New Federal Rules Require Program to Respond to ‘Red Flags’ for Identity Theft - California Chamber of Commerce

Home | HRCalifornia | Store

About Us | Contact Us

CalChamber Member: Chevron Corporation - Reproduced with permission of Chevron Corporation


Daily Headlines Top Story Archives Videos Press Releases Inside the Capitol Alert Newsletter CalChamber in the News RSS CalChamber Fact Sheet Calendar of Events	phTitle New Federal Rules Require Program to Respond to ‘Red Flags’ for Identity Theft phImage phMainContent (November 3, 2008) The Federal Trade Commission (FTC), the Federal Reserve and three other federal regulatory agencies are set to phase in new rules mandating how financial institutions and other businesses manage cases involving suspicious credit transactions. A general outreach campaign is underway to inform businesses and financial institutions of their responsibilities under the new rules, which went into full effect on November 1. The director of the FTC Bureau of Consumer Protection, Lydia Parnes, said in a news release that the FTC is encouraging “all organizations that have ongoing accounts or relationships with consumers to keep an eye out for red flags that signal identity theft.” Consumer fraud losses related to identity theft totaled $1.2 billion in one year, according to the FTC. The average loss for an individual was $349. Written Policy Needed The rules require businesses considered creditors or financial institutions to develop a written policy for responding to “red flag” cases. According to the rules, a creditor or financial institution could include “any entity that regularly extends, renews or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit.” Examples of businesses covered under the new rules are thrift creditors that issue credit cards, auto dealers and computer hardware websites that offer financing. Model ‘Red Flags’ The FTC has compiled a list of model “red flags” in an appendix to the *Federal Register* and is encouraging businesses to incorporate into their policies these model red flags. The FTC is continuing to develop model “red flags” for businesses to use. “Red flag” warning signs proposed so far include the following: A consumer report indicating a pattern of activity that is inconsistent with the history and usual pattern of activity, such as a sudden increase of activity or use in a foreign country. A photograph, physical description or other identifying information that is not consistent with the appearance of an applicant or customer. Personal information provided that is inconsistent when compared against external sources, such as an address presented with an application that does not match any address in the consumer report. Personal information provided that is of a type commonly associated with fraudulent activity, such as an address that is fictitious, a mail drop or a prison, or if a telephone number provided is associated with a pager or answering service. Following a notice of change of address, the financial institution receives a request for a new, additional or replacement card or for the addition of authorized users on the account. The majority of available credit is used for cash advances or merchandise that is easily convertible to cash (for example, electronics or jewelry). Mail sent to the customer is returned repeatedly as undeliverable although transactions continue. The financial institution or creditor is notified that the customer is not receiving paper account statements. The financial institution is notified by a customer or law enforcement agency that it has opened a fraudulent account for a person engaged in identity theft. Appropriate Responses Some red flag warnings will be more indicative of fraud than others, according to the FTC. A red flag policy developed by a business to respond could include any or all of the following recommendations by the FTC: monitoring an account for evidence of identity theft; contacting the customer; changing any passwords, security codes or security devices that permit access to the account; reopening an account with a new account number; closing an account; not attempting to collect on an account or selling an account to a debt collector; notifying law enforcement; or determining that no response is needed. Although the FTC recently announced that it will not enforce the new Red Flag Rules until May 1, 2009, this announcement does not affect companies subject to the enforcement agencies other than the FTC. Those agencies include the Federal Deposit Insurance Corporation, the Federal Reserve Board, the Office of the Controller of the Currency, the Office of Thrift Supervision, and the National Credit Union Administration. Toll-Free Help The FTC has established a toll-free help line for businesses and consumers interested in learning more about the red flag rules: (877) FTC-HELP. Compliance Training The California Chamber of Commerce will be offering “red flags” compliance training. Information is available at www.calbizcentral.com. Staff Contact: Valerie Nera

Click to verify BBB accreditation and to see a BBB report.

Free Newsletters

Hot Topics

Issues

References

About CalChamber

© 2012 California Chamber of Commerce.
Terms of Use and Privacy Policy