What are the new Red Flag Identity Theft Rules? Who needs to be concerned with these regulations and why?

The final rules provide financial institutions with a fair amount of flexibility in establishing their own internal compliance programs, but there are a few mandatory provisions that must be included in any compliance program. For example:

Each financial institution must create, and keep updated, a written identity theft prevention program and Financial institutions must review discrepancies if addresses on applications conflict with those on credit reports The final rule also lists 43 examples of identity theft red flags that financial institutions should consider incorporating into their Identity Theft Prevention Programs, but the adoption of these are not mandatory.

These rules come at a time when the Federal Trade Commission and banking regulatory agencies are questioning whether creditors are using adequate authentication tools. These Red Flag Rules will improve industry practices in the area and should continue to drive identity theft statistics downward. These regulations became effective on Jan. 1, 2008, and full institutional compliance is required by Nov. 1, 2008.

In a recent conversation with an examiner, he stated that he didn’t think there was any way for a FI to comply with this guideline manually – it would most likely take software to be compliant. Hmmm….

CoNetrix has an online tool that walks you through creating the Identity Theft Prevention Program and Risk Assessment. In addition, it includes online training. The cost is only $795, but we will provide a 10% discount through June 30th for all Banktastic members if you enter the Discount Code ‘Banktastic’ during signup. For more information, go to http://www.conetrix.com/Identity-Theft-Prevention-Program.aspx

New Bankwide Article on Red Flags

Identity Theft Red Flags, the reader’s digest version