News & Resources

FTC releases interim rule for red flag program

Dec 13, 2012 Dave King

Identity theft has been an increasingly damaging issue in the United States throughout the past decade, as criminals continue to become more capable of circumventing security protocols and software to steal personal and corporate data. ID verification has never been more important, and business owners need to ensure they are putting the most stringent policies in place to deter identity thieves from their companies. Identity theft can have even more intense implications for businesses than individuals, and this has been another issue in recent years. In addition to incurring financial losses, businesses that fall victim to identity theft are often faced with a variety of other problems, such as damaged reputations, legal costs, disruption of operations and, worst of all, terminations of certain processes. FTC warns of identity theft
The Federal Trade Commission (FTC) recently announced that it decided on an Interim Final Rule on identity theft "red flags," a prevention program that has been in the works for several years. According to the commission, this program, backed by Congress and a variety of banking agencies, was established to require all financial institutions and creditors to develop written plans to prevent identity theft. The FTC now demands all covered organizations to have a four-part program in place that include "reasonable policies and procedures to identify signs of identity theft in the day-to-day operations of the business." Additionally, business executives will need to establish identity theft detection methods and put them into action immediately. The Commission explained the third point involves the proceedings to follow detection of identity theft, including any calls-to-action and reactionary processes. The fourth and final requirement will be an evaluation policy that outlines when all other points will be assessed and refined, as this will help to mitigate the risks of advanced persistent threats and keep businesses abreast with the ever-changing world of identity theft. The FTC noted that the Interim Final Rule is now at the comment phase and, if no objections are made, it will be finalized in 60 days. Everyone's responsibility
No matter what type of business an executive oversees, it is their responsibility to ensure proper ID verification processes are carried out regularly to protect their customers, employees and vendors. Identity thieves do not need a large amount of information to steal enormous quantities of money, so personal, corporate and banking data should be safeguarded at all times.