Red Flag Rules and Current Privacy Legislation
What is the Red Flags Rule?
The new ‘Red Flags’ rule will help fight identity theft. What is the definition of an identity thief? The answer is someone who uses people’s identity information to open new accounts and misuse existing accounts, creating havoc for consumers and businesses.
The Federal Trade Commission (FTC), the federal bank regulatory agencies, and the National Credit Union Administration (NCUA) have issued regulations (the Red Flags Rule) requiring financial institutions and creditors to develop and implement written identity theft prevention programs, as part of the Fair and Accurate Credit Transactions Act (FACTA) of 2003.
By May 1, 2009, companies must provide for the identification, detection, and response to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.
Who must comply?
- Financial Institutions: State or national bank, a state or federal savings & loan association, a mutual savings bank, a state or federal credit union, or any other entity that holds a “transaction account” belonging to a customer.
- Creditors: Any entity that regularly extends, renews, or continues credit, any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit.
- Under the Red Flags Rule, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs of identity theft. The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program.
- The Red Flags Rule provides all financial institutions and creditors the opportunity to design and implement a program that is appropriate to their size and complexity, as well as the nature of their operations.
- As federal and state legislation tightens and affects not only financial and credit businesses across America, it is imperative that all organizations conduct due diligence and take appropriate measures to ensure end-of-lifecycle documentation is properly destroyed and recycled.
Source: Federal Trade Commission
A partner in compliance.
According to the law, when using an outsourced document destruction company, financial organizations must use due diligence in selecting, managing and monitoring the service provider to ensure consumers’ private information is protected. PROSHRED®’s INFORMATION DESTRUCTION AT YOUR DOOR provides one of the most secure, convenient, economical and environmentally conscious solutions for complying with the current Red Flags Rule.