Regulators Propose Rules on Identity Theft
U.S. regulators have released a rule proposal and are seeking comments concerning identity theft "red flags" and address discrepancies. The regulations that the agencies are jointly proposing would require each financial institution and creditor to develop and implement an identity theft prevention program that includes policies and procedures for detecting, preventing and mitigating identity theft in connection with account openings and existing accounts.
The rule was announced in a joint release from the following agencies: The Federal Reserve, the Federal Deposit Insurance Corp., the Federal Trade Commission, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision.
The proposed regulations include guidelines listing patterns, practices and specific forms of activity that should raise a "red flag," signaling a possible risk of identity theft. Under the proposed regulations, an identity theft prevention program established by a financial institution or creditor would have to include policies and procedures for detecting any "red flag" relevant to its operations and implementing a mitigation strategy appropriate for the level of risk.
The proposed regulations also would require credit and debit card issuers to develop policies and procedures to assess the validity of a request for a change of address followed closely by a request for an additional or replacement card.
Additional proposed regulations would require users of consumer reports to develop reasonable policies and procedures that they must apply when they receive a notice of address discrepancy from a consumer reporting agency.