The Short Version
- AI vendor risk is dealership risk. Regulators don't care that "the vendor's AI did it." If an AI tool touches customer data, talks to customers, or influences credit decisions, you own the compliance outcome.
- F&I carries the highest exposure because it concentrates nonpublic personal information, credit-adjacent decisioning, and high-stakes customer impact — but Sales and Service aren't immune.
- Your fastest wins are contract and process. The most enforceable requirements today emphasize written security programs, service provider oversight, audit rights, and recordkeeping. You don't need to wait for new AI laws to tighten controls.
- Governance is a lifecycle, not a checkbox. Due diligence at intake isn't enough. Models change, subprocessors change, and your data flows change. Ongoing monitoring — tied to contract enforcement mechanisms — is what keeps you defensible.
This playbook covers the full vendor lifecycle: exposure assessment → due diligence → contracting → ongoing monitoring → exit planning.
Why This Matters Now
AI adoption in dealerships is accelerating. BDC tools, digital retailing platforms, F&I menu systems, service schedulers, and inventory pricing tools increasingly use AI to automate workflows and customer interactions. The compliance landscape hasn't caught up with specific "AI rules," but existing frameworks already apply — and regulators are watching.
Three realities dealers need to internalize:
- Existing regulations already cover AI. The FTC Safeguards Rule, CFPB guidance on adverse action, FTC enforcement on deceptive practices, and state privacy laws don't carve out exceptions for AI. If the tool handles customer data or influences a regulated decision, the rules apply.
- "The vendor did it" is not a defense. Third-party oversight is a recurring theme across every governance framework in our dataset. You're expected to select vendors carefully, impose contractual safeguards, and monitor ongoing performance. Delegation doesn't mean abdication.
- Enforcement is already happening. FTC actions on auto retail practices (add-ons, pricing, discrimination), CFPB guidance on AI and adverse action, and state privacy enforcement all signal that regulators are paying attention to how technology — including AI — affects consumers.
The good news: a practical governance program is achievable. It doesn't require a dedicated compliance department or a six-figure budget. It requires knowing your exposure, asking the right questions, getting the right contract terms, and maintaining a sustainable monitoring rhythm.
Know Your Exposure by Department
AI risk isn't uniform across the dealership. The compliance exposure depends on what data the tool touches, what decisions it influences, and how it interacts with customers.
F&I: Highest Concentration of Risk
F&I is where AI creates the most compliance exposure because workflows routinely involve:
- Nonpublic personal information (NPI): identity data, income/employment, bank details, credit application data
- Decisioning-adjacent activity: routing to lenders, calculating or recommending terms, flagging stipulations, summarizing credit attributes
- High-stakes customer impact: approvals/declines, pricing/fees, product add-ons, disclosures and consent
If your dealership arranges financing, many AI use cases in F&I — document processing, menu presentation, lender routing, ID verification, underwriting assistance, adverse action support — implicate GLBA/FTC Safeguards Rule obligations and service provider oversight requirements.
Key Regulations for F&I AI
| Regulation | What It Covers | Why It Matters for AI |
|---|---|---|
| FTC Safeguards Rule (GLBA) | Written security program, risk assessment, access controls, encryption, incident response, service provider oversight | Any AI touching credit apps, lender portals, deal jackets, or NPI is a service provider inside your Safeguards program |
| CFPB Circular 2023-03 | Adverse action notices and AI/complex models | If AI influences credit outcomes, you need specific, accurate principal reasons — not generic explanations |
| FTC CARS Rule | Deceptive practices, add-on consent, recordkeeping | AI that generates menus, recommends products, or auto-applies fees creates disclosure and consent risk |
| State Privacy Laws (e.g., CPPA draft ADMT regs) | Automated decisioning transparency, consumer opt-out, risk assessments | Preview of where enforcement is heading: documented assessments + consumer-facing transparency + auditability |
Sales: Disclosure and Pricing Risk
Sales AI exposure is lower than F&I but real, especially for tools that:
- Generate pricing, quotes, or payment estimates
- Create advertising content or offers
- Auto-add fees or products
- Interact directly with customers (chat, text, voice)
The primary risk vector is deceptive practices — claims that are inaccurate, disclosures that are missing, or consent that isn't properly obtained.
Service / Fixed Ops: OEM and Data Privacy Risk
Service AI typically involves appointment scheduling and customer communication, repair recommendations and estimate generation, warranty claim processing, and telematics and connected vehicle data.
The exposure here is less regulatory (for now) and more OEM and data privacy focused. Tools that touch warranty submissions or use connected-car data need clear audit trails and purpose limitations.
Risk Summary by Department
| Department | Primary Risk Vectors | Key Regulations / Standards |
|---|---|---|
| F&I | NPI handling, credit decisioning, adverse action, add-on consent | FTC Safeguards, CFPB 2023-03, CARS Rule, state privacy |
| Sales | Pricing transparency, ad claims, consent controls | FTC deception standards, CARS Rule, state ad laws |
| Service | OEM data, telematics, warranty/recall workflows | OEM program requirements, state privacy laws |
Before You Sign: Vendor Due Diligence
Due diligence isn't about finding reasons to say no — it's about understanding what you're bringing into your compliance perimeter and whether the vendor can support your obligations.
Use this checklist when evaluating AI vendors. Copy it into procurement tickets, RFP responses, and vendor calls.
Data Access and System Boundaries
Owner: Department lead + IT
- What specific data fields does the tool ingest from DMS/CRM/desking/credit applications?
- Does the vendor support field-level access controls (not "all-or-nothing" integration)?
- Can you restrict the AI to read-only versus write-back? If write-back exists, can it be disabled?
- What data does the vendor retain, for how long, and where is it stored?
- Does the vendor use your data for model training or product improvement? Can you opt out?
GLBA / FTC Safeguards Alignment
Owner: F&I + Compliance + IT
- Can the vendor provide a written security program overview: encryption (in transit and at rest), MFA, access logging, vulnerability management?
- What is the vendor's incident response and breach notification process? What are the timelines? Who bears costs? What evidence do they provide?
- How does the vendor manage subprocessors (downstream model providers, hosting, analytics)? Do you have visibility and approval rights?
- Will the vendor sign service provider language acknowledging Safeguards-aligned obligations?
Adverse Action and Decision Accountability
Owner: F&I + Compliance
- If the AI influences credit outcomes (lender routing, approval likelihood, stipulation prediction, decline reasons), can it produce specific principal reasons suitable for adverse action notices — not generic explanations?
- What evidence exists that model outputs are stable, testable, and auditable over time?
- Can the vendor explain how the AI reaches its recommendations in terms a compliance officer (or regulator) can understand?
Monitoring, Audits, and Change Detection
Owner: IT + Compliance + Vendor owner
- Does the vendor support audit rights or provide credible third-party attestations (SOC 2 Type II, ISO 27001)?
- How are material model changes communicated? Release notes? Regression testing results? Ability to delay or decline updates?
- Can you get periodic security and performance reports without having to ask each time?
Retention, Recordkeeping, and Defensibility
Owner: Compliance + IT
- Does the vendor provide audit logs of prompts, outputs, and actions?
- Can logs meet dealership retention requirements for deal jacket documentation and complaint defense?
- Are logs exportable in a format you can use for internal review or regulatory response?
Red Flags by Department
Not every gap is a dealbreaker, but some patterns should make you pause — or walk away.
F&I Red Flags (Highest Risk)
- "We don't handle NPI" while integrating with credit apps, lender routing, or desking exports. (If they touch the data, they handle it.)
- No ability to explain how AI reached a recommendation — no traceability, no audit log.
- Vendor cannot contractually commit to Safeguards-aligned controls or refuses service provider terms.
- "Black box" model updates with no notice. (This breaks defensibility when customers complain or regulators ask questions.)
- Generic adverse action reasons that wouldn't satisfy CFPB expectations.
Sales Red Flags
- AI that auto-adds fees or products or preselects options without explicit consent controls.
- AI that generates ads, offers, or pricing claims without guardrails for required disclosures.
- "Optimization" language that prioritizes conversion or gross with no compliance configuration options.
- No audit trail for what the AI said to a customer.
Service / Fixed Ops Red Flags
- AI that touches OEM warranty submissions, repair recommendations, or recalls with no clear audit trail.
- Tools that ingest telematics or connected-car data without a clear privacy posture and purpose limitation.
- No ability to demonstrate compliance with OEM program requirements.
The Contract: Your Enforcement Engine
A thorough due diligence process is worthless if the contract doesn't lock in the commitments. The contract is where governance becomes enforceable.
For AI vendors — especially those touching customer data or regulated workflows — contracts should reflect that the vendor is inside your compliance perimeter, not outside it.
Minimum Contract Terms
Data Processing and Use Limits
- Purpose limitation: Vendor will not use dealership data for model training or product improvement unless explicitly agreed in writing.
- Subprocessor disclosure: Vendor will maintain a current list of subprocessors and provide notice before adding new ones.
- Subprocessor approval: Dealership has the right to object to new subprocessors that create unacceptable risk.
Security Controls and Verification
- Required safeguards: Vendor will maintain [MFA / encryption in transit and at rest / access logging / vulnerability management] — specify the controls that matter.
- Verification rights: Dealership has the right to audit or receive credible third-party reports (SOC 2 Type II, penetration test summaries) on a defined schedule.
- Security incident notification: Vendor will notify dealership within [24-72 hours] of discovering a security incident affecting dealership data, and will cooperate with investigation and response.
Service Provider Oversight (GLBA/FTC Safeguards Posture)
- Explicit obligation: Vendor acknowledges its role as a service provider under the dealership's information security program and agrees to maintain appropriate safeguards.
- Ongoing assessment support: Vendor will respond to reasonable security questionnaires and provide attestations or remediation commitments on request.
Model and Feature Change Management
- Notice of material changes: Vendor will provide [30 days'] notice before deploying material changes to models, algorithms, or features that affect compliance-relevant workflows.
- Delay/decline rights: Dealership may delay or decline changes that impact compliance until the dealership has reviewed and approved.
Recordkeeping and eDiscovery Readiness
- Access to logs: Vendor will maintain audit logs of [prompts / outputs / actions / user access] and make them available to dealership on request.
- Retention configuration: Vendor will retain logs for at least [X years] or allow dealership to configure retention to meet regulatory requirements.
- Export capabilities: Logs and records will be exportable in a standard format for internal review, regulatory response, or litigation.
Exit and Termination
- Data return/destruction: Upon termination, vendor will return or destroy dealership data within [30 days] and certify destruction in writing.
- Transition support: Vendor will provide reasonable assistance to migrate to a successor solution, including data export and documentation.
- No hostage data: Vendor will not condition data return on payment of disputed fees or settlement of other claims.
Why Exit Terms Matter
Vendor lock-in isn't just an IT inconvenience — it's a compliance risk. If you can't leave a vendor without losing access to records you need for regulatory defense or customer complaints, you've lost control of your compliance posture.
Negotiate exit terms before you need them.
After Go-Live: Ongoing Monitoring
Due diligence and contracting set the foundation. Ongoing monitoring is what keeps you defensible when things change — and things always change.
Models get updated. Subprocessors get swapped. Your own integrations evolve. A vendor that was compliant at signing can drift out of compliance without anyone noticing — unless you're watching.
Tier Your Vendors
Not every AI tool needs the same scrutiny. Use a risk-based tiering approach:
| Tier | Criteria | Examples |
|---|---|---|
| Tier 1 (High) | Touches customer PII/NPI + interacts with customers OR influences credit/pricing/major decisions | F&I menu AI, digital retailing credit tools, AI-powered BDC, lender routing tools |
| Tier 2 (Medium) | Internal efficiency tools with limited customer data exposure | Inventory pricing AI, internal scheduling tools, back-office document processing |
| Tier 3 (Low) | No customer data, low operational impact | Internal productivity tools, code assistants, general-purpose chatbots for staff |
Monitoring Cadence by Tier
Tier 1: Quarterly + Annual
Quarterly (60-90 minutes per vendor):
- KPI and SLA performance review
- Change log review (model versions, integrations, subprocessors)
- Access and logging spot check (sampling-based)
- Open remediation items status
Annually:
- Refresh third-party assurance (SOC 2 Type II, ISO certificates)
- Incident response and breach readiness check
- Data-use restriction re-validation ("Are they still honoring the deal?")
Tier 2: Semi-Annual + Annual
Semi-annually: KPI and change review, basic evidence refresh
Annually: Assurance refresh if they handle NPI or integrate with core systems
Tier 3: Annual Only
Lightweight attestation and "What changed?" review
Quarterly Review Details
1. KPI and SLA Performance Review
Owner: Department lead + Ops
Don't just accept the vendor's dashboard — define your own metrics:
- Operational KPIs: Uptime, latency, outages, response time, ticket backlog
- Business KPIs: Appointments set, show rate, sold rate, call answer rate (department-dependent)
- AI Quality KPIs: Accuracy/groundedness, escalation rate to humans, error rate, complaint rate
2. Change Review: "What Changed Since Last Quarter?"
Owner: IT + Vendor owner
Request a simple vendor change summary covering:
- Model or version updates (including "silent" backend model swaps)
- New integrations (CRM/DMS/telephony changes)
- Subprocessor changes
- New data types collected (voice recordings, IDs, chat transcripts)
3. Access and Logging Spot Check
Owner: IT/Security
You don't need a full audit — do sampling-based review:
- Confirm only approved vendor roles have access
- Review a sample of access logs (or vendor-provided access reports)
- Confirm logs are retained and exportable
4. Open Remediation Items
Owner: Vendor owner
Track exceptions like you'd track open receivables:
- Findings from prior SOC reports or pen tests
- Promised roadmap fixes that impact compliance
- Contract deliverables not met (reports, evidence, feature commitments)
Trigger Events
Scheduled monitoring isn't enough. Define triggers that force out-of-cycle review:
- Model update or version swap (especially customer-facing)
- New data type collected or new integration
- Subprocessor change
- Security incident (vendor or key subprocessor)
- Material KPI regression (accuracy drop, complaint spike, escalation spike)
- Regulatory change affecting your use case
Build these triggers into your vendor management process — and into your contracts.
Exit Planning
Exit planning isn't pessimism — it's risk management. Vendors get acquired, pivot their products, raise prices, or simply fail to perform. Having an exit path protects your compliance posture and your operations.
Before You Need to Leave
- Document your data flows. Know what data lives in the vendor's system and how it connects to your other tools.
- Test your exports. Don't wait until termination to discover that "exportable" means "CSV with no documentation."
- Identify alternatives. Know what you'd switch to and what the migration would require.
When to Trigger Exit
- Repeated failure to meet SLAs or provide required reports
- Security incident with inadequate response
- Material change to terms or pricing without adequate notice
- Loss of key certifications (SOC 2, ISO)
- Regulatory action against the vendor
- Strategic misalignment (vendor pivots away from your use case)
Building Your Monitoring Program
A sustainable governance program is mostly a calendar, clear owners, and a shared folder — not a 40-page policy document.
Step 1: Inventory Your AI Vendors (1-2 hours)
List every AI tool in use or under evaluation. For each:
- What department owns it?
- What data does it touch?
- Does it interact with customers?
- Does it influence regulated decisions?
Assign a tier (High / Medium / Low) based on the criteria above.
Step 2: Set Your Calendar
- Tier 1: Quarterly reviews (pick a week each quarter) + annual deep review
- Tier 2: Semi-annual reviews + annual assurance refresh
- Tier 3: Annual review only
Put it on the calendar. Assign owners. Treat it like you'd treat month-end close.
Step 3: Create Your Evidence Repository
Simple shared folder structure:
/AI Vendor Governance
/[Vendor Name]
/Contracts
/Due Diligence
/Quarterly Reviews
/2025-Q1
/2025-Q2
...
/Annual Reviews
/2025
/IncidentsWhen a regulator or auditor asks, you can show your work.
Step 4: Build Contract Enforcement Habits
Monitoring only works if you negotiated the rights. If your current contracts are missing key terms, add them at renewal. Prioritize:
- Audit/evidence rights
- Change notification
- Security incident SLAs
- Data return/destruction
- Subprocessor visibility
Step 5: Define Escalation Paths
Who decides when a finding is serious enough to escalate? Who approves remediation timelines? Who can trigger termination?
Document this before you need it.
Sources and Methodology
How We Developed This Playbook
This playbook was developed using Maximum Automotive Intelligence's governance research system — a team of AI agents that continuously surveys the compliance landscape to understand how regulatory frameworks, industry standards, and enforcement patterns are evolving.
The research process works as follows:
- Source discovery: AI agents identify and retrieve regulatory guidance, industry frameworks, enforcement actions, and practitioner resources relevant to AI governance in automotive retail.
- Structured extraction: Each source is analyzed and decomposed into structured records capturing key requirements, affected departments, monitoring obligations, and contract terms.
- Synthesis and validation: Records are queried and cross-referenced to identify patterns, gaps, and actionable guidance — then validated against primary regulatory sources.
Data Sources
This playbook synthesizes governance research from Maximum Automotive Intelligence's research database, including:
- 81 due diligence framework records with ongoing monitoring guidance
- 23 regulatory guidance records from federal and state regulators
- 17 industry standard records from standards bodies and professional associations
- Additional records with contract requirement specifications and enforcement precedents
Primary sources (regulators, standards bodies) are prioritized for "what's expected"; secondary sources (practitioner guidance, vendor documentation) inform "how to implement."
Governance Frameworks Referenced
Regulatory / Compliance
- FTC Safeguards Rule FAQ for automobile dealers
- CFPB Circular 2023-03: Adverse action notification requirements
- FTC CARS Rule
- FTC: AI companies must uphold privacy/confidentiality commitments
AI Governance Frameworks
Third-Party Risk Management
Assurance Standards
Contracting Guidance
Limitations
- Dataset mixes primary sources (regulators, standards bodies) and secondary sources (practitioner blogs, vendor guidance). Primary sources are prioritized for "what's expected"; secondary sources inform "how to implement."
- Some frameworks referenced are draft or best-practice guidance (e.g., CPPA ADMT draft, OCC bulletin applied as a model) rather than directly enforceable rules for dealers.
Assumptions
- Reader operates a U.S. dealership evaluating or using AI that touches customer data, credit workflows, or customer-facing interactions.
- Legal requirements vary by state and data type; counsel review is recommended for contract language and regulated workflows.
- "AI vendors" includes both customer-facing tools (digital retail, chat, BDC) and back-office tools (document processing, decisioning support, compliance review).
This playbook is intended as operational guidance, not legal advice. Consult qualified counsel for compliance decisions specific to your dealership's situation and jurisdiction.