The Federal Trade Commission
and the federal financial
institution regulatory
agencies have published
final rules on identity
theft "red flags" and
address discrepancies that
implement sections 114 and
315 of the Fair and Accurate
Credit Transactions Act of
2003. The Final Rules
require each financial
institution and creditor
that holds any consumer
account, or other account
for which there is a
reasonably foreseeable risk
of identity theft, to
develop and implement an
Identity Theft Prevention
Program for combating
identity theft in connection
with new and existing
accounts. The Program must
include reasonable policies
and procedures for
detecting, preventing, and
mitigating identity theft
and enable a financial
institution or creditor to:
-
Identify relevant
patterns, practices, and
specific forms of
activity that are "red
flags" signaling
possible identity theft
and incorporate those
red flags into the
Program
-
Detect red flags that
have been incorporated
into the Program
-
Respond appropriately to
any red flags that are
detected to prevent and
mitigate identity theft
-
Ensure the Program is
updated periodically to
reflect changes in risks
from identity theft.
The Final Rules require
users of consumer reports to
develop reasonable policies
and procedures to apply when
they receive a notice of
address discrepancy from a
consumer reporting agency.
Motor vehicle dealers must
comply with the Rules by
November 1, 2008.
To assist members in
complying with the Rules,
NIADA will distribute
materials, developed by
NIADA General Counsel Keith
Whann and the Law Firm of
Whann & Associates that will
include: An overview of the
Red Flags Rules, guidelines
to assist your dealership in
analyzing identity theft red
flags and developing a
written program, a model
written dealership policy
for the detection,
prevention and mitigation of
identity theft and an
employee acknowledgment and
service provider agreement
addendum regarding the
identity theft program.
