FEDERAL TRADE COMMISSION
RED FLAG RULES AND REGULATIONS
As identity theft increasing each year, the federal government created the Red Flag Rule. The Red Flags Rule requires many businesses and organizations to create and implement a written Identity Theft Prevention Program. Businesses and organizations covered under this rule must have their written and implemented program designed so it detects the warning signs of identity theft in their day-to-day operations.
The Rule applies to “Financial Institutions” and “Creditors.” At first glance, many businesses and organizations do not fall under the typical definition of “Financial Institution” or “Creditors”; however, “Creditor” has been defined broadly to basically cover most businesses or organizations that regularly provide goods or services first and allow customers to pay later. Examples of businesses or organizations that may fall within this definition are utilities, health care providers, lawyers, accountants, engineers, pool cleaning services, landscapers, transportation companies, and telecommunications companies. The definition also covers businesses or organizations that regularly grant loans, arrange for loans or the extension of credit, or make credit decisions. Now, if a business or an organization falls within the definition of a “Creditor,” then the next step is to see if the business or organization has “Covered Accounts.” If a business or an organization has “Covered Accounts,” then a written program to detect and respond to the red flags of identity theft must be created, implemented, and updated periodically. “Covered Accounts” is defined as:
- Consumer accounts designed to permit multiple payments or transactions; or
- Any other account that presents a reasonably foreseeable risk from identity theft.
If you have more questions or concerns, please do not hesitate to make an appointment with one of our business and corporate law attorneys. We will make sure that your business complies with the Red Flag Rules. You can contact us at 972.789.1664 or firstname.lastname@example.org.
The U.S. Federal Trade Commission announced today that it would once again extend its enforcement of the Red Flags Rule, and the corresponding mandatory compliance deadline for covered entities under its jurisdiction, to 1 November, 2009.