On June 12, 2013, the Federal Trade Commission (the “FTC”) issued revised guidance designed to help businesses comply with the requirements of the Red Flags Rule, which protects consumers by requiring businesses to watch for and respond to warning signs or “red flags” of identity theft. The guidance outlines which businesses – financial institutions and some creditors – are covered by the Rule and what is required to protect consumers from identity theft.
The FTC enforces the Red Flags Rule with several other agencies. Its guide has tips for organizations under FTC jurisdiction to determine whether they need to design an identity theft prevention program, and can help businesses spot suspicious patterns and prevent the costly consequences of identity theft.