Red Flags Rule
The Bank Secrecy Act (BSA) of 1970 requires financial institutions and businesses to assist the government in detecting and preventing money laundering and other financial crimes in the United States.
The Red Flags Rule is the latest addition to the 2003 Fair and Accurate Credit Transactions (FACT) Act, joint legislation created by the Federal Trade Commission, the federal bank regulatory agencies, and the National Credit Union Administration. The FACTA Red Flags Rule requires financial institutions and a broad category of creditors to write, implement and maintain an Identity Theft Prevention Program. Under the FTC Red Flags Rule, financial institutions are state and national banks, state or federal savings and loan associations, mutual savings banks, state or federal credit unions and any other entity that holds a “transaction account” belonging to a customer. Creditors are those who regularly defer payment for goods or services, which may include utility, telecommunications, healthcare companies and many more. Red Flags Rule Compliance requires the periodic maintenance and review of a business or organization’s ID Theft Prevention Program to ensure the adequacy of the following key elements:
- The recognition of accounts considered covered by the Red Flags Rule
- The identification of relevant Red Flags for the business
- The establishment of procedures to detect the Red Flags identified
- The definition of appropriate responses to the detection of the identified Red Flags
- The overall administration of the ID Theft Prevention Program
To find out if your ID Theft Prevention Program is keeping up with the times, click here: Doing Your Part to Prevent Identity Theft.