Advertising Compliance Review Workflows: What's Changed and What Hasn't in 2024
The Compliance Review Playbook That Actually Works (And the Traps Most Dealers Miss)
Most dealership managers think compliance review is something you do once a year when the lawyer sends a memo. They'll audit a few ads, nod at the checklist, and move on. Then the FTC shows up, or a customer files a complaint, and suddenly that "one-time" process wasn't nearly thorough enough.
The truth is messier than that. Advertising compliance has shifted in meaningful ways over the past three to five years, driven by stricter FTC enforcement, new data privacy rules, and dealer licensing scrutiny. But the fundamentals—the stuff that actually prevents legal trouble—haven't changed. You still need a documented process, consistent oversight, and someone accountable for the output.
Here's what's different, what hasn't, and how to build a workflow that actually protects your rooftops.
What's Actually Changed in the Compliance Landscape
The FTC Got Serious About Safeguards Rule Enforcement
The Safeguards Rule updates that went into effect in 2023 weren't just another policy memo. The FTC has been actively targeting dealerships for inadequate data security and failure to implement reasonable safeguards around customer information. This applies to how you store, transmit, and handle customer data,not just in your CRM, but in every system your team touches.
For dealership operations, this means your digital workflows aren't just operational conveniences anymore. They're compliance vectors. If you're still emailing estimates with customer SSNs attached, or texting trade-in offers with full vehicle identification numbers, you're not just being careless. You're violating federal regulation.
The big shift: the FTC is treating data handling failures as advertising violations. They're not separating "we mishandled customer data" from "we made false claims in ads." Both live in the same enforcement action now.
Privacy Disclosures Got Harder to Hide
Five years ago, a lot of dealers could bury privacy notices in footer text or lock them behind modal windows that no one clicked. The FTC has made it clear that's not acceptable anymore. Disclosures about how you use customer data, what you do with their information, and who has access to it need to be prominent, clear, and actually read by customers before they opt in.
This affects everything from your website privacy policy to SMS opt-in flows, trade-in appraisal forms, and even text-to-stock notifications. If a customer can't reasonably understand what they're agreeing to, you're exposed.
Dealer License Compliance Is Being Audited More Aggressively
State dealer licensing boards have become more proactive about compliance reviews. Some states now require annual certification that your advertising meets state-specific dealer license rules. Others are spot-checking inventory ads against actual vehicle history and condition reports.
The risk: a dealer license suspension or non-renewal isn't just a paperwork headache. It can shut down your operation while you sort it out.
What Hasn't Changed (And Why That Matters)
Accountability Still Requires a Real Person
You need one person,or a small team, for larger groups,who owns compliance review. Not "the marketing team handles it." Not "the general manager approves things." A named person or department with documented authority and a clear process.
That person reviews ads before they run. They maintain a log of what was approved and why. They're the one who catches the mistake before it becomes a customer complaint or an FTC inquiry. They're also the one who can explain to regulators what your process is if you ever get audited.
Dealerships that skip this step typically end up with no one accountable when something goes wrong. And something always goes wrong eventually.
You Still Need a Written Policy
It doesn't have to be a 50-page manual. But you need a document that your team can actually reference and follow. It should cover:
- What types of claims require pre-approval before publication
- Who approves what, and what the escalation process is
- How you document approvals (email trails, spreadsheets, whatever system you use)
- How often you audit what's already live
- How you handle customer complaints or regulator inquiries
- How you stay updated on FTC guidance and state-specific rules
The goal isn't to create busywork. It's to have a reference so your team knows the answer without asking five different people.
Digital Tools Don't Eliminate the Need for Human Review
And here's where I'll probably ruffle a few feathers: a lot of dealers are hoping AI or automated compliance checking will solve this problem. It won't. Not yet, anyway, and maybe not ever.
Compliance review requires judgment. Is a claim substantiated? Is a disclosure prominent enough? Does this marketing approach comply with your state's specific rules? A tool can flag that your ad says "Free Oil Changes" without specifying terms,that's helpful. But a tool can't tell you whether the specific language you're using for a payment offer complies with the TILA-RESPA Integrated Disclosure rule and your state's dealer license requirements simultaneously. That's a human job.
The smartest dealers are using tools to catch obvious errors and speed up the workflow, but they're still putting eyeballs on every ad before it goes live.
Building a Workflow That Scales
The Three-Stage Review Process
Here's a structure that works across single-rooftop and multi-rooftop operations:
Stage 1: Pre-Approval Creation. Your marketing or sales team drafts an ad, promotion, or customer-facing claim. Before it goes anywhere, it gets flagged for compliance review. This happens before the ad spends a dollar or reaches a customer.
Stage 2: Compliance Review. Your compliance owner reads it against your policy and current FTC guidance. For complex claims (especially around financing terms, rebates, or vehicle condition), they might ask legal to weigh in. They document the approval in a trackable format.
Stage 3: Audit and Correction. Monthly or quarterly, you pull a sample of what's been running live. You compare it to what was approved, check that claims are still accurate (especially important for inventory claims and pricing), and identify any drift. If you find something off, you fix it and document the correction.
This is exactly the kind of workflow Dealer1 Solutions was built to handle. Having a single system where marketing creates an estimate or promotion, compliance review is built into the approval chain, and there's an audit trail of who approved what and when makes this process actually sustainable instead of a nightmare of email chains and lost spreadsheets.
Documentation Is Your Defense
Here's something most dealers don't think about until they're already in trouble: if you get a complaint or a regulator inquiry, your documentation is your defense. It shows you had a process. It shows you took it seriously. It shows you acted in good faith.
Conversely, if you have no documentation, you look reckless. Even if your ads were technically compliant, the absence of a review process makes regulators nervous.
Your documentation should show:
- What was reviewed
- Who reviewed it
- When it was approved
- What changes were made before approval
- When it went live and when it came down
A simple spreadsheet works if you're a single store. For multi-rooftop operations, you need something more systematic. Tools like Dealer1 Solutions automatically log this kind of activity, which means you can pull an audit report in minutes instead of digging through months of email.
State Rules Aren't One Size Fits All
A promotion that's perfectly legal in Texas might violate dealer license rules in New York. A privacy disclosure that works for one state might not be prominent enough for another.
If you operate in multiple states, your compliance owner needs to stay current on state-specific requirements. That's not glamorous work, but it's essential. Bookmark your state dealer licensing board's website. Join your state dealer association. Read their compliance updates.
For multi-state dealers, this becomes a real operational task. Centralizing your compliance oversight means having one person or team stay updated on all relevant jurisdictions, then communicating standards down to each location. Some dealers build state-specific versions of their policy. Others use a "minimum across all states" approach that defaults to the strictest requirement.
The Tools That Actually Help (Without Creating False Security)
A few pieces of software can make this process less painful without replacing human judgment.
CMS platforms with approval workflows. If your ads live in a website CMS, that system should have an approval stage before anything goes live. Set it up so that any ad or claim from a specific category requires sign-off before publication.
Inventory management systems with condition flagging. Your vehicle management system should flag when someone tries to list a 2017 Honda Pilot with 105,000 miles as "like new" or when mileage claims don't match the CarFax report. It won't catch every error, but it stops obvious ones.
Estimate and proposal software with disclosure templates. When your team generates a finance offer or promotional estimate, the system should auto-populate required disclosures. This reduces the chance that someone forgets to mention financing terms, rebate conditions, or warranty limitations.
The right operational software gives your team visibility and consistency. It creates an audit trail automatically instead of asking someone to maintain one manually. It's the difference between compliance review being a burden and it being embedded in how you work.
What to Audit and How Often
You don't need to review every single ad every single day. But you do need a systematic sampling approach.
Pull a random sample of 20-30 pieces of live marketing monthly. Check them against your policy. Verify that claims match reality. Look for:
- Pricing or payment claims that don't match actual offers
- Vehicle condition descriptions that conflict with vehicle history reports
- Missing or unclear disclosures
- Claims that lack substantiation
For higher-risk categories,anything involving financing, rebates, or condition claims,increase your sampling size.
If you find issues, document them and correct them. Track patterns. If you notice the same type of error repeatedly, that's a training opportunity for whoever's creating those ads.
The Conversation with Your Leadership Team
Here's the reality that doesn't get talked about enough: compliance review costs money. It requires a person or team, their time, possibly outside legal review on complex issues, and software systems to support the workflow. That all comes out of the bottom line.
But the alternative,not doing it,costs more. An FTC enforcement action, a dealer license suspension, a lawsuit from a customer who says they were misled. That costs real money and operational crisis.
The dealers who handle this best have already made the case to their dealer principal or ownership that compliance review is a cost of doing business. It's not optional. It's insurance.
And unlike actual insurance, which you hope you never use, this one you use every day to catch problems before they become disasters.
Starting Over If You've Been Flying Blind
If your dealership hasn't had a formal compliance review process, don't panic. You can build one.
Start with a written policy. Assign an owner. Do a one-time audit of your current live ads against basic FTC standards (truthfulness, substantiation, clear disclosures). Fix anything glaring. Then implement the three-stage process going forward: pre-approval, review, and periodic audits.
You won't get everything perfect immediately. But you'll move from zero accountability to a real process, which is a massive upgrade.
The dealerships that struggle most are the ones that wait for a problem to treat compliance seriously. The ones that win are already thinking about it.