Identity Theft is the Fastest Growing Crime in America
Complying with the Red Flags Rule
Under the Red Flags Rule, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs - or "red flags" of identity theft.
These may include, for example, unusual account activity, fraud alerts on a consumer credit report, or attempted use of suspicious account application documents.
The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program.
The program must be managed by the Board of Directors or senior level employees of the financial institution or creditor, include appropriate staff training, and provide for oversight of any service providers.
How flexible is the Red Flags Rule?
The Red Flags Rule provide all financial institutions and creditors the opportunity to design and implement a program that is appropriate to their size, scope and complexity of the business, as well as the nature of their operations. Guidelines issued by the FTC, the federal banking agencies, and the NCUA (ftc.gov/opa/2007/10/redflag.shtm) should be helpful in assisting covered entities in designing their programs.
A supplement to the guidelines identifies 26 possible red flags. These red flags are not a checklist, but rather, are examples that financial institutions and creditors may want to use as a starting point. They fall into five categories:
* alerts, notifications, or warnings from a consumer reporting agency;
* suspicious documents;
* suspicious personally identifying information, such as a suspicious address;
* unusual use of or suspicious activity relating to a covered account; and
* notices from customers, victims of identity theft, law enforcement authorities, or other businesses about possible identity theft in connection with covered accounts.
More detailed compliance guidance on the Red Flags Rule will be forthcoming.
Complying with the Red Flags Rule
Under the Red Flags Rule, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs - or "red flags" of identity theft.
These may include, for example, unusual account activity, fraud alerts on a consumer credit report, or attempted use of suspicious account application documents.
The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program.
The program must be managed by the Board of Directors or senior level employees of the financial institution or creditor, include appropriate staff training, and provide for oversight of any service providers.
These may include, for example, unusual account activity, fraud alerts on a consumer credit report, or attempted use of suspicious account application documents.
The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program.
The program must be managed by the Board of Directors or senior level employees of the financial institution or creditor, include appropriate staff training, and provide for oversight of any service providers.
How flexible is the Red Flags Rule?
The Red Flags Rule provide all financial institutions and creditors the opportunity to design and implement a program that is appropriate to their size, scope and complexity of the business, as well as the nature of their operations. Guidelines issued by the FTC, the federal banking agencies, and the NCUA (ftc.gov/opa/2007/10/redflag.shtm) should be helpful in assisting covered entities in designing their programs.
A supplement to the guidelines identifies 26 possible red flags. These red flags are not a checklist, but rather, are examples that financial institutions and creditors may want to use as a starting point. They fall into five categories:
* alerts, notifications, or warnings from a consumer reporting agency;
* suspicious documents;
* suspicious personally identifying information, such as a suspicious address;
* unusual use of or suspicious activity relating to a covered account; and
* notices from customers, victims of identity theft, law enforcement authorities, or other businesses about possible identity theft in connection with covered accounts.
More detailed compliance guidance on the Red Flags Rule will be forthcoming.
The Red Flags Rule provide all financial institutions and creditors the opportunity to design and implement a program that is appropriate to their size, scope and complexity of the business, as well as the nature of their operations. Guidelines issued by the FTC, the federal banking agencies, and the NCUA (ftc.gov/opa/2007/10/redflag.shtm) should be helpful in assisting covered entities in designing their programs.
A supplement to the guidelines identifies 26 possible red flags. These red flags are not a checklist, but rather, are examples that financial institutions and creditors may want to use as a starting point. They fall into five categories:
A supplement to the guidelines identifies 26 possible red flags. These red flags are not a checklist, but rather, are examples that financial institutions and creditors may want to use as a starting point. They fall into five categories:
-
* alerts, notifications, or warnings from a consumer reporting agency;
* suspicious documents;
* suspicious personally identifying information, such as a suspicious address;
* unusual use of or suspicious activity relating to a covered account; and
* notices from customers, victims of identity theft, law enforcement authorities, or other businesses about possible identity theft in connection with covered accounts.
© All Rights Reserved
ID Educators
ID Educators