red flag

Updated guide from the FTC: fighting identity theft with Red Flags Rule for businesses

On June 12, 2013, the Federal Trade Commission (the “FTC”) issued revised guidance designed to help businesses comply with the requirements of the Red Flags Rule, which protects consumers by requiring businesses to watch for and respond to warning signs or “red flags” of identity theft. The guidance outlines which businesses – financial institutions and some creditors – are covered by the Rule and what is required to protect consumers from identity theft.

The FTC enforces the Red Flags Rule with several other agencies. Its guide has tips for organizations under FTC jurisdiction to determine whether they need to design an identity theft prevention program, and can help businesses spot suspicious patterns and prevent the costly consequences of identity theft.

June 27th, 2013|Educational Series, Guidance|

Federal Trade Commission’s Red Flags rule enforcement for accountants and other professionals is postponed

The American Medical Association (AMA), the American Bar Association (ABA) and the American Institute of Public Accountants (AICPA) all have brought legal actions against the FTC on the Red Flags rule. In the most recent suit filed on May 21, 2010 by the AMA, the American Osteopathic Association, and the Medical Society of the District of Columbia, the groups argued that the FTC will require them to start verifying their patients’ identities before they agree to treat them. In August 2009, in a suit brought by the ABA, the district court barred the FTC from applying its Red Flags rule to lawyers. The FTC appealed the ruling in February 2010. A decision in the appeal is pending.

The AICPA’s suit, filed on behalf of its members on November 10, 1009, charged in part that the FTC exceeded its statutory authority by extending the rule to regulate accountants and public accounting firms. The AICPA said that “it did not believe there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered.” That suit is now linked to the outcome of the appeal of the ABA ruling. AICPA members have been granted a 90-day grace period – a 90-day delay of enforcement of the rule – from the date on which the U.S. Court of Appeals for the District of Columbia Circuit renders an opinion in the ABA’s case against the FTC.

On May 28, 2010, the FTC announced that it again delayed the implementation until December 31, 2010 of a proposed Final Rule relating to Identity Theft Red Flags under the Fair and Accurate Credit Transactions Act of 2003. The proposed “Red Flags” rule is designed to help prevent identity theft among credit providers and financial institutions.

July 26th, 2010|Educational Series, Judgment|
Go to Top