New Red Flag Rules Require Financial Institutions to Detect and Prevent Identity TheftOn August 11, 2008 by Schnader
On January 1, 2008, new rules known as the Red Flag Regulations and Guidelines were issued under the Fair and Accurate Credit Transactions Act of 2003 (“the FACTAct”). Compliance with the new Red Flag rules is mandatory by November 1, 2008. The new Red Flag rules require all financial institutions and creditors who maintain “covered accounts” as defined in the rules to develop and implement a written Identity Theft Prevention Program to detect, prevent and mitigate identity theft. This alert reviews the new regulations and guidelines, including how the rules define a “covered account” and how they apply to financial institutions and creditors that offer or maintain such accounts.