The Identity Theft Red Flags Rules of the FACT Act require a financial institution or creditor to develop and implement an Identity Theft Prevention Program (ITPP) to protect their customer “covered” accounts. Covered accounts include mortgage and automobile loans, and credit card, margin, cell phone, utility, checking or savings accounts. Also included are small business or sole proprietorship accounts.
Under the new rules, ITPPs have to include procedures to detect, prevent and mitigate identity theft by identifying relevant patterns, practices and activity that are “red flags” signaling possible identity theft.
The compliance deadline for establishment of an ITPP is May 1, 2009. Noncompliance could result in fines, penalties and potential reputational damage.
Worried about your ITPP facing examination by the regulatory boards?
Contact the experts at Jefferson Wells. We’ve assisted organizations with compliance and the core components of the Identity Theft Red Flags Rules for more than 10 years.
Sarbanes-Oxley. PCI-DSS. You may have met these compliance challenges, but are you prepared to tackle the Identity Theft “Red Flags” Rules of the Fair and Accurate Credit Transaction Act?
