The FTC and the federal financial institution regulatory agencies have submitted their final rules and guidelines on how creditors and financial institutions must handle identity theft “red flags” and address discrepancies.
Highlights of the rules include the following measures that must be taken:
1. Identify relevant patterns, practices, and specific forms of activity that are “red flags” signaling possible identity theft and incorporate those red flags into the Program;
2. Detect red flags that have been incorporated into the Program;
3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and
4. Ensure the Program is updated periodically to reflect changes in risks from identity theft.
These guidelines seem like things you would think most creditors and financial institutions would already be doing. Hopefully, these measures can help protect consumers.