Red Flags Rule: Most Banks, Credit Unions In Compliance

It’s been a year since federal regulators began monitoring bank and credit union compliance with government-issued anti-identity theft guidelines known as “The Red Flags Rule” and so far, the assessment is mostly positive, Bankinfosecurity.com reports.

“Overall our institutions are doing pretty well in their exams," April Breslaw, Director of Consumer Regulation at the Office of Thrift Supervision (OTS) tells the Web site. "The vast majority is taking ID Theft Red Flags seriously and has implemented the program as required.”

The Red Flags Rule was adopted in late 2007 under a mandate established by the Fair and Accurate Credit Transactions Act (FACTA). The rule requires banks and creditors to implement written identity theft prevention programs intended to identify, detect, and respond to patterns, practices, or specific activities—known as “red flags”—that could indicate identity theft.

According to Bankinfosecurity, the OTS has begun to include Red Flags compliance among the considerations it takes into account in its routine reviews of OTS-regulated financial institutions.  Though credit unions have been “overwhelmingly” compliant with the guidelines, 55 credit unions have violated the rule, mostly by failing to implement a red flags program, the article states.

Banks and credit unions aren’t the only businesses that fall under Red Flags Rule purview, but credit-extending institutions outside of the financial sector (such as retail stores and car dealerships) have been given several deadline extensions for compliance—most recently, until June 2010. We encourage businesses to take a look at the FTC's how-to-guide for business to learn more about this important identity theft safeguard.