So, it’s time for bed and you are contemplating the A/C or heat bedroom temperature and how many blankets should be on the bed.

 

It’s critical that you have the right ratio, right? It needs to be that comfortable temperature for you to sleep optimally. You absolutely have to have the proper air temperature to blanket ratio!

 

Or perhaps, in a bold move, you’re considering opening your windows? (That can wreak havoc on the consistent temperature protocol and has to be considered carefully before committing to it. Actual temperatures may vary!)

 

Just like your comfort level depends on small adjustments, the dealership’s health depends on how each employee transacts their business every, single day. Consistency is the key to successes.

Why Small Inconsistencies Create Big Dealership Risk

Or maybe you’re a bold individual who doesn’t go through this calculation each night? (If that’s the case, then, based on my informal poll, you would be an outlier.)

 

Outliers can be great in business, though, when it comes to your dealership. It’s often the exception when I see dealerships fully engaging in completing compliance audits, preventing losses, and managing their risks.

 

You might say that their “discomfort” drives them to ensure their employees are adhering to the federal, state, and local laws, as well as to the protocols set by management.

Operational Risk, Internal Controls, and Employee Behavior

In my consulting practice, I find that the executive managers and owner/operators who engage in these activities ensure that the money they make on selling vehicles, parts, and service doesn’t evaporate from losses and problems. This requires constant vigilance.

 

Let’s examine what could happen to your dealership and if/how you are prepared based on what’s recently been in the news:

 

Embezzlement: The former General Manager of Midland Mitsubishi was jailed for embezzlement of almost $130,000 from his employer.[1] Investigators uncovered multiple schemes including: failure to remit customers’ registration fees, forged checks, inflating his salary, and buying a boat with company funds. [2] The company’s bank account fell to $98.67, and eventually, the dealership has since closed and filed for bankruptcy as reported on August 25, 2025.

 

From a risk perspective, I wonder if the dealership had insurance crime coverage? I also wonder if they knew they could make a claim?

 

Could this happen at your store? Are you checking background reports before you hire? (And as a result of that, are you sending notices in compliance with the Fair Credit Reporting Act?)

 

Other recent dealership thefts include:

 

In Vermont, the office manager of Burlington Subaru/Hyundai plead guilty to wire fraud when she stole $191,000. [3] Of note, this defendant is the third former auto dealership employee to face charges in Vermont alone. [4]

 

A parts manager allegedly stole $575,000 with ordering parts through Formula Nissan and then selling them on Facebook and pocketing the money. [5] He never entered the inventory into the dealership’s system.

 

An F&I manager allegedly stole $145,000 from Fred Haas Nissan in Texas when he was not receipting in customer’s downpayments. [6]

 

Do your employees know who to talk to if they have suspicions?

 

Could any of these happen at your store?

Compliance Exposure, Enforcement Trends, and Financial Fallout

There are plenty of examples and I’m certain you get the idea here. Have audit controls. Audit for certainty. Audit all the time.

 

I once found “an entire Corvette” which was journaled from contracts in transit into another balance sheet account because the responsible person couldn’t get the deal funded.

 

Straw Buyers: In October, 2025, twenty-one (21) people were arrested as they illegally purchased vehicles using phony W-2s, false addresses, fake bank accounts, fake utility receipts, and pay stubs. [7] Overall, one hundred (100) vehicles were fraudulently obtained ($5.5 million in value), of which fifty-three (53) have been recovered.[8]
 
If an employee knows of fraudulent activity at the store, do they understand that there will be no retaliation if they report the problem?
 
Joy Rides and Driving Records: Do you really know your employee population? Have any of them shown bad judgment in their personal driving history?
 
A dealership technician at H&L Chevrolet in Darien, Connecticut, crashed a customer’s Camaro ZL1 1LE worth $97,000 on I-95 when he struck the guardrail at 89 MPH. The customer stated “under no circumstances” could the dealership drive the vehicle off the lot. [9] In an ironic twist, the vehicle was owned by a professional race car driver, Kenny Habul.
 
In Florida, a 23 year-old lot attendant took a 2024 Cadillac CT5-V Blackwing from the lot of Vera Cadillac, without permission, and slammed into another vehicle at 122 MPH, killing the driver of the other vehicle. [10] The vehicle, which he took without permission, had a 668 horsepower engine. The dealership now faces reputational damage and the potential for a lawsuit naming them as responsible for the crash. The lot attendant faces vehicular manslaughter charges.
 
Do you have enough insurance to cover this type of loss of life?

Compliance, Legal, and Other Risks:

Data breaches are happening all the time. It happens to dealerships because they are prime targets as they are a “data rich environment.” Dealerships have social security numbers, proof of income etc. Think about all the “stips” you collect. Data. Breaches. Happen.
 
Here’s a few recent ones:
 

  • CDK [11]
  • Modern Automotive in Massachusetts [12]
  • Tuttle-Click Automotive Group [13]
  • Findlay Automotive Group [14]
  • Karl Malone Auto Group [15]
  • Phil Smith Automotive Group [16]
  • Myers Auto Group [17]
  • Ray Catena Auto Group [18]

 
Globally, automotive cyberattacks resulted in expenses of $22.5 billion in 2024. [19]
 
How have you trained your employees to prevent data breaches? Are you in compliance with the Gramm Leach Bliley Act (GLBA)? Did you know the Federal Trade Commission just recently published a list of FAQs for dealerships answering their questions about the GLBA? [20]
 
So, why would the FTC publish these clarifications? The odds are the FTC is going to begin enforcement of these regulations with auto dealer groups. I am surprised that they haven’t begun enforcement already and the groups listed above could be their first stop.
 
Take Your Own Temperature:
 
Sales: Do your advertisements clearly state all prices and conditions?
 
Sales and service: Are your key controls sufficient to prevent theft problems?
 
F&I: Do the managers explain every, single product clearly? Do they obtain signatures on all forms? (Has anyone ever audited those signatures to see if they are consistent with other signatures from the customers?)
 
Service: Are safety controls encouraged and audited? Is there annual training with important employees acknowledgements? Does that include forklift training? Is it all documented?
 
Parts: Are inventory purchases being properly logged? Do you pay an outside company to do an inventory at least once a year?
 
HR: Are background checks consistent? Do you have a policy and who can make exceptions?
 
What else is actionable here?
 

  1. In addition to outside audits, each department should self-audit and feed the information to a compliance manager who can take action. That person should report directly to the owner or the Board, but outside the normal channels so as to prevent outside pressures. (The compliance team should conduct audits as well, outside of these channels. If your compliance team is not self-auditing, then the dealership doesn’t really have a robust program. Auditing of policies and procedures is the key component to keep the dealership out of trouble.)

 

  1. As an organization, do you celebrate or bonus employees who bring problems to you promptly. (Remember, I advocate “run with bad news and walk with good news,” to minimize how much problems will cost the dealership.)

 

  1. Carefully analyze your internal controls. How could any of these problems happen at your dealership? What can you do to catch them before they happen?

 

  1. If you are an employee, double check one process in your area and ensure everyone is following the company’s policies. Report anything which doesn’t seem right.

 
A few minutes adjusting the thermostat here could save many nights of restless sleep. Just like finding the perfect blanket, compliance is about comfort through consistency. Be brave enough to lift the blanket, see what’s underneath, and take proactive steps to move forward.
 
 
 
[1] https://www.mrt.com/news/crime/article/midland-mitsubishi-gm-embezzlement-21020524.php
[2] https://www.mrt.com/news/crime/article/midland-mitsubishi-gm-embezzlement-21020524.php
[3] https://vermontbiz.com/news/2024/october/04/third-person-charged-after-another-embezzlement-complaint-vermont-auto
[4] https://vermontbiz.com/news/2024/october/04/third-person-charged-after-another-embezzlement-complaint-vermont-auto
[5] https://vtdigger.org/2024/06/19/barre-dealerships-ex-auto-parts-director-admits-to-575k-fraud-scheme/
[6] https://www.click2houston.com/news/local/2024/12/06/abysmal-fraud-unsafe-lawsuits-slam-houston-area-used-car-dealership-for-scamming-customers/
[7] 21 arrested in Miami-Dade fraud ring that illegally bought 100 cars worth millions, sheriff says – CBS Miami
[8] 21 arrested in Miami-Dade fraud ring that illegally bought 100 cars worth millions, sheriff says – CBS Miami
[9] https://www.thedrive.com/news/chevy-dealer-allegedly-wrecked-a-racers-camaro-zl1-while-joyriding
[10] https://www.local10.com/news/local/2025/02/04/dealership-worker-killed-woman-during-122-mph-joyride-in-supercharged-cadillac-cops-say/
[11] https://www.motortrend.com/news/car-dealership-cyberattack-2024-cdk-hack
[12] https://straussborrelli.com/2025/01/03/modern-automotive-network-data-breach-investigation/
[13] https://www.claimdepot.com/data-breach/tuttle-click-automotive-group
[14] https://www.reviewjournal.com/business/source-findlay-operations-nearly-idled-losses-mount-from-cyberattack-suit-filed-3069083/
[15] https://www.classaction.org/data-breach-lawsuits/kmam-management-march-2025
[16] https://www.claimdepot.com/data-breach/phil-smith-automotive-group-2025
[17] https://straussborrelli.com/2025/09/08/myers-auto-group-data-breach-investigation/
[18] https://straussborrelli.com/2025/03/19/ray-catena-auto-group-data-breach-investigation/
[19] https://www.autoremarketing.com/ar/analysis/cyberattacks-cost-auto-industry-22-5b-in-2024-vulnerabilities-reach-record-high/.
[20] https://www.ftc.gov/business-guidance/resources/automobile-dealers-ftcs-safeguards-rule-frequently-asked-questions