Well, as expected, the FTC delays enforcement  of the Red Flags Rule again. For about the 5th time. Surprisingly after the an audit by the Justice Department's Office of the Inspector General revealed that while the FBI and Justice Department have made "various efforts" to fight identity theft crimes in recent years, these initiatives have "faded as priorities" mainly because the agencies have failed to develop a coordinated plan to deal with what's become an epidemic of cybercrimes.(Watch for this upcoming blog entry)

Anyway, here is the press release:

FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule

At the request of several Members of Congress, the Federal Trade Commission is further delaying enforcement of the “Red Flags” Rule through December 31, 2010, while Congress considers legislation that would affect the scope of entities covered by the Rule. Today’s announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance.

“Congress needs to fix the unintended consequences of the legislation establishing the Red Flags Rule – and to fix this problem quickly. We appreciate the efforts of Congressmen Barney Frank and John Adler for getting a clarifying measure passed in the House, and hope action in the Senate will be swift,” FTC Chairman Jon Leibowitz said. “As an agency we’re charged with enforcing the law, and endless extensions delay enforcement.”

The Rule was developed under the Fair and Accurate Credit Transactions Act, in which Congress directed the FTC and other agencies to develop regulations requiring “creditors” and “financial institutions” to address the risk of identity theft. The resulting Red Flags Rule requires all such entities that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.

The Rule became effective on January 1, 2008, with full compliance for all covered entities originally required by November 1, 2008. The Commission has issued several Enforcement Policies delaying enforcement of the Rule. Most recently, the Commission announced in October 2009 that at the request of certain Members of Congress, it was delaying enforcement of the Rule until June 1, 2010, to allow Congress time to finalize legislation that would limit the scope of business covered by the Rule. Since then, the Commission has received another request from Members of Congress for another delay in enforcement of the Rule beyond June 1, 2010.

The Commission urges Congress to act quickly to pass legislation that will resolve any questions as to which entities are covered by the Rule and obviate the need for further enforcement delays. If Congress passes legislation limiting the scope of the Red Flags Rule with an effective date earlier than December 31, 2010, the Commission will begin enforcement as of that effective date.

In the interim, FTC staff has continued to provide guidance, both through materials posted on www.ftc.gov/redflagsrule, and in speeches and participation in seminars, conferences and other training events to numerous groups. The FTC also published a compliance guide for business, and created a template that enables low risk entities to create an identity theft program with an easy-to-use online form (www.ftc.gov/bcp/edu/microsites/redflagsrule/get-started.shtm). The FTC staff also has published numerous general and industry-specific articles, released a video explaining the Rule, and continues to respond to inquiries from the public. To assist further with compliance, FTC staff has worked with a number of trade associations that have chosen to develop model policies or specialized guidance for their members.

As was the case previously, this enforcement delay is limited to the Red Flags Rule and does not extend to the rule regarding address discrepancies applicable to users of consumer reports (16 C.F.R.§641), or to the rule regarding changes of address applicable to card issuers (16 C.F.R.§681.2).


For questions regarding this Enforcement Policy, please contact Naomi Lefkovitz or Pavneet Singh, Bureau of Consumer Protection, 202-326-2252.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them.  To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357).  The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,800 civil and criminal law enforcement agencies in the U.S. and abroad.  The FTC’s Web site provides free information on a variety of consumer topics.

MEDIA CONTACT:

Office of Public Affairs 202-326-2180

(Red Flags May 2010)

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration). Educate yourself and call me at (909) 208-3728 or send a blank email for more info to joerecommends (at)aweber.com! Shameless plug the Best Identity Theft Protection available dot com

FTC Extends Enforcement Deadline For Red Flags Rule Again!

At the request of Members of Congress, the Federal Trade Commission is delaying enforcement of the “Red Flags” Rule until June 1, 2010, for financial institutions and creditors subject to enforcement by the FTC.

The Rule was promulgated under the Fair and Accurate Credit Transactions Act, in which Congress directed the Commission and other agencies to develop regulations requiring “creditors” and “financial institutions” to address the risk of identity theft. The resulting Red Flags Rule requires all such entities that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.

The Commission previously delayed the enforcement of the Rule for entities under its jurisdiction until November 1, 2009. The Commission staff has continued to provide guidance to entities within its jurisdiction, both through materials posted on the dedicated Red Flags Rule Web site (www.ftc.gov/redflagsrule), and in speeches and participation in seminars, conferences and other training events to numerous groups. The Commission also published a compliance guide for business, and created a template that enables low risk entities to create an identity theft program with an easy-to-use online form. FTC staff has published numerous general and industry-specific articles, released a video explaining the Rule, and continues to respond to inquiries from the public. To assist further with compliance, FTC staff has worked with a number of trade associations that have chosen to develop model policies or specialized guidance for their members.

On October 30, 2009, the U.S. District Court for the District of Columbia ruled that the FTC may not apply the Red Flags Rule to attorneys. Today’s announcement that the Commission will delay enforcement of the Rule until June 1, 2010, does not affect the separate timeline of that proceeding and any possible appeals. Nor does it affect other federal agencies’ ongoing enforcement for financial institutions and creditors subject to their oversight.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,700 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

H.R.3763 - To amend the Fair Credit Reporting Act to provide for an exclusion from Red Flag Guidelines for certain businesses.

Official Summary

10/8/2009--Introduced.Amends the Fair Credit Reporting Act with respect to the duties of users of consumer reports who take adverse actions on the basis of information contained in such reports. Excludes any health care practice, accounting practice, or legal practice with 20 or fewer employees from the meaning of creditor subject to Red Flag Guidelines regarding identity theft promulgated by the proper federal financial regulatory agency. Excludes any other business which the Federal Trade Commission (FTC) determines:
(1) knows all its customers or clients individually;
(2) only performs services in or around the residences of its customers; or
(3) has not experienced incidents of identity theft, and identity theft is rare for businesses of that type. States that such exclusion shall no longer apply to any business that can no longer meet such eligibility criteria.

If this bill passes it will exclude about 90% of healthcare professionals from having to comply with the FTC's Red Flags Rule Amendment to the Fair and Accurate Credit Transactions Act (FACTA). I have added a widget on the top of the blog so if you are interested, you can follow this bill by visiting my blog.

Enforcement of the Red Flags is to begin on11/01/09. 


To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Another Guilty in ID Theft that nailed Bernacke

Makieta Leake, 36 years old, of Prince Frederick, Md, plead guilty to a single count of conspiracy to commit bakn fraud Tuesday in federal court in Alexandria, VA.

She was the fifth person to plead guilty in the scheme that resulted in more than $2 million in losses at 10 banks.

Leake was a doctor's receptionist and admitted stealing bank account information from 37 patients as part of the ID Theft ring that took advantage of Federal Reserve Chairman Ben Bernacke.

She was paid between $200 and $500 for each victim's information. About 40% of the above losses can be traced to her.

Note: It still amazes me that most healthcare professionals still don't know about the FTC's Red Flags Rule and that the must comply with this amendment to the FACTA law. Enforcement begins 11/01/09.

We can assist any business with the Red Flags or FACTA training of their employees. For more info visit http://www.redflagsrulepolicy.com/ or call me.

To learn more about Identity Theft and what to do if you are a victim, visit http://www.stopidtheftcrime.com/ and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

ID Theft Red Flags: 4 High Risk Areas

ID Theft Red Flags: 4 High Risk Areas

What You Might Not Know About Staying in Compliance -- and Secure

August 13, 2009 - Linda McGlasson, Managing Editor

There are four "high risk" areas that aren't getting the attention they deserve as financial institutions work toward complying with the ID Theft Red Flags Rule, says a leading industry compliance expert. ...

...The Red Flags Rule is a risk-based regulation. As such, Huda says, compliance should be approached from a risk management and not a purely technical perspective, and institutions should ask these questions:

• Which accounts are more at risk to identity theft?
• Which red flags represent higher risk?
• Which detection and response procedures are commensurate with the risks?
• Which service providers pose greater risk?
• What controls exist to mitigate the risks?

...There are four areas Huda says that are "high risk" that many financial institutions have not paid enough attention to are:

1. Service Providers. Many have not conducted an inventory, risk-ranking or assessment done on service providers. This may be the weakest link in the chain.


2. Business accounts. Many have focused only on consumer accounts. The rule applies to any account with a reasonably foreseeable risk of identity theft, not just consumer accounts. Small business accounts in particular are susceptible to identity theft and must be analyzed for risk.


3. Training. Many have not provided proper training to staff. The training does not cover what the written, board-approved program deems to be the red flags one should be on the look out for, nor what one should do to respond. The training is very general and does not cover how to comply. How can identity theft actually be prevented if one does not know what to look for and what to do if one finds a red flag?


4. Updates. Many have put their program on the bookshelf, forgetting to update it to address new risks or changes in operations. For example, if a new line of business is opened, a new service provider added or new products or services are rolled out, or identity theft is attempted or perpetrated, the Program must be updated. (Full story at www.bankinfosecurity.com)

Many business owners have the same issues as financial institutions. That is why I recommend www.RedFlagsRulePolicy.com for businesses by idBUSINESS. It is an online module that not only creates your policy but allows you to email vendors to take an assessment test as well. You will also be able to email your employees to take the online training for the Red Flags Rule.

Business owners can also take a free Needs Assessment at the site.

As a distributor for idBUSINESS, I can also offer business owners a discount - just contact me.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

FTC Grants Another 3 Month Reprieve for Red Flags Rule Enforcement

FTC Announces Expanded Business Education Campaign on 'Red Flags' Rule

To assist small businesses and other entities, the Federal Trade Commission staff will redouble its efforts to educate them about compliance with the "Red Flags" Rule and ease compliance by providing additional resources and guidance to clarify whether businesses are covered by the Rule and what they must do to comply. To give creditors and financial institutions more time to review this guidance and develop and implement written Identity Theft Prevention Programs, the FTC will further delay enforcement of the Rule until November 1, 2009. (emphasis added)

The Red Flags Rule is an anti-fraud regulation, requiring “creditors” and “financial institutions” with covered accounts to implement programs to identify, detect, and respond to the warning signs, or “red flags,” that could indicate identity theft. The financial regulatory agencies, including the FTC, developed the Rule, which was mandated by the Fair and Accurate Credit Transactions Act of 2003 (FACTA). FACTA’s definition of “creditor” includes any entity that regularly extends or renews credit – or arranges for others to do so – and includes all entities that regularly permit deferred payments for goods or services. Accepting credit cards as a form of payment does not, by itself, make an entity a creditor. “Financial institutions” include entities that offer accounts that enable consumers to write checks or make payments to third parties through other means, such as other negotiable instruments or telephone transfers.

The FTC’s Red Flags Web site, www.ftc.gov/redflagsrule, offers resources to help entities determine if they are covered and, if they are, how to comply with the Rule. It includes an online compliance template that enables companies to design their own Identity Theft Prevention Program through an easy-to-do form, as well as articles directed to specific businesses and industries, guidance manuals, and Frequently Asked Questions to help companies navigate the Rule.

Although many covered entities have already developed and implemented appropriate, risk-based programs, some – particularly small businesses and entities with a low risk of identity theft – remain uncertain about their obligations. The additional compliance guidance that the Commission will make available shortly is designed to help them. Among other things, Commission staff will create a special link for small and low-risk entities on the Red Flags Rule Web site with materials that provide guidance and direction regarding the Rule. The Commission has already posted FAQs that address how the FTC intends to enforce the Rule and other topics – www.ftc.gov/bcp/edu/microsites/redflagsrule/faqs.shtm. The enforcement FAQ states that Commission staff would be unlikely to recommend bringing a law enforcement action if entities know their customers or clients individually, or if they perform services in or around their customers’ homes, or if they operate in sectors where identity theft is rare and they have not themselves been the target of identity theft.

The three-month extension, coupled with this new guidance, should enable businesses to gain a better understanding of the Rule and any obligations that they may have under it. These steps are consistent with the House Appropriations Committee’s recent request that the Commission defer enforcement in conjunction with additional efforts to minimize the burdens of the Rule on health care providers and small businesses with a low risk of identity theft problems. Today’s announcement that the Commission will delay enforcement of the Rule until November 1, 2009, does not affect other federal agencies’ enforcement of the original November 1, 2008, compliance deadline for institutions subject to their oversight.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

MEDIA CONTACT:

Office of Public Affairs
202-326-2180

(Red Flags July 09)

Business owners can also take a needs assessment free at www.RedFlagsRulePolicy.com

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Six federal agencies issued a set of FAQ's on Identity Theft Rules

Six federal agencies issued a set of frequently asked questions (FAQs) today to help financial institutions, creditors, users of consumer reports, and issuers of credit cards and debit cards comply with federal regulations on identity theft and discrepancies in changes of address.

The "Red Flags and Address Discrepancy Rules," which implement sections of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act), were issued jointly on November 9, 2007, by the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS), and Federal Trade Commission (FTC).

The rules require financial institutions and creditors to develop and implement written Identity Theft Prevention Programs and require issuers of credit cards and debit cards to assess the validity of notifications of changes of address. The rules also provide guidance for users of consumer reports regarding reasonable policies and procedures to employ when consumer reporting agencies send them notices of address discrepancy.

The agencies' staff have jointly developed answers to these FAQs to provide guidance on numerous aspects of the rules, including which types of entities and accounts are covered; establishment and administration of an Identity Theft Prevention Program; address validation requirements applicable to card issuers; and the obligations of users of consumer reports upon receiving a notice of address discrepancy.

Download the complete FAQ document here.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

FTC Red Flags Rule Update

If you are unfamiliar with the Federal Trade Commission's Red Flags Rule then download a copy at www.ftc.gov/redflagsrule. Basically, if you are a creditor or have "covered accounts" then you must comply with the Rule.

Doctors, Dentists, and Veterinarians must all comply as they have lost their battle with the FTC, at least as of this date.

The best way to become compliant is by using IdBusiness and their online Red Flags Compliance module. It not only will assist you in creating your policy but trains your employees, and notifies your vendors as well.

Business owners may also want to download the following book "Protecting Personal Information - A Guide for Business" at www.ftc.gov/infosecurity

If you find that you do not need a Red Flags Policy, then I can assist you with setting up a Non-Public Information (NPI) policy at no direct cost to your company. Although, certain restrictions apply so give me a call.

If you need a Red Flags Policy, then click here for assistance.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

FTC Delays Enforcement of Red Flags Rule Again

FTC Will Grant Three-Month Delay of Enforcement of ‘Red Flags’ Rule Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs

The Federal Trade Commission will delay enforcement of the new “Red Flags Rule” until August 1, 2009, to give creditors and financial institutions more time to develop and implement written identity theft prevention programs. For entities that have a low risk of identity theft, such as businesses that know their customers personally, the Commission will soon release a template to help them comply with the law. Today’s announcement does not affect other federal agencies’ enforcement of the original November 1, 2008 compliance deadline for institutions subject to their oversight.

“Given the ongoing debate about whether Congress wrote this provision too broadly, delaying enforcement of the Red Flags Rule will allow industries and associations to share guidance with their members, provide low-risk entities an opportunity to use the template in developing their programs, and give Congress time to consider the issue further,” FTC Chairman Jon Leibowitz said.

The Fair and Accurate Credit Transactions Act of 2003 (FACTA) directed financial regulatory agencies, including the FTC, to promulgate rules requiring “creditors” and “financial institutions” with covered accounts to implement programs to identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. FACTA’s definition of “creditor” applies to any entity that regularly extends or renews credit – or arranges for others to do so – and includes all entities that regularly permit deferred payments for goods or services. Accepting credit cards as a form of payment does not, by itself, make an entity a creditor. Some examples of creditors are finance companies; automobile dealers that provide or arrange financing; mortgage brokers; utility companies; telecommunications companies; non-profit and government entities that defer payment for goods or services; and businesses that provide services and bill later, including many lawyers, doctors, and other professionals. “Financial institutions” include entities that offer accounts that enable consumers to write checks or make payments to third parties through other means, such as other negotiable instruments or telephone transfers.

During outreach efforts last year, the FTC staff learned that some industries and
entities within the agency’s jurisdiction were uncertain about their coverage under the Red Flags Rule. During this time, FTC staff developed and published materials to help explain what types of entities are covered, and how they might develop their identity theft prevention programs. Among these materials were an alert on the Rule’s requirements, www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm, and a Web site with more resources to help covered entities design and implement identity theft prevention programs, www.ftc.gov/redflagsrule. The compliance template will be available on this Web site.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

MEDIA CONTACT:

Office of Public Affairs
202-326-2180

(Red Flags Deadline Extension)

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com