FTC Red Flags Rule: Is Your Business Ready?
FTC Red Flags Rule Goes into Effect June 1st, 2010
The FTC will begin enforcing the Red Flag Rule on June 1st, which states that certain businesses and creditors must help fight identity theft as well as create an identity theft prevention plan. This applies to a very broad class of businesses: those defined as “financial institutions” and those that extend any type of credit to their customers.
In other words, if you don’t receive cash the moment you deliver your product or service to your customer, your business most likely falls under the umbrella of the Red Flags Rule. If you do any billing after the fact (i.e., accounts receivable), you are considered a creditor, and therefore in the group of companies governed by Red Flags.
This includes:
- Any Business that Extends Credit
- All Banks
- Most Brokerage Firms
- Credit Card Companies
- Mortgage Lenders
- Non Traditional lenders (utilities, dealerships, health care providers)
Building an Identity Theft Prevention Plan
According to the FTC, the identity theft prevention plan consists of four main parts:
- Identification: The plan needs to provide a process to identify patterns, activities or transactions (i.e. red flags, hence the name) that appear to be leading to identity theft.
- Detection: The plan needs to specifically call out processes and procedures that will be used to detect the previously defined red flags.
Identity Theft Speaker: Red Flags Rule How-To Guide
Are you one of the 9 million Americans who will have their credit damaged or their bank account emptied this year? Or perhaps your medical treatment will be affected. The cost of identity theft to individuals and businesses is staggering; hence, the Red Flag Rule, enforced by the FTC, federal bank regulatory agencies and the National Credit Union Administration.
There are always “red flags” that pop into our heads but too often we ignore them. Call it “intuition” or whatever you want; the vital thing is to pay attention. To that end, many businesses and organizations are now required to implement the “Red Flags” Rule to implement a written Identity Theft Prevention Program. The goal is to detect warning signs in day-to-day operations, take steps to prevent the crime and limit any damage.
Are you covered by the Red Flags Rule? Read Fighting Fraud with the Red Flags Rule: A How-To Guide for Business to:
- Find out if the rule applies to your business or organization;
- Get practical tips on spotting the red flags of identity theft, taking steps to prevent the crime, and mitigating the damage it inflicts; and
- Learn how to put in place your written Identity Theft Prevention Program.
By identifying red flags in advance, you’ll be better equipped to spot suspicious patterns when they arise and take steps to prevent a red flag from escalating into a costly episode of identity theft.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
