Something had to be done...
The Identity Theft Red Flags Rule implements section 114 of the Fair and Accurate Credit Transactions Act (FACT Act). To combat identity theft, the Identity Theft Red Flags Rule requires all financial institutions and creditors to develop and implement a written identity theft prevention program.
What is the Rule? It is the Final Rule on Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003, as published in the Federal Register, Vol. 72, No. 217, on Friday, November 9, 2007. Download a free copy of ID Theft Red Flags Rule.
Who is covered by the Rule?
The Rule applies to a financial institution or a creditor such as a:
- Bank
- Savings Association
- Credit Union
- Mortgage Lender
- Mortgage Broker
- Consumer Lender
- Auto or Motorcycle Dealer
- Utility Company
- Phone Company
- Other Creditor
The Rule applies to deposit, loan or other accounts made to a person for personal, family, or household purposes that involves or is designed to permit multiple payments or transactions such as a credit card account, mortgage loan, automobile loan, margin account, cell phone account, utility account, checking account, savings account or other account. The Rule can also apply to other accounts - such as business accounts - if those accounts pose a "reasonably foreseeable" risk of identity theft, or a risk of loss to the financial institution or creditor.
What are the compliance requirements?
The Rule mandates that each covered entity:
- Perform a risk assessment
- Identify all covered accounts
- Identify relevant identity theft red flags for covered accounts
- Implement appropriate detection and response procedures
- Develop a written Identity Theft Prevention Program
- Obtain board of directors approval
- Train appropriate staff
- Update the program periodically
- Review compliance at least annually
What is the mandatory compliance deadline?
The compliance deadline is November 1, 2008.
What are the consequences of non-compliance?
Non-compliance penalties can include:
- Civil money penalty for each violation
- Cease and desist Order
- Lowering of examination rating
- Consumer lawsuit
- Negative publicity, loss of business
How can I comply?
Easily and quickly, with CompliancePal! This one-stop solution allows you in just 5 easy steps to quickly get and stay in compliance!
CompliancePal is a web-based software that enables compliance quickly and easily. No software to install, 24 x 7 access, all the tools to be in compliance and ongoing updates to stay in compliance.
For one low fee, a financial institution receives a subscription to CompliancePal for a whole year and can:
- Perform a risk assessment
- Identify all covered accounts
- Identify relevant red flags for covered accounts
- Map appropriate detection and response procedures to each red flag
- Produce the compliant written identity theft prevention program
- Obtain board of directors approval easily
- Train appropriate staff quickly
- Update the program periodically
- Review compliance status at least annually
CompliancePal is a wizard-based tool that will produce:
- Identity theft risk assessment
- Mapping of reds flags to appropriate detection and response procedures
- Written Identity Theft Prevention Program
- Training Program
- Compliance Status Report
What does it cost to comply?
It could cost your organization hundreds of hours and thousands of dollars to develop a program! But with CompliancePal, one low fee saves you the time, hassle and headache of putting it all together.
Can you afford NOT to have CompliancePal?
 
Back to top
|
