FTC Red Flags Compliance
The Red Flags Rule was created by the Federal Trade Commission (FTC), along with other government agencies such as the NCUA, to help prevent identity theft. This act was passed in January 2008, and was to be in place by November 1, 2008. But due to push backs by opposition; the new deadline is June 1, 2010
At the request of Members of Congress, the Federal Trade Commission delayed enforcement of the “Red Flags” Rule until June 1, 2010, for financial institutions and creditors subject to enforcement by the FTC.
The Rule was promulgated under the Fair and Accurate Credit Transactions Act, in which Congress directed the Commission and other agencies to develop regulations requiring “creditors” and “financial institutions” to address the risk of identity theft. The resulting Red Flags Rule requires all such entities that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.
The Commission previously delayed the enforcement of the Rule for entities under its jurisdiction until November 1, 2009. The Commission staff has continued to provide guidance to entities within its jurisdiction, both through materials posted on the dedicated Red Flags Rule Web site (www.ftc.gov/redflagsrule), and in speeches and participation in seminars, conferences and other training events to numerous groups.
The Red Flags Rule sets out how certain businesses and organizations must develop, implement, and administer their Identity Theft Prevention Programs. Your Program must include four basic elements, which together create a framework to address the threat of identity theft.
The four basic elements to the program are:
1) Identify Relevant Red Flags
* Identify the red flags of identity theft you’re likely to come across in your business
2) Detect Red Flags
* Set up procedures to detect those red flags in your day-to-day operations
3) Prevent and Mitigate Identity Theft
* If you spot the red flags you’ve identified, respond appropriately to prevent and mitigate the harm done
4) Update your Program
* The risks of identity theft can change rapidly, so it’s important to keep your Program current and educate your staff
The Red Flags Rules provide all financial institutions and creditors the opportunity to design and implement a program that is appropriate to their size and complexity, as well as the nature of their operations [4].
The red flags fall into five categories:
* alerts, notifications, or warnings from a consumer reporting agency
* suspicious documents
* suspicious personally identifying information, such as a suspicious address
* unusual use of – or suspicious activity relating to – a covered account
* notices from customers, victims of identity theft, law enforcement authorities, or other businesses about possible identity theft in connection with covered accounts
See more at the FTC's site at www.ftc.gov/redflagsrule
Categories
Contact Us
Phone number:
1-612-234-7848
E-mail: