Red Flags Rule Delayed Again

Posted on July 29, 2009 by Jack J. Gravelle

Earlier today the FTC announced it would delay enforcement of its Red Flags Rule until November 1, 2009.  Enforcement had been scheduled to begin August 1, 2009.  As previously discussed here, the Red Flags Rule is an FTC regulation that requires “creditors” and “financial institutions” with “covered accounts” to have a program in place to detect identity theft.  The term “creditor” is defined broadly to include any entity that regularly extends credit.  A “covered account” is essentially the extension of credit as part of a continuing relationship to purchase a product or service for personal, household, or business purposes.

The rule has garnered significant attention lately from lawyers following the FTC’s announcement in April that the FTC interprets the Red Flags Rule to apply to law firms because law firms bill for services already rendered.  The ABA disagrees and has threatened to sue should the FTC continue to assert that the Rule applies to lawyers.

Tags: ,

Questions Accepted, but Compliance Required: FAQs Regarding Red Flags and Address Discrepancies

Posted on July 15, 2009 by Ken Rathburn

Promulgated under Sections 114 and 315 of the Fair and Accurate Credit Transactions Act (“FACTA”), the rules on Identity Theft Red Flags and Address Discrepancies have caused widespread confusion as to their coverage, application, and compliance requirements. In a coordinated response to this confusion, the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, Office of Thrift Supervision (each, a “Federal Banking Agency”), and the Federal Trade Commission (“FTC”) recently developed a set of frequently asked questions (“FAQs") to assist those that extend credit on covered accounts. 

The FAQs, 37 of them in all, cover the following range of topics:

  • Red Flags Rule Scope
  • Definitions
  • Establishment of an Identity Theft Prevention Program (“Program”)
  • Program Elements
  • Program Administration
  • Red Flags Examples
  • Change of Address Validation
  • Address Discrepancies Rule Scope
  • Establishing a Reasonable Belief
  • Furnishing Information to a Consumer Reporting Agency

For financial institutions regulated by a federal banking agency, the Identity Theft Red Flags and Address Discrepancies under FACTA went into effect on November 1, 2008. For all other consumer creditors, the FTC has delayed the effective date, first to May 1, 2009 and now to August 1, 2009. Please see the FTC’s Red Flags website for further information on the rules and for information and guidance for low-risk businesses on the development and implementation of a complying Program.

Tags: , , , ,