Every major SCRA enforcement action shares a root cause that has nothing to do with whether the organization checked military status. They all checked. The problem is when they checked, and whether they ever checked again.
Point-in-time verification means checking DMDC at a single moment: loan origination, lease signing, or the day a collections case opens. After that, the account enters the portfolio and nobody checks again until something goes wrong.
Continuous monitoring means re-screening your entire portfolio on a regular cadence, automatically, to catch servicemembers who enter active duty after becoming your customer or tenant.
The difference between these two approaches is the difference between every SCRA settlement in the DOJ’s $484 million enforcement history and the compliance program the DOJ now expects.
The Gap That Gets You
A civilian signs an auto loan in January. In March, they receive activation orders and report to basic training. In May, they miss a payment. In June, your collections system flags the account. In July, you repossess the vehicle.
At no point did your system re-check military status. The origination check from January showed “not military.” That was accurate at the time. It is no longer accurate, and nobody knows.
This is exactly how the Santander case unfolded. 760 servicemembers had their vehicles repossessed. The investigation started with one Army Specialist whose car was taken during basic training. Santander’s system checked military status at origination and never again.
The same pattern appears in property management. A civilian signs a lease in October. They join the National Guard in December. They receive deployment orders in February. They submit a lease termination request under §3955 of the SCRA. The property manager’s system has no record that this tenant is military. The termination request is denied. A fee is assessed. The servicemember files a complaint.
Greystar paid $1.4 million for this pattern across their portfolio.
What the DOJ Expects Now
The DOJ and CFPB issued a joint letter in December 2024 urging financial institutions to proactively screen their portfolios for eligible servicemembers. The letter does not use the word “continuous.” It uses the word “proactive.” The distinction matters: the regulators are not asking you to check when you feel like it. They are asking you to find servicemembers before adverse action occurs, regardless of when they entered military service.
Major consent decrees filed in the past five years require some form of ongoing monitoring:
- Greystar (2025): Required transitioning to software platforms that prevent automatic imposition of prohibited charges. This implies real-time or near-real-time status awareness.
- CarMax (2026): Required DMDC verification before any repossession, plus four years of DOJ reporting. The “before any repossession” language means the check must happen at the point of adverse action, not at origination.
- Santander (2015): Required ongoing compliance monitoring and quarterly reporting for four years.
The trajectory is clear. Early consent decrees required policy changes and training. Recent ones require technology changes and systematic verification. The DOJ is no longer satisfied with “we have a process.” They want to see evidence that the process is automated, continuous, and auditable.
Three Populations You Miss Without Continuous Monitoring
1. Reserve and National Guard Activations
There are nearly 800,000 members of the Reserve and National Guard. They hold civilian jobs, sign civilian leases, and take out civilian loans. When activated, they receive SCRA protections immediately. If you checked their military status at origination and they were not yet activated, your records show “not military.” They are now military, and you do not know.
Reserve activations have increased significantly in the past decade. Partial mobilizations, training deployments, and disaster response activations all trigger SCRA protections. These activations can last anywhere from 30 days to several years.
2. New Enlistments After Account Opening
Approximately 170,000 people enlist in the military each year. Some of them are already your customers or tenants. The day they ship to basic training, their accounts become SCRA-protected. If you only checked at origination, you have no way of knowing.
3. Status Changes During Service
Servicemembers transition between active duty, reserve status, and civilian life throughout their careers. A servicemember who was on active duty when they signed their lease may have separated by the time they request a lease termination. A reservist who was inactive at loan origination may be on active duty when you initiate collections. Military status is not static. A single check captures a single moment.
The Cost of the Gap
The math is straightforward. If your portfolio has 50,000 accounts and roughly 0.5% of U.S. adults are active-duty military (approximately 1% including Selected Reserve and National Guard), you have an estimated 250-500 accounts that could be SCRA-protected at any given time. Some of those were military at origination and you identified them. Some became military after origination and you have not.
The per-violation civil penalty is $79,380 for a first offense and $158,761 for subsequent offenses (28 CFR §85.5, effective July 3, 2025). A single missed servicemember who triggers a complaint can initiate a DOJ investigation that reviews your entire portfolio.
That is how Santander went from one complaint to a $9.35 million settlement covering 760 servicemembers. The DOJ does not investigate one account. They investigate the system.
What Continuous Monitoring Looks Like in Practice
A compliant continuous monitoring program has four components:
1. Scheduled portfolio re-screening. Every account in your portfolio is checked against DMDC on a regular cadence. Weekly is the minimum for most portfolios. The screening runs automatically, without human intervention, and flags any status changes.
2. Pre-adverse-action verification. Before any adverse action (repossession, foreclosure, eviction filing, default judgment, collections escalation), the system checks DMDC for current military status. This is the last line of defense. Even if the portfolio screen missed someone, this check catches them at the moment it matters most.
3. Automated holds and escalation. When a servicemember is identified, the system automatically applies the appropriate protections: interest rate cap to 6% under §3937, repossession hold under §3952, foreclosure stay under §3953, eviction stay under §3951. No human needs to remember to apply these. The system applies them and notifies the compliance team.
4. Audit trail. Every check, every status change, every protection applied, every adverse action decision is logged with timestamps. When the DOJ asks “did you check military status before repossessing this vehicle?” you can produce the verification record in seconds, not weeks.
The Regulatory Direction
Multiple major law firms published client alerts in 2025 recommending that companies proactively review their SCRA compliance programs. Skadden’s analysis noted that SCRA enforcement has been bipartisan and accelerating: 24 enforcement actions under the first Trump administration, 27 under Biden. The current CFPB has explicitly listed servicemember protection as an enforcement priority despite scaling back in other areas.
The question is not whether your organization needs continuous monitoring. The question is whether you build it before or after the DOJ tells you to.
Organizations that have gone through consent decrees have been required to implement the same infrastructure: automated verification, continuous monitoring, audit trails, and ongoing reporting. Every one of them spent more building it under DOJ supervision than it would have cost to build it proactively.
How many servicemembers are in your portfolio right now? If you don’t know the answer, your verification process has a gap. Find out in 30 seconds.
Related Reading
- Why Manual DMDC Lookups Aren’t Enough
- How to Conduct a Retroactive SCRA Portfolio Audit Before the DOJ Does
- SCRA Compliance Tools Compared: 6 Approaches and When to Use Each
- The True Cost of Manual SCRA Compliance
Related training
See these topics covered in depth in our free SCRA training videos. Watch now →
Ready to automate your SCRA compliance?
See how civrel.io replaces manual processes with continuous, automated monitoring.