By: Kelly Carson
Last month, the Federal Trade Commission (FTC) issued an updated “How-To” guide to help businesses and organizations determine whether they are subject to the agency’s Red Flags rule (Rule). Under the Rule, certain entities are required to establish written programs that are aimed at detecting and preventing identity theft.
The FTC’s revised guide lays out which businesses the Rule covers — namely, “financial institutions” and some “creditors” — as well as the steps they must take to comply with the Rule’s requirements. As covered in a previous post, the Rule was amended in November 2012 to narrow the definition of “creditor,” bringing it in line with the Red Flag Program Clarification Act of 2012.