 

You know, all those differences you have, our staff has to be really well educated on that. So if we can provide a good guide from a technology standpoint of what the differences are in the state that they’re working in on a particular account, then we have a much better chance to make sure that we’re following the rules of that state when it happens. You also have states where, you know, the debtors in one state and the equipment in another. And so how do you make sure that you’re navigating that in a way that is, you know, not going to run afoul of either of those state, state laws. You have to treat the debtor a certain way and the equipment has to be treated a different way because you’re in a different state.

Andrew Pace:

Right yeah typically it’s where the equipment is and you have to adhere to the recovery rules in that state and and there are over a dozen license you know licensed required states to do any type of repossession you know if the accounts in default and you know either a voluntary or involuntary repossession you’re required required use of license repossession agent. And that’s something that, obviously, we manage that. And, you know, we pretty much have a compliance department that, you know, maybe talk a little bit about that. I mean, you know, all the different types of, you know, steps that we have to follow to ensure that we’re protecting our clients’ best interests.

Greg Meyer:

Yeah. So I think like technology in a way, I don’t like to think of it as a cost center, I like to think of it more of as a technological edge or a competitive advantage for us. You know, having technology that automates things and makes things more efficient is, you know, an important thing. But compliance, you know, compliance is not part of, it’s not really a cost so much, is having good compliance sets us apart so that, you know, one of our first core values is to do the right thing. So that’s an important part is to live that core value is to make sure we’re aware of and following the laws and requirements of every state we’re working in. And the jurisdictional differences can be quite large, even in states that are right next to each other. So it’s just a super important part of what we do and making sure we’re not going to, you know, cause a problem for the lender and create a legal dispute or something like that.

So, and then the other thing about compliance is it builds trust, I think, too, with our clients and with our customers, with their customers that we’re collecting on, recovering assets. If we’re doing things the right way, they’re going to trust that we’re not, we’re keeping everybody’s best interests at heart, you know, and we’re trying to not ruin somebody’s life, but try to bring a situation under control so that everybody’s best interests are satisfied in some way.

Andrew Pace:

So we talked about compliance as a cost center. It’s something you have to do, but is there a case to be made, that getting it right can actually give lenders a competitive advantage? 

Greg Meyer:

Yes, so this is where we talk about sometimes brand protection for our clients so that, you know, when they’re in the marketplace trying to, I mean, they’re in the business of lending money. They make money by lending money. So their brand is very important to that effect. And so if they’re doing things right and they’re working with service providers who are maintaining those standards in the field that helps their brand and helps them be more attractive to somebody who’s considering borrowing money. There’s lots of choices out there when it comes to all of that. So I think having a lender who is clear and has clear standards and expects those standards to be followed all the way through their supply chain, I think, can help them, you know, attract more customers. 

And then another way, I guess, to think about it is that it makes it easier to work for a customer to work with the lender. If they’re clear about the systems they use and the requirements of the loan process. If it’s less friction to work with a lender, it makes them more attractive also by having good controls in place.

Andrew Pace:

Sure. And you know, we talk about how to scale compliance frameworks as the business grows. You know, growth is obviously a good problem to have, but also raises the stakes for staying compliant. 

So as companies expand, how do you build a compliance framework that can grow with the business?

Greg Meyer:

So this is where standardization is important. You know, making sure that you’re reducing the number of choices that your employees have to make all the time. And so having standard procedures is an important part of this. Making sure the paperwork is all done consistently in the same way every time. There’s fewer judgments to make when everything’s consistent that way. You put stuff in the right bucket. We don’t want our employees to have to memorize 50 sets of rules necessarily anyway, 50 sets of rules times two because there’s the collection rules and then there’s the repossession rules. 

So if we can build ways into our system to remind them of those things, both at the client level requirements and state level requirements, because I miss that, though, too. We have requirements for individual clients. You know, we try to build tools into our system so that the screens that our employees are looking at include the things they have to pay attention to for that client or in that state when they’re working on an account.

Andrew Pace:

You mentioned there were two sets, two sets of rules, right? What was the, you mentioned? 

Greg Meyer:

So there was the collection rules and the recovery rules and the recovery And the repossession rules. But then layered on top of that, you have the client rules that might be a little bit different, too. They want to handle something in a certain way. So you have to make sure that what the client’s asking for is consistent or aligned with what the states are requiring in terms of how we

collect or how we repossess things. In some states, You know, you have to in -person collection attempts are regulated in a different way than phone collection attempts. Or if you’re trying to recover the asset versus just trying to inspect the asset, there’s different things you have to worry about there, too. So to have to, what I was referring to is that there’s 50 different sets of rules for collecting money. 

And then there’s different rules even for consumer versus commercial, depending on some states. And then you actually have all the recovery rules that go along with that, is the repossession agent need to be licensed and so on. There’s our requirements we place on them to make sure that they’re not running, you know, creating a beach of the piece incident or something like that. And then you’ve got the client requirements layered on top of all of that.

Andrew Pace:

So yeah, I think that’s where I was getting to. 

Greg Meyer:

Yeah, it’s very multi -dimensional because you have the client, the clients run across the states where the states are more of a silo. And so you have to be able to, you know, create a system that can communicate in a way and can take in those multi -dimensions when it’s, when it’s presenting that information to the employee in the system. 

There’s also a consistency issue to make sure that, you know, the decision making is happening the similar way, no matter which of our employees is working on it. Making sure our procedures are clear and they’re trained appropriately, you know, to make decisions in a consistent way, too, is important. 

Andrew Pace:

Yeah, I think earlier I was going to add, you talked about, you know, the states, the clients, and obviously each state has different consumer and consumer and commercial requirements. We know that firsthand with the ability to be able to add collection fees to pass two balances. You know, that’s, you know, that will obviously depend on the state, right? Like state like Colorado, for example, or the language in some of our clients’ contracts may not allow, you know, agencies to add fees to pass -through balances. So I think those are some great points that you bring up there. You brought up the stakeholders, right? The client, we have, you know, obviously the states. And then each state has different consumer and commercial, you know, requirements too. 

Like we went through this a few years ago with a client with collection fees in a state where on consumer accounts, you can’t add fees. So we had to restructure, you know, how, you know, how we invoice and charge, you know, fees for that specific client for that state. And then they took a very aggressive approach and decided that it didn’t matter. We’re just going to cross the country, right? We’re going to apply this rule, even though the other 49 states don’t require it, it’s just easy to just do it across the board and to try to have different rules for different states, right? 

Greg Meyer:

Yeah, and this is where I think the system can help you in that regard. We’ve built in the ability to apply flat fees or percentage fees. We’ve built in the ability to be able to add it on and build it to We’re in remitting gross and bill to the client versus deducting our fee and submitting it because we’re adding it in or we’re not adding it in.

So we’ve built the capability to create a flat fee versus a percentage fee, remit in gross, remittance, net. All of those capabilities are important in making sure that, you know, the client’s compliance requirements can be accommodated in the recovery process or the collection process and how we handle that money and submit it back to the client. 

Andrew Pace:

Greg, I really appreciate you taking the time to walk through all this today. Your insight into the intersection of finance, technology, and compliance is invaluable, especially as these areas become more and more interconnected. 

Was there anything else that you were hoping to dive into that we didn’t get a chance to cover today? 

Greg Meyer:

Well, we touched on, I think one of the big things that, you know, the challenges we face is around, you know, third party then their management is an important aspect of the bank. And we come back through, you know, we deal with that by having the SOC2 and being, you know, very transparent with our clients around making sure that we’re able to implement all, all their objectives. I think there’s one other aspect that we sort of missed on, or I didn’t quite make clear, is the idea of roles -based access to when we’re talking about security and confidentiality, making sure that people have access to the information they need to do their job, but they don’t have access to information that, you know, potentially could create a security risk or, you know, data out data out in the field. 

So using a least privileged approach to access to data is important so that people who have all the information they need to do the job and know more than that. So and, you know, I think IT and accounting is a really important place where business records and business processes interact. You know, I’ve spent years, you know, in technology and accounting. I always thought it was really important from early in my career to try to marry technology and accounting together. You know, I became a CPA in 1993, I think it was. 

Andrew Pace:

Now you’re updating yourself here. 

Greg Meyer:

Now I’m really dating myself. 

Andrew Pace:

I was a sophomore in high school.

Greg Meyer:

But during the time I was in public accounting, I was always interested in the angle of technology and how it worked with accounting. And so right from the very beginnings, when QuickBooks started to make its appearance, even before Windows became a thing, I was interested in technology and how to marry accounting and technology together to make it important and to use it as a competitive advantage as opposed to just being or cost. Technology can be our friend if you use it appropriately.

But I think too many businesses, and thankfully ACS isn’t one of those, focuses on technology as a cost and not as an enabler. And we’re at the cutting edge. We’re making sure our people have new hardware that doesn’t have security vulnerabilities in it. We’re continuously updating our software. We’re making sure we’re using the best best in class tools you know and and and and doing a good job around the compliance requirements of our clients to be a market leader for the industry.

Andrew Pace:

So great great, thanks again Greg it’s always a pleasure to our listeners thank you for joining us on ACS Portfolio Perspective. 

If you found today’s episode helpful we Love it if you subscribe, leave a review, and share it with your network. We’ll be back soon with more conversations from across the asset-based lending and recovery world. 

Until next time.