Skip to content

Licensing

You Can't Outsource Risk

← All articles
Filed under Licensing

Since the burden of compliance flows upstream and you can no longer simply outsource risk downstream it is now imperative that credit grantors and debt buyers understand the state licensing requirements of all their downstream partners and develop a process to make sure that they remain in compliance at all times.

Before we move forward let's make sure that we all understand the stream metaphor. At the top of the stream is the credit grantor...the entity that originally extended credit to the consumer. When that debt goes unpaid and the credit grantor decides to go outside its own organization to continue collection efforts, the debt flows downstream.

They may sell it downstream to a debt buyer or outsource the collection efforts downstream to a collection agency or collection attorney. No matter the flow, the credit grantor is responsible for the downstream compliance of anyone who touches the accounts they originated.

As such, from a licensing perspective the credit grantor needs to fully understand the licensing and registration requirements of everyone downstream and have a process in place to make sure the debt buyers and agencies that handle their accounts remain licensed appropriately. Similarly, debt buyers must also understand not only where they are required to license but if they decide to outsource any of the collection efforts downstream they are required to understand the licensing and registration requirements of their collection partners and have a process in place to make sure that their outsource partners remain licensed appropriately.

It is really quite simple; the regulators have built a framework where they are effectively pushing down the cost of making sure thousands of agencies are licensed appropriately to the credit grantors and debt buyers by holding them accountable for it.

Given the regulatory framework that has been created, the next logical question for credit grantors and debt buyers to ask and answer is:

How do I understand the licensing and registration requirements of everyone downstream and develop a process to make sure that they remain compliant?

  1. Identify all downstream service providers
    Credit grantors and debt buyers need to know who is handling collection accounts downstream, what type of agency they are (collection agency, collection law firm), what services they are providing (sending letters, making calls, suing, etc.), and a list of locations from which they will be communicating with debtors.
  2. Develop a standard licensing matrix Once you understand who your service providers are you can begin the task of identifying what licenses and registrations they are required to maintain to service your accounts. Developing a licensing matrix that becomes the standard by which to measure statutory compliance is critical to managing a review process designed to mitigate exposure.
  3. Perform an initial licensing audit Using the standard licensing matrix as a baseline, now you can identify where a service provider is licensed and conversely any gaps that may exist. All licensing information is public and can be obtained directly from the states. In our experience, it is not advisable to rely on copies of licenses or other data provided by your downstream service providers.
  4. Remedy any gaps identified
    Once you have performed the initial assessment and identified gaps it is important that you not let your downstream service providers continue to work accounts in the jurisdictions where they are not appropriately licensed. Make sure that the license is obtained and you have verified its existence before sending accounts back. It should be noted that the general condition of an organizations licensing tends to reflect their overall entity compliance and can often be used as a proxy to measure risk associated with that particular organization.
  5. Ongoing licensing audits
    Independently audit the licensing and registration of all downstream providers on a regular basis. Most license and registrations expire on a regular basis. It is generally sufficient to make sure that a downstream service provider renews each license on a timely basis and only do another full audit in the event something is uncovered during your ongoing reviews that make it prudent to do so.
  6. Monitoring legislative changes and regulatory opinions
    Remember that it is very important that you monitor legislative changes and regulatory opinions that may affect your standard licensing matrix.

No matter the scope of your oversight program there is no way to mitigate the exposure related to using a downstream provider that is not appropriately licensed. To account for this risk, most credit grantors and debt buyers require their downstream service providers to maintain a certain level of professional liability (E&O) insurance.

To verify that this requirement is met it is customary for the credit grantor to request a certificate of insurance. While a certificate of insurance does validate (if not fraudulent) the existence of a policy (carrier, coverage amount, deductible, expiration date), it provides no information on the underlying policy.

Insurance companies have varying policy forms that do not always provide the appropriate language to effectively minimize risk for specific niche industries (many policies may specifically exclude FDCPA violations, TCPA violations or even client coverage designed to protect the creditors they represent).

Insurance companies also have varying financial ratings (AM Best rating). These ratings are an important indicator/predictor of a company's ability to handle financial obligations. Insurance agents do not always understand the risks specific to the collection industry and may unknowingly recommend a policy with inadequate coverage.

Collection agencies many times rely on the experience of their insurance agent and do not always read their policy in its entirety and do not understand what specifically is covered and conversely what is not. Don't just check the box and make sure that your downstream service providers have insurance.

Make sure the insurance they have protects both you and them from any risks associated with the services you are asking them to provide on our behalf.

We know our industry does not operate in a static regulatory environment. Requirements, rules and regulations are changing all the time. Ensure that you and any agencies you work with are licensed appropriately, be certain that the changes are reflected in your organization's licensing and insurance strategy.

Though it can seem overwhelming, just remember you have the resources and the knowledge to ask the tough questions and maintain your compliance.

Found This Useful? Let's Get You Set Up.

Start an application and an expert will tailor the next steps to your situation.

Related reading

Maryland Rent Collection in 2026: 7 Licensing Risks Property Managers Must Avoid

Licensing

Maryland Rent Collection in 2026: 7 Licensing Risks Property Managers Must Avoid

Property managers in Maryland are running into a question that is getting more attention and creating real operational risk. Does collecting rent, especially when a tenant is past due, trigger Maryland's collection agency licensing requirements?

Licensing Challenges for Mortgage Servicers

Licensing

Licensing Challenges for Mortgage Servicers

Mortgage servicers play a central role in the housing finance system. They collect borrower payments, manage escrow accounts, respond to customer inquiries, and step in with loss mitigation or foreclosure processes when borrowers fall behind. Servicers act as the day-to-day managers of loans after origination, ensuring that cash flows properly between borrowers and investors. Since [...]

The Pros and Cons of Outsourcing Debt Collection for Startups and Small Businesses

Licensing

The Pros and Cons of Outsourcing Debt Collection for Startups and Small Businesses

Cash flow is the lifeblood of every startup. When customers delay or default on payments, even the most innovative ideas can stall. Founders often face a critical challenge: Should we collect overdue invoices ourselves, or hand them off to a third-party debt collection agency? Outsourcing debt collection - sometimes called debt recovery outsourcing - has become increasingly common for [...]

"You're Fired!"

Licensing

"You're Fired!"

"What?? How did this happen?!" You've worked your tail off for this client. You've always been first or second in batch track performance, and you get along great with the recovery manager. OK, so you seem to be getting sued more often and you're spending more time answering complaints. But that comes with the territory, [...]

10 Security Tips for Working Remotely

Licensing

10 Security Tips for Working Remotely

Editors Note: In recent weeks many companies were thrust into a situation where they were forced to work remotely or temporarily close the doors. To learn more about the need to manage privacy and security remotely, we sought out wisdom and best practices from an expert in the field. 10 Security Tips for Working Remotely [...]

12 Key Requirements of the FTC's Updated Safeguards Rule

Compliance

12 Key Requirements of the FTC's Updated Safeguards Rule

The FTC's updated Safeguards Rule sets 12 specific security requirements for financial institutions under the Gramm-Leach-Bliley Act. Here is what each one asks for and who has to comply.

Browse the full insights library, meet our editorial team, or download our whitepapers.

Insights

Found This Useful? Let's Get You Set Up.

An expert will respond within one business day.