Red Flags Rule Scheduled to Take Effect June 1, 2010
After several delays, the Red Flags Rule is scheduled to take effect on June 1, 2010. This rule, enforced by the Federal Trade Commission (FTC), requires businesses and organizations to develop and implement a written Identity Theft Prevention Program designed to detect signs, or “red flags” of identity theft in their daily operations, take steps to prevent it and mitigate the danger caused by it.
The Red Flags Rule applies to “financial institutions” and “creditors” who have “covered accounts.” Financial institutions include banks, credit unions, or any other entity that holds a transaction account belonging to a customer, whether directly or indirectly, and that offers accounts where the customer can make payments or transfers to third parties.
Creditors include businesses or organizations that regularly defer payment for goods or services, or who provide goods and services and bill customers later. Creditors are also entities who regularly offer, arrange for or extend credit to customers. Utility companies, health care providers, telecommunications companies, finance companies, mortgage brokers and real estate agencies, automobile dealers and retailers that offer financing or help consumers get financing from others fall into this category.
NOTE: Simply accepting credit cards as a form of payment does not designate you a creditor under the Red Flags Rule.
Covered accounts are those that are offered primarily for personal, family or household uses that permit multiple payments or transactions, or an account for which there is a reasonable risk of identity theft. Examples are credit card accounts, loans, utility accounts, bank accounts and small business accounts.
An Identity Theft Program must include four (4) basic elements:
1. Reasonable policies and procedures to identify the “red flags” that companies may run across in the daily operation of business, suspicious patterns, practices, or specific activities that indicate the possibility of identity theft.
2. The program must be designed to detect the red flags described in the policies. For example, if you have identified fake driver’s licenses as a red flag, then you must have procedures in place to detect them.
3. The program must spell out the appropriate actions to take when red flags are detected.
4. Employers must address the methods by which they will re-evaluate their procedures periodically to ensure they are relevant at all times.
Employers will also need to designate the person from the organization who will be responsible for implementing and administering the plan effectively, and offer appropriate staff training. Employers must also address how to monitor contractors’ compliance. Finally, the head of the company must approve the plan, whether it be the Board of Directors or an appropriate senior employee in the organization.
For more information, please see the FTC’s pamphlet, Fighting Fraud with the Red Flags Rule: A How-To Guide For Business.
There are 1 Comments to "Red Flags Rule Scheduled to Take Effect June 1, 2010"
Please e-mail me your contacts. I have a question webmaster@spottovo.ru” rel=”nofollow”>……
Thank you!!!…