Amendments to the Fair and Accurate Credit Transactions Act of 2003 (FACTA) that went in effect in January 2008 outlined that organizations must implement a written program to detect, mitigate and respond to the surging risks of identity theft. This requirement was a multi-agency initiative that impacts businesses of all sizes.
The mandatory deadline for companies to be in compliance with the Federal Trade Commission’s (FTC) version, dubbed the “Red Flags” Rules, was recently pushed back from May 1, 2009 to August 1, 2009. In the interim, to help clear some lingering confusion, the agency has released a template for companies that are considered a low-risk for identity theft. The template, entitled “Create Your Own Identity Theft Prevention Program: A Guided 4-Step Process,” is to be used to help develop the necessary written program by providing instructions and guidelines for businesses.
The FTC’s release on the issue can be found here.
The agency’s template is located at Create Your Own Identity Theft Prevention Program: A Guided 4-Step Process.
Matthew Carr, NACM staff writer