|
Introduction
In November of 2007, the Federal
Trade Commission (FTC) and five federal bank
regulatory agencies (FDIC,
OCC, Federal Reserve, OTS and NCUA) jointly issued
the final rules and guidelines implementing sections
114 and 315 of the Fair and Accurate Credit
Transactions Act (FACT Act). Commonly known as the
“Red Flag Rules”, these regulations
require the development, implementation, and
maintenance of a written Identity
Theft Prevention Program by financial institutions
and "creditors" for "covered accounts".
The Compliance deadline was November 1, 2008; however, the FTC has
four times granted a delay of enforcement of the
‘Red Flags’ Rule. December 31, 2010 was the official
enforcement date.
It is important to note the
following:
The Commission urges Congress to act quickly to pass
legislation that will resolve any questions as to
which entities are covered by the Rule and obviate
the need for further enforcement delays. If
Congress passes legislation limiting the scope of
the Red Flags Rule with an effective date earlier
than December 31, 2010, the Commission will begin
enforcement as of that effective date.
|
Who Needs to Meet Red Flag
Regulations?
(choose an industry) |
|
|
|
|
"RED FLAG" Compliance
The Red Flag Rule requires all
financial institutions and creditors with "covered
accounts" to implement an
Identity Theft Prevention Program to detect, prevent
and mitigate identify theft for covered accounts.
The four general elements that the Program must
contain are “reasonable policies and procedures” to:
-
Identify and incorporate Red
Flags for covered accounts
-
Detect Red Flags that are
included in the Program
-
Respond to those Red Flags
appropriately
-
Update the Program periodically
to reflect the risk to the customer or to the
safety of the financial institution or creditor
from identify theft.
|
Our
Solution
(Click
Here to Learn More) |
|
