On June 1, 2010, the Federal Trade Commission (FTC) will begin enforcing its so-called “Red Flags Rule.” The purpose of the Rule is to require development, monitoring and updating of formal board-approved policies and procedures designed to detect, prevent and respond to customer/client data security or other identity theft breaches. The Rule applies to all “financial institutions” and “creditors” maintaining “covered accounts” under the Rule. It was jointly adopted on November 9, 2007 by the FTC, The Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Fed), the Federal Deposit Insurance Corporation (FDIC), the Department of the Treasury Office of Thrift Supervision (OTS) and the National Credit Union Administration (NCUA) under the authority of the Fair and Accurate Credit Transactions Act of 2003 amendments to the Fair Credit Reporting Act of 1970. The OCC, Fed, FDIC, OTS and NCUA have the authority to enforce the Rule as to regulated financial institutions such as banks, savings banks, savings and loan associations and credit unions. The regulation of all other covered entities, including private businesses, falls within the jurisdiction of the FTC.
Please see full publication below for more information.