ID Theft Red Flags Rule: Are You Ready for May 1? (Bank Info Security Article)

May 1 is nearly here. Are non-banking creditors and state-chartered credit unions ready?

This is the date when the Federal Trade Commission will finally start to enforce the Identity Theft Red Flags Rule, for which federally-regulated banks and credit unions have been tested for compliance since last Nov. 1.

Originally, all affected entities were to show compliance with the Red Flags Rule by Nov. 1, but in late October the FTC extended the deadline by six months for the roughly 11 million entities it oversees. This move was to give non-banking creditors and state-chartered credit unions additional time to develop and implement written identity theft prevention programs.

Since last fall, the FTC has promoted an extensive outreach effort to explain the rule in greater detail, speaking at many business conferences, hosting seminars and the FTC's dedicated website on ID Theft Red Flags compliance. According to Betsy Broder, Assistant Director, Division of Privacy and Identity Protection at the Federal Trade Commission, many companies that didn't think of themselves as creditors now realize they are a covered entity under this rule.

So, with the new deadline just weeks away, are these entities ready to demonstrate compliance?

Continue Reading at Bank Info Security

Under the ID Theft Red Flags Rule a creditor is:

• Any entity that regularly extends, renews or continues credit;
• Any entity that regularly arranges for the extension, renewal or continuation of credit;
• Any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit.