Crime
Another Delay for Red Flag Rules
Enforcement of federal regulations aimed at discouraging identity theft has been delayed until Aug. 1, in what appears to be an effort by federal officials to avoid confusion over requirements.
“The Red Flags Rule is impacting so many different types of businesses, including those who’ve had limited contact with the Federal Trade Commission in the past, that the FTC has had to do a huge outreach effort,” said Tracey Steiner, NRECA’s senior corporate counsel.
“There’s been a fair amount of pushback from some sectors claiming they don’t know about the requirements and are not clear about what’s needed to ensure appropriate compliance.”
Enforcement of the regulations was to begin last November, but the FTC extended the compliance date until May 1 to give utilities and other credit providers more time to codify measures they were taking to meet the requirements. A press release announcing the new Aug. 1 enforcement date was issued April 30.
The regulations require credit providers to develop and follow written policies designed to protect sensitive financial data from unauthorized use.
“Given the ongoing debate about whether Congress wrote this provision too broadly, delaying enforcement of the Red Flags Rule will allow industries and associations to share guidance with their members,” said FTC Chairman Jon Leibowitz in a written statement.
The FTC is continuing a stepped-up outreach effort that began last winter, and is now promising to release a template for use by “entities that have a low risk of identity theft” to meet the requirements.
“For smaller co-ops with limited turnover among their consumer-members, that template could be very helpful,” Steiner said, adding that co-ops now have an additional three months to refine their written identity theft prevention policies.
NRECA has consolidated Red Flags Rule information for co-ops on cooperative.com. The FTC is now responding to direct e-mail inquiries about the Red Flags Rule through the address: Redflags@FTC.gov.