Nov. 1 is new enforcement date for 'Red Flags Rule'

Washington, DC

-The Federal Trade Commission has announced another delay-Nov. 1-in the enforcement of the “Red Flags Rule” to give creditors and financial institutions more time to develop and implement written identity theft prevention programs.

The rule originally was set to take effect Nov. 1, 2008. Subsequently, the enforcement was changed to May 1, then Aug. 1 before the most recent announcement.

For more information about the requirements, see

http://www.ftc.gov/redflagsrule

. A link to the agency’s new compliance manual is available at that address as well.

The Fair and Accurate Credit Transactions Act (FACTA) of 2003 directed financial regulatory agencies to promote rules requiring creditors and financial institutions with covered accounts to implement programs that would identify, detect, and respond to activities that may indicate identity theft. The definitions of “creditor” and “financial institutions” were broad, and through outreach efforts in 2008, the FTC learned that some entities under its jurisdiction were uncertain about their coverage under the Red Flags Rule.

FACTA’s definition of “creditor” includes any entity that regularly extends or renews credit or arranges for others to do so and includes those that regularly permit deferred payments for goods or services. “Financial institutions” are defined as those that offer accounts that enable consumers to write checks or make payments to third parties through other means.