Magazine article Business Credit

FTC and NACM Promote Red Flags Readiness

Magazine article Business Credit

FTC and NACM Promote Red Flags Readiness

Article excerpt

According to the Federal Trade Commission (FTC), in there were nearly 10 million victims of identity theft in the United States. The cost to businesses and individuals was roughly $53 billion; a staggering bleed out as consumers lost wages and businesses were forced to write off merchandise purchased fraudulently.

After a six-month delay, the May 1, 2009 deadline for companies to be in compliance with the FTC's Red Flags Rules regulation is fast approaching. The regulations will require most creditors and financial institutions to adopt a written program to detect, prevent and mitigate identity theft in connection with the opening of a covered account or any existing covered account. A "red flag" is a pattern, practice or specific activity that could indicate identity theft. The FTC lists 26 red flags, but that list is far from complete. A covered account, as it pertains to business creditors, is any account designed to permit multiple payments or transactions or for which there is any reasonably foreseeable risk from identity theft.

The FTC and NACM have partnered together to educate members of their responsibilities and the initiatives they should take to ensure those affected are in compliance with the federal regulation. In the second joint teleconference between the FTC and NACM, the FTC's Manas Mohapatra, attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection, outlined what the agency expects business creditors to put into place.

"Many people confuse data security with the Red Flags Rules," said Mohapatra. "These are two distinct but related concepts. Data security is aimed at protecting the personal information that you have about your customers. The Red Flags Rules pick up where data security leaves off." He added, "Despite the best of efforts, thieves do steal people's information. Red Flags Rules are aimed at stopping and identifying identity thieves from using someone else's personal information at your organization to commit fraud or illegally obtain goods and services."

To help companies establish their policy, the FTC has published a list of guidelines, divided into seven steps: incorporating existing policies and procedures, identifying relevant red flags, setting up procedures to detect red flags, responding appropriately to red flags, updating the program, administering the program and considering other legal requirements. The FTC continues to stress that a creditor doesn't have to start from scratch on their program; they can tailor their program and build upon fraud or security measures they might already have in place. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.