EFG Hits Digital Compliance and Data Security Head On with PCI DSS Certification and SSAE 18 SOC 2 Recertification - AutoSuccessOnline

EFG Hits Digital Compliance and Data Security Head On with PCI DSS Certification and SSAE 18 SOC 2 Recertification

As retail automotive companies increase their use of digital sales and technology to house personal and confidential information, data breach incidents have a direct impact on revenue.  According to the nonprofit Identity Theft Resource Center, more than half of all small businesses in the US experienced at least one security or data breach in 2021, a 17 percent increase from 2020, at an average expense of $250,000 to $500,000 per incident.

EFG Companies today announced a new achievement in the company’s dedication to deliver the utmost data security for its clients, partners and contract holders:

  • Certification by the Payment Card Industry Security Standards Council as PCI Data Security Standard compliant.
  • Recertification with the Service Organization Control 2 under the Statement of Standards for Attestation Engagements 18 guidelines from the American Institute of Certified Public Accountants.  In 2016, EFG was the first F&I provider to achieve SSAE 16 certification. 

As retail automotive companies increase their use of digital sales and technology to house personal and confidential information, data breach incidents have a direct impact on revenue.  According to the nonprofit Identity Theft Resource Center, more than half of all small businesses in the US experienced at least one security or data breach in 2021, a 17 percent increase from 2020, at an average expense of $250,000 to $500,000 per incident.

“Outside of its own proprietary applications, EFG integrates with close to 25 external platform and menu providers across its seven channels of business,” said Maurice Hamilton, vice president of technology at EFG Companies. “With the amount of confidential consumer information collected in the retail automotive, home warranty and lending industries, data security is mission critical to successfully conducting business, and we aggressively pursue heightened controls and protocols each year.”  

SSAE 18 certification is the most widely recognized information security standard, demonstrating to clients and contract holders that EFG has the necessary processes in place to ensure that personal and confidential information is secure. SOC 2 reports evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality and privacy. 

PCI Data Security Standards protect payment account data for merchants, service providers and financial institutions throughout the payment lifecycle, removing the incentive for criminals to steal it. Specifically, PCI DSS contains a set of requirements based on collaboration between major card brands including American Express, Discover, Mastercard and Visa, to prevent payment data breaches and payment card fraud. Companies achieving certification deliver a higher standard of security for personal confidential information and compliance with federal, state, and local regulatory requirements. 

“The pandemic has greatly accelerated the use of digital tools, and our clients rely on EFG’s technology for everything from rating and selling products, fulfilling contracts and processing claims to managing reinsurance positions and reporting,” said John Pappanastos, president and CEO of EFG Companies. “We take our role as a business partner seriously and have taken the necessary steps to deliver the utmost data security – not only for our own data but that of our clients, partners and contract holders.”

You May Also Like

Vero, Privacy4Cars Partner on Identi-FI, Identity Theft Protection

Auto dealers within the Identi-FI program will be able to offer Vero’s suite of identity theft tools to customers as a revenue-generating service add-on during the sales process.

Vero announced an exclusive partnership with Privacy4Cars to offer Identi-FI, a full-circle solution that protects against personal data abuses by providing peace-of-mind vehicle data deletion and ID theft recovery.

The solution pairs Privacy4Cars' patented AutoCleared and Vehicle Privacy Report tools with Vero's 3-Generation Fully Managed Recovery (FMR), providing a comprehensive solution that is available now as a membership subscription to qualified auto dealers and distributors.

JM Family Enterprises Names President & COO

As president and COO, Chait will be responsible for all company operations within JM Family, working closely with the senior leadership team to execute on company strategies and drive key initiatives. 

Cars.com 2024 Dealer of the Year Awards

The awards recognize the best local car-shopping experiences across America.

Holmes Honda in Shreveport Receives 16th President’s Award

The President’s Award recognizes superior achievement in customer satisfaction, new-car-unit sales volume and business management.

Tim Lamb Group Brokers Sale of Foothills Lincoln Mazda

The Spokane, Washington, dealership has been rebranded but will be keep all existing Foothills team members at their current seniority.

Other Posts

Service Satisfaction Improves but Appointment Wait Times Continue to Grow, J.D. Power Finds  

According to the study, dealers continue to grapple with parts and labor shortages that are fueling longer wait times for appointments.

700Credit Integrates with One View

This integration will allow dealerships to store sensitive consumer information including credit reports and required compliance documentation through a secure integration into the digital deal jacket.

WarrCloud Study: Cost of Processing Auto Warranty Claims Increases by 28%

The study examined current practices surrounding warranty claims, human resource allocations, and the mechanisms of tracking and streamlining service department costs.

Solifi Launches 2024 Global Leasing Report

The report details insights about the world’s top 50 leasing markets.