Bankin’ Bits

To the surprise of no one, on October 30, 2009, Congress requested, and the  Federal Trade Commission (FTC) approved, a further delay of enforcement of the Red Flags Rule (the Rule).  This time, enforcement of the Rule is delayed until June 1, 2010.  This enforcement delay provides creditors additional time to develop and implement written identity theft prevention programs required by the Rule.

Developed under the Fair and Accurate Credit Transaction Act of 2003, the Rule has a surprisingly wide application to any business that bills customers after providing goods or services. This includes many health care providers, construction companies and merchants who offer Retail Installment Sales Contracts, for example. If such “creditors” have “covered accounts” (as defined in the Rule), they must adopt an identity theft prevention program. The program must be designed to identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that might indicate identity theft.

A full copy of the FTC’s October 30, 2009 press release is available here.