BankersOnline — has compiled a selection of articles, tools, resources and tips to help you pull it all together.

FTC Red Flags Enforcement Delayed Yet Again! - The FTC delayed once again its enforcement of its own Red Flags rules with respect to businesses under its jurisdiction. Their most recent delay, until June 1, 2010, was announced in an October 30, 2009, press release. Banks and federally-regulated credit unions have had to comply with the requirements since November 1, 2008. In the same press release, the FTC stated that the U.S. District Court for the District of Columbia ruled on 10/30/2009 that the FTC may not apply the Red Flags Rule to attorneys. In a separate statement posted on its website, the FTC said that the latest postponement was approved at the request of members of Congress, which is considering legislation to exempt for Red Flags Rule coverage small health care, accounting and legal practices. The FTC postponement does not affect its enforcement of its rule regarding address discrepancies in consumer reports (16 CFR Part 641) or cardholder changes of address (16 CFR 681.2).

ARTICLES/Q&As
  • FACT Act Identity Theft Prevention Program Mandates
  • Referral Volumes as a Significant Operations Concern
  • How should my bank respond to the Red Flags Rule requirements effective
        Nov. 1st?
  • The Compliance Officer and the Red Flag Program
  • Red Flag Program Delay
  • Red Flag Program as Part of Information Security Program
  • Changes Needing Board Approval
  • Assessing Red Flags for Loan Applications
  • Responsibility for Notifying Dealers and Brokers
  • Red Flags and Collections Procedures
  • About a Separate Identity Theft Prevention Program
  • Suggestions for New Company for Identifying Red Flags
  • A Separate and Distinct Policy Statement for ID Theft Red Flags
  • A Oversight of Service Providers
  • A Standby Letter of Credit
  • Monitoring Expectations
  • Identification of Customers by a Notary
  • Auto Dealers and the FTC
  • Appointing a Person Responsible for Implementation of the Red Flags Program
  • New Account Checklist
  • Adverse Action Notice Verbiage
  • How Examiners Review Red Flags
  • How to Identify Material Change in ETF Patterns
  • Forgery and Identity Theft
  • About Back-Room Staff
  • Credit Checks for New Employment Applicants
  • Consequences of Failure to Comply with Red Flag Rules
  • Difficulty getting things in place? Deadline is Nov. 1
  • Documenting Resolution of the Address Discrepancy
  • The Role of the Collections Department
  • Changing the CIP Program to Reflect Address Verification
  • Customer Uses More than One Address
  • Banker's Knowledge of Customer
  • CDs and Money Markets
  • Responsibity for the ID Theft Prevention Policy
  • Bank-wide Annual Training
  • Explanation of "Scope"
  • Discrepancy Rules and Business Debit Card Holders
  • Alerts in Credit Reports
  • Making Cardholder Change of Address Notification More Effective
  • Including Red Flags as Part of the Identity Theft Program
  • Complying with the FTC Identity Theft Program Requirements
  • Section 114 (Red Flags) Relative to any New Relationship with Existing Customer
  • Collection Department's Responsibility
  • Using Verification Work with a New Deposit Account
  • Documenting Resolution of the Address Discrepancy
  • About the Verifying Address Requirement
  • Separate Policy - or Amendment of FACT Act Policy
  • Furnishing the Correct Address Information in an Automated Underwriting System
  • Furnishing the CRA with Correct Address Information
  • Using the CRA as the Secondary Source of ID for CIP Purposes
  • How to Correct Addresses with the CRAs
  • Address Discrepancy Provisions
  • Using Chex System or Lexux Nexus in Place of a Credit Report
  • Notifying the Credit Bureau when a Customer's Address Changes
  • Verifying Information for Loan when the Credit Report is Obtained
  • Reporting Loan Accounts and New Deposit Accounts
  • Applying 334.82 When Pulling a Credit Report
  • Form for Reporting Address Discrepancies Provided by CRAs
  • Pulling Credit Reports when Opening New Accounts
  • Reconciling Addresses on CRAs for Loans
  • Physical Address Required to Compy with Dsicrepancy Provisions
  • ChexSystems and the CRA
  • The Definition of a 'Card Issuer'
  • Regarding Service Provider Contracts
  • Using Existing CIP Procedures to Verify Identity

    Red Flags Discussions
    What are other bankers’ questions and concerns about the impending ID Theft Red Flags rules? From definitions to covered accounts, address verification to board reports, we’ve assembled a collection of Bankers’ Threads on ID Theft Red Flags that shows how other bankers are thinking.

  • ID Theft and Red Flags Discussions

     Training Tools
    We’ve posted a new Red Flag tool – Red Flag Assessment Testing means breaking down products and services and examining and rating them them individually for risk. Controls have to be imposed and reviewed as well. This tool, in the form of an Excel checklist, will help banks get started on this process. Please review the Red Flag Assessment Testing tool provided by BOL user Rizzo, or access our other Red Flag Tools.

    Training Tools

     Annotated Red Flags Rules
    We've taken the Red Flag and address discrepancy rules, and we've annotated them with companion links for your convenience. They provide you with a quick jumping off point to get to the law itself, the prefatory material published with the final rules, the FCRA/FACT Act Forum on Bankers' Threads, our FACT Act Developments page, Launch Pad links, compilations of articles, the statutes, the Red Flags examples from Supplement A to Appendix J, the June 2009 Interagency FAQ on the regulations, and more.

    Annotated Red Flags and Address Discrepancy Regulations

    One stop for the essential information related to the regulatory requirements!