Archive

OCC, FRB, FDIC, OTS, NCUA, FTC: ID Theft Red Flags and Address Discrepancies under the FACT Act

ABA Contact: Nessa Feddis
Published: 71 Federal Register 40786; July 18, 2006
Comments Due: September 18, 2006
Disposition: Filed

Summary

The banking agencies and FTC are jointly proposing guidelines for financial institutions and creditors to identify patterns, practices, and specific forms of activity that indicate the possible existence of identity theft. They are also proposing regulations requiring each financial institution and creditor to establish reasonable policies and procedures for implementing the guidelines, including a provision requiring credit and debit card issuers to asses the validity of a request for a change of address under certain circumstances. In order to identify their identity theft risks, financial institutions and creditors must consider which accounts are subject to a risk of identity theft, the methods they provide to open these accounts, the methods they provide to access these accounts and their size, location, and customer base.

Final Rule published on November 9, 2007.

ABA Comments

The banking regulators approved a joint final rule requiring banks to adopt a written identity theft prevention program.

Such a program may be tailored to the particular needs of a given institution, but must be designed to detect, prevent and mitigate identity theft associated with all consumer accounts and others where the bank determines a reasonable risk of identity theft. The rule provides guidelines which each institution must consider in setting up and maintaining such a system, as well as a list of red flags that may indicate identity theft.

Along with the identity theft system, each bank must establish and maintain a system to evaluate and validate change-of-address requests. Users of consumer reports must have a system that reasonably assures a correlation with the consumer involved.

The rule takes effect January 1, 2008, with compliance mandatory by November 1, 2008. Read the FDIC memo.

2006 Regulatory Chart
ABA Comment Letter
Federal Register
Final Rule

‚ÄčQuestions? Please contact Nessa Feddis for more information.