Clearing the Haze: Addressing Some Lingering Concerns about the FTC's Red Flags Rules

By Carr, Matthew | Business Credit, May 2009 | Go to article overview

Clearing the Haze: Addressing Some Lingering Concerns about the FTC's Red Flags Rules


Carr, Matthew, Business Credit


The woes of identity theft for both businesses and individuals have been compounded to near numbing levels. Billions upon billions of dollars each year are bled out of the nation's economy through a variety of crimes and schemes, and it's now to the point that everyone likely knows at least one person who has had their identity pilfered. In the war against this type of fraud, both federal and state governments have launched a number of offensives, including establishing cyber-crime law enforcement divisions and passing data security laws, in an attempt to curb damage and weave a tighter security net to protect consumers. One of the latest and most widely discussed has been a multi-agency effort to fill in the gaps in corporate efforts left by some of those data security provisions.

On January 1, 2008, the Federal Trade Commission's (FTC) "Red Flags Rules" went into effect as part of amendments to the Fair and Accurate Credit Transactions Act of 2003 (FACT Act) and ultimately the Fair Credit Reporting Act (FCRA). The regulation requires "creditors" and financial institutions to adopt a written program to detect, prevent and mitigate identity theft in connection with the opening of a "covered account" or any existing "covered account." Building from a basic list of 26 "red flags"--which are defined as a pattern, practice or specific activity that could indicate identity theft--the objective of the regulation is to ensure that businesses and organizations are on the lookout for the signs that an individual is attempting to fraudulently use another person's identity to obtain goods or services.

As most credit managers are likely well aware, after a six-month delay, the mandatory deadline for compliance with the Red Flags Rules was May 1, 2009. What does this mean? Those companies that are affected by the rule should now have a written program in place that has been approved by the company's senior management or board of directors. For those that determined they are not subject to the regulation, they must remember that part of the rule is that businesses need to conduct ongoing risk assessments to determine if there is any "reasonably foreseeable risk" to their accounts that would trigger future mandatory compliance with the regulation.

For the last several months, the FTC and NACM have worked together to educate members about their responsibilities and to discuss the initiatives they should take to ensure those affected are in compliance, as well as to outline what the agency's expectations are for business creditors.

"Many people confuse data security with the Red Flags Rules, said Manas Mohapatra, attorney, FTC, Division of Privacy and Identity Protection, Bureau of Consumer Protection. These are two distinct but related concepts. Data security is aimed at protecting the personal information that you have about your customers. The Red Flags Rules picks up where data security leaves off."

He added, "Despite the best of efforts, thieves do steal people's information. The Red Flags Rules are aimed at stopping and identifying identity thieves from using someone else's personal information at your organization to commit fraud or illegally obtain goods and services."

Doing the Two-step

Even though the date for compliance has already passed, many questions continue to loom over the Red Flags Rules and their impact on business creditors, including to what companies the rules apply. The first part of the regulations is that businesses need to determine if they are considered a "creditor" under the rule and whether they offer "covered accounts." Organizations must meet both criteria to be subject to the rules.

The FTC uses the definition for "creditor" that is outlined in the FCRA and the Equal Credit Opportunity Act (ECOA). In those pieces of legislation, any person who regularly extends, renews or continues credit; any person who regularly arranges for the extension, renewal or continuation of credit; or any assignee of an original creditor who participates in the decision to extend, renew or continue credit is considered a "creditor.

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Project items

Items saved from this article

This article has been saved
Highlights (0)
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

Citations (0)
Some of your citations are legacy items.

Any citation created before July 30, 2012 will labeled as a “Cited page.” New citations will be saved as cited passages, pages or articles.

We also added the ability to view new citations from your projects or the book or article where you created them.

Notes (0)
Bookmarks (0)

You have no saved items from this article

Project items include:
  • Saved book/article
  • Highlights
  • Quotes/citations
  • Notes
  • Bookmarks
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

1

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Cited article

Clearing the Haze: Addressing Some Lingering Concerns about the FTC's Red Flags Rules
Settings

Settings

Typeface
Text size Smaller Larger
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Full screen

matching results for page

Cited passage

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

"Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

"Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

"Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Cited passage

Welcome to the new Questia Reader

The Questia Reader has been updated to provide you with an even better online reading experience.  It is now 100% Responsive, which means you can read our books and articles on any sized device you wish.  All of your favorite tools like notes, highlights, and citations are still here, but the way you select text has been updated to be easier to use, especially on touchscreen devices.  Here's how:

1. Click or tap the first word you want to select.
2. Click or tap the last word you want to select.

OK, got it!

Thanks for trying Questia!

Please continue trying out our research tools, but please note, full functionality is available only to our active members.

Your work will be lost once you leave this Web page.

For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

Already a member? Log in now.