Current Category : News :
FACT Act
November 03, 2008
November 1, 2008 is the deadline for all financial institutions to comply with the new federal “Red Flag” anti-identity theft rules. In 2003 the Fair and Accurate Credit Transactions Act (FACT) was passed, an act that was intended to extend and update the Fair Credit Reporting Act. The Red Flag rules were issued by various federal agencies that control financial institutions, as well as the Office of the Comptroller of the Currency, the Federal Reserve Board and the Federal Trade Commission (FTC). This has lead many businesses to assume that these policies are directed only at banks, mortgage lenders and other traditional creditors. But this is not the case. Since the Red Flag rules define “creditor” such broad terms, other types of businesses that are extending credit may need to comply. Even if these regulations do not directly apply to your company, they are still an excellent way to avoid identity theft risks for you and your customers.
With the deadline nearing it is important for all financial institutions and creditors to have a program in place for detecting and preventing identity theft.
Who must comply with the Red Flags Rules?
The Red Flags Rules apply to “financial institutions” and “creditors” which means any person or business that extends renews or continues credit with a “covered account”. An “account” is described as a continuing relationship with a creditor to obtain a product or service; this also includes deferred payments for services or property as well as pure credit accounts. A “covered account” is an account used mostly for personal, family, or household purposes and that involves multiple payments or transactions. “Covered accounts” also include accounts in which there is a foreseeable risk of identity theft – for example, small business or sole proprietorship accounts.
What are the Red Flag requirements?
The Red Flag will require financial institutions and creditors to develop a written program that will identify and detect the appropriate warning signs of identity theft. The program must enable a creditor to:
- Periodically determine whether it offers or maintains a “covered account”
- Identify unusual account activity, fraud alerts on a consumer report
- Program must detail responses to prevent the crime and update the program
- Ensure the program is managed by the Board of Directors and include staff training
Under the FTC’s regulations, “identity theft” is defined as a fraud that is committed or attempted; using a person’s identifying information without authority. The rule also states that “identifying information” should have the same meaning as “means of identification” in the federal criminal statue defining identity theft. Identifying information means any name or number that can be used alone or along with any other information to specifically identify one person; this includes but is not limited to Social Security number, date of birth, State or government issued drivers license or identification card, passport, alien registration number, matricula consular cards or any unique electronic identification number. Under these Red Flag regulations, the creation of any fictitious identity using any single piece of information falls within the definition of “identity theft.”
In order to properly keep in the guidelines of the Red Flag program the creditors will need to learn lessons from other creditors, keep an open awareness of the identity theft environment through literature and information from credit bureaus, financial institutions as well as designers of fraud detection devices such as Fraud Fighter™.
Fraud Fighter™ has many excellent products to be used wherever new accounts are initiated. Fraud Fighter™ is used by major banks, financial institutions and many major retailers to stop counterfeiters and falsifiers from attempting to become a customer. Fraud Fighter™ is an effective, low cost front line tool to catch and stop the attempt to set up a new account using false identification.
