Test 7873

As I’ve suggested in previous postings, we’ve certainly expected more clarifying language from the Red Flags Rule drafting agencies.  Well, here is some pretty good information in the form of another FAQ document created by the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS), and Federal Trade Commission (FTC). This is a great step forward in responding to many of the same Red Flag guidelines questions that we get from our clients, and I hope it’s not the last one we see.  You can access the document via any of the agency website, but for quick reference, here is the FDIC version: http://www.fdic.gov/news/news/press/2009/pr09088.html

We at Experian have been conducting a survey of visitors to our Red Flag guidelines microsite (www.experian.com/redflags). Some initial findings show that approximately 40 percent of those surveyed were “ready” by the original November 1, 2008 deadline.  However, nearly 50 percent of the respondents found the Identity Theft Red Flag deadline extension(s) helpful. For those of you that have not taken the survey, please do so.  We welcome your feedback.  

As most industry folks are aware, the FTC recently pushed out their Red Flags Rule enforcement deadline to August 1, 2009.  It is important to note, however, that this extension does not apply to the specific requirement that institutions with covered accounts detect and respond to address discrepancies related to consumer credit profiles.  The original November 1, 2008 deadline is, and has been, the line in the sand for this requirement.  I recommend that those institutions still working toward a compliant written and operational Identity Theft Prevention Program ensure that they have in place today a process to detect and respond to address discrepancies noted on credit profiles.