Federal Agencies Issue 'Red Flags' ID Theft Rule

Several federal agencies published a final rule Nov. 9 directing all financial institutions and creditors that hold consumer account, or any other account for which there is a reasonably foreseeable risk of identity theft, to develop and implement an Identity Theft Prevention Program by Nov. 1, 2008. The rule covers both new and existing accounts. The FDIC, FTC, Federal Reserve, and Treasury are involved.

They call it an identity theft "red flags" rule; it will implement sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003. The President's Identity Theft Task Force has reported that ID theft costs individuals and businesses billions of dollars in losses each year. and there have been numerous high-profile cases that illustrate the danger.

The theft prevention programs must include reasonable policies and procedures for detecting, preventing, and mitigating ID theft and must allow the institution to identify patterns, practices, and specific forms of activity that are "red flags" signaling possible ID theft; detect red flags that have been incorporated into the program; and ensure the program is updated periodically to reflect changes in risks.

In comments submitted before the final rule was issued, consumer groups said the proposed rule gave institutions too much discretion to decide which accounts and red flags to include in their programs and how they would respond to them. Some small financial institutions said they wanted clearer, more structured guidance describing exactly how to develop and implement a program. Most, however, said they are already doing most of what the rule requires. The agencies responded by offering more guidance and by specifying which type of accounts are covered: (1) an account primarily for personal, family, or household purposes, that involves or is designed to permit multiple payments or transactions, or (2) any other account for which there is a reasonably foreseeable risk to customers or the safety and soundness of the financial institution or creditor from ID theft.

Download Center

HTML - No Current Item Deck
  • Get the Ultimate Guide to OSHA Recordkeeping

    OSHA’s Form 300A posting deadline is February 1! Are you prepared? To help answer your key recordkeeping questions, IndustrySafe put together this guide with critical compliance information.

  • Steps to Conduct a JSA

    We've put together a comprehensive step-by-step guide to help you perform a job safety analysis (JSA), which includes a pre-built, JSA checklist and template, steps of a JSA, list of potential job hazards, and an overview of hazard control hierarchy.

  • Levels of a Risk Matrix

    Risk matrices come in many different shapes and sizes. Understanding the components of a risk matrix will allow you and your organization to manage risk effectively.

  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • Industry Safe
TenCate FR Technology

OH&S Digital Edition

  • OHS Magazine Digital Edition - October 2020

    October 2020

    Featuring:

    • FACILITY SECURITY
      EHS Compliance: Make it Personal
    • FOOT PROTECTION
      Choosing the Right Safety Shoe for Your Industry
    • HAND PROTECTION
      A Requirements Checklists for Work Safety Gloves
    • COVID-19 MANAGEMENT
      Contemporary Issues in HSE Management
    View This Issue