The Red Flags rule is an identity theft prevention scheme developed by the Federal Trade Commission.
The Red Flags rule is an identity theft prevention scheme developed by the Federal Trade Commission (FTC) in the United States. According to the rule, financial institutions and persons or companies that could be considered creditors must take a series of measures to identify and prevent identity theft. The purpose of the Red Flags rule is to protect consumer safety by requiring people in possession of identifying information and private financial records to have a system in place to deal with identity theft.
The Red Flags rule requires those subject to the rule to have a program written to deal with identity theft. The company can use a generic model or develop its own. The program needs four components. The first is the identification of any red flags, activities or events that could indicate that someone is trying to commit identity theft. This can vary by business and industry. The company must also have a plan to detect these red flags.
Some examples of red flags might include suspicious documents, unusual account activity, inquiries into an account, or notices from credit bureaus. There may also be concerns specific to a particular business, such as evidence that someone is using falsified insurance information to obtain medical care, or the inability to provide proof of ownership of a home or vehicle before requesting services.
A prevention and action plan must be part of the program under the Red Flags Rule, to ensure that the company takes immediate action in cases of suspected identity theft and works to close obvious loopholes. Finally, the company needs to commit to updating the plan. Updates must include new information and policies and must occur regularly. This shows that the company is tracking identity theft issues and has plans to address them.
Identifying financial institutions such as banks and credit unions is easy, but determining what types of creditors are subject to the Red Flags rule is a little trickier. The rule covers people like veterinarians, who can provide services on credit or accept payment plans. Most businesses that allow people to pay later for services can be classified as creditors, ranging from utility companies that charge after the fact to accountants who send bills to their customers. The scope of the Red Flags rule has led to several delays in enforcement, as industry lobbyists argued that compliance would be difficult for small businesses, particularly those run by self-employed workers.