Each financial institution or creditor that is required to implement an identity theft prevention program must provide for the continued administration and oversight of the
program, including the following:
1. Obtain approval of the initial written program by its governing body or an appropriate committee of its governing body;
Each financial institution or creditor that is required to implement an identity theft
prevention program must provide for the continued administration and oversight of the
program, including the following:
1. Obtain approval of the initial written program by its governing body or an appropriate committee of its governing body;
2. Involve the governing body, a committee of the governing body, or a designated employee at the level of senior management in the development, implementation,
administration and oversight of the program;
3. Train staff as necessary to effectively implement the program; and
4. Exercise appropriate and effective oversight of service provider arrangements.
Duties regarding the detection, preventiotheft under the “red flag” rules
Elements of an Identity Theft Prevention Program
▪ Procedure for identification of relevant red flags;
▪ Procedure to detect red flags;
▪ Appropriate responses to red flags;
▪ Periodic updating of the program to reflect changes in risks to customers; and
▪ Annual report to the governing body or senior management regarding the effectiveness of the program and compliance with regulatory requirements
The Address Discrepancy Rules require all users of consumer reports to develop policies and procedures designed to enable the user to form a reasonable belief that a credit report
relates to the consumer for whom it was requested, if the user receives a notice of address discrepancy from a nationwide consumer reporting agency indicating the address given
by the consumer differs from the address contained in the consumer report. If an accurate address is confirmed, the user must have a policy requiring the address of the consumer to be furnished to the nationwide consumer reporting agency from which it received the notice of address discrepancy if: ▪ The user establishes a continuing relationship with the consumer; and
▪ The user, regularly and in the ordinary course of business, furnishes information to the consumer reporting agency. Compliance with the “Red Flag” Rules and Address Discrepancy Rules is required by May 1, 2009
.
The Federal Trade Commission is authorized to commence action in a federal district court in the event of a knowing violation of the Fair and Accurate Credit Transaction Act.
Civil penalties may be imposed up to $2,500 per violation. Users of consumer reports who fail to comply with the address discrepancy regulations
are subject to civil liability under Sections 616 and 617 of the Fair Credit Reporting Act up to $1,000 per violation.
Administration and Oversight of an Identity Theft Prevention Program
Latest Press
NLC CitiesSpeak
- How Cities, Towns and Villages are Improving Recycling Practices
- Building Opportunities: How Chattanooga’s Blueprint Program Inspires the Next Wave of Economic Inclusion
- Congressional Movement on Workforce Reauthorization Legislation
- NLC’s Journey to 100: Reflecting on the Centennial Roadshow
- Bridging the Gap: Analyzing Capital Investment Equity in Philadelphia
- How San Francisco is Boosting College Enrollment for All Youth