Conducting the Required Identity Theft Risk Assessment


Presented by:
Mary Beth Guard and Jack Holzknecht

On November 9, 2007 the bank regulatory agencies published final regulations that implement Section 114 (Red Flag Guidelines) of the Fair and Accurate Credit Transaction Act (FACT Act). Compliance with the new regulations is mandatory by November 1, 2008.

This two-hour webinar provides step-by-step instructions on how to conduct and document the required identity theft risk assessment.

(requires Windows Media Player and IE).

The new Identity Theft Red Flags regulations require every financial institution to conduct an initial Identity Theft risk assessment. The purpose of the risk assessment is twofold. First, the risk assessment will reveal if an institution has covered accounts, and is therefore required to develop an Identity Theft Prevention Program (Program). Second, the risk assessment will reveal those accounts that the Program must address. The risk assessment may include other factors such as the likelihood of harm, the cost and operational burden of using a particular Red Flag and the effectiveness of a particular Red Flag.

The regulations require that the risk assessment be updated periodically considering changes in:

  • The methods used to open accounts;
  • The methods available to access accounts; and
  • The institution's experience with identity theft.

    Identity fraud can result in huge losses to a financial institution, as direct losses from identity theft mount, and legal experts predict that an increasing number of ID theft victims will seek monetary redress from financial institutions who negligently allowed the fraud to occur. Having a workable program for detecting and acting upon the ever-changing red flags that may indicate identity theft will help protect your customers, your reputation, and your institution's bottom line. It's more than a compliance requirement - it's a safety and soundness issue as well.

    One size doesn't fit all when it comes to a written ID theft program. You need to take into consideration your institution's size, location, and customer base, which relationships, types of accounts, account opening methods and account access methods will be covered by your program through a risk evaluation process.

    This webinar will lead you through the steps for conducting your risk assessment and will provide you with a template for documenting your assessment. We will address each of the following components:

  • A review of the Red Flag regulations;
  • The process of conducting a Red Flag Risk Assessment;
  • Identifying risks for identity thief;
  • Determining your institution's experience with identity theft;
  • Using the red flags from Appendix J - Supplement A of the Red Flag guidelines to spark ideas;
  • Coming up with a system for staying on top of emerging threats;
  • Evaluating the type of accounts you offer;
  • Examining the different types of customer relationships you have;
  • Taking into consideration service provider arrangements, joint ventures, alliances and other business arrangements;
  • Assessing the likelihood and potential harm of each type of identity theft;
  • Keying in on mitigating factors you may already have in place;
  • Ending up with a firm grasp of your institution's ID theft profile; and
  • Providing a baseline of the types of controls you will need to implement.

    The program is designed for operations, security and compliance personnel as well as auditors employed by banks, thrifts and credit unions. It focuses on performing an identity theft risk assessment.

    About the speakers:
    Jack Holzknecht is a principal with Pegasus Educational Services, LLC, a training firm headquartered in Louisville, Kentucky. He is an experienced consultant who has provided training to thousands of bankers and examiners for twenty-four years. He has the ability to identify the key compliance issues from each regulation. Jack's career began in 1976 as a federal bank examiner. He later headed the form and software and education divisions of a regional consulting company. In that capacity he developed loan and deposit form systems and software. He also developed and presented training programs to bankers in 43 states. Jack has been an instructor at compliance schools presented by the Georgia, Iowa, Kentucky, Pennsylvania, Nebraska, New York and Texas bankers associations. He developed and delivered compliance training for the FDIC and OTS for ten years. He is a Certified Regulatory Compliance Manager and a member of the National Speakers Association. He is also a "BOL Guru" at and frequently answers compliance questions sent to "Bankers' Threads."

    Mary Beth Guard currently serves as Executive Editor of and CEO of Glia Group, Inc., Mary Beth has had a long and distinguished career, graduating from law school in 1980, then going on to serve as general counsel for the Oklahoma State Banking Department, general counsel for the Oklahoma Bankers Association, and EVP of Specialized services for Thomson Financial Publishing prior to co-founding Glia Group, Inc. and Mary Beth also serves as Executive Editor for and as a partner in BankGuard Resources.

    Mary Beth is on the advisory board for Bankers' Hotline. She has presented training programs for virtually every major national financial industry association, as well as more than a dozen state bankers associations and a host of other organizations. In addition, Mary Beth has written more than a thousand banking-related articles and is a BOL Guru.
    • Complete presentation (including slides and audio)
    • Written Materials
    • Follow-up Q & A
    You have the right under this license agreement for this CD-ROM to use this presentation on a single-workstation. Use on a network is in violation of the copyright agreements. CD may be used by multiple users at a given institution but may not be placed on a network or in any other multi-user environment.

  • This program was recorded in its entirety in July 2008. The CD-ROM includes program slides, materials (if available) and follow-up Q & A document.

    Add to Cart:

    • Model: cd_rfrisk0708
    • Manufactured by: Glia Group, Inc.

    This product was added to our catalog on Wednesday 14 November, 2007.

    Copyright © 2014