ALEXANDRIA, Va. – NCUA, along with the other federal financial regulators, is seeking public comment on proposed regulations regarding identity theft red flags and to address discrepancies under the Fair and Accurate Credit Transactions Act of 2003.
The proposal, for which comments are due Sept. 18, would require each financial institution and creditor to develop and implement an identity theft prevention program that includes policies and procedures for detecting, preventing, and mitigating identity theft in connection with account openings and existing accounts. It also includes guidelines listing patterns, practices, and specific forms of activity that should raise a red flag signaling a possible risk of identity theft. Under the proposed regulations, financial institutions or creditors would have to include in their identity theft prevention program policies and procedures for detecting any "red flag" relevant to its operations and implement a mitigation strategy based on risk.
Specifically, compliant policies and procedures would:
* Identify those Red Flags that are relevant to detecting a possible risk of identity theft to customers or to the safety and soundness of the financial institution or creditor;
* Verify the identity of persons opening accounts;
* Detect the Red Flags that the financial institution or creditor identifies as relevant in connection with the opening of an account or any existing account;
* Assess whether the Red Flags detected evidence of a risk of identity theft;
* Mitigate the risk of identity theft, commensurate with the degree of risk posed;
* Train staff to implement the Program; and
* Oversee service provider arrangements.
In addition, the proposed regulations require credit and debit card issuers to develop policies and procedures to assess the validity of a change of address followed closely by a request for an additional or replacement card. It would also require users of consumer reports to develop reasonable policies and procedures for when they receive a notice of address discrepancy from a consumer reporting agency.
The institution's board of directors or appropriate committee must approve the programs.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.