FTC to Enforce “Red Flags Identity Theft Rule” November 1

The U.S. Federal Trade Commission (FTC) has moved back the enforcement start date of regulations aimed to curb identity theft. The “Red Flags Identity Theft Rule” requires businesses to create and implement a program designed to detect, or "red flag," attempts at stealing identity information.

The FTC changed the enforcement date from October 1 to November 1 to give creditors and financial institutions more time to review this guidance, according to the Vigilant Jewelers Committee (JVC), a not-for-profit legal trade association.

The new regulations, in effect since January 2008, relate to all entities considered creditors by the U.S. Federal Trade Commission, starting October 1, 2009. This means that any company that offers credit to customers - either through house financing, branded credit card programs, layaway facilities or any other credit arrangement - must comply with the rules already in place.

Any company in the U.S. that offering credit to customers will face new regulations, aimed at preventing identity theft. However, jewelry businesses only accepting credit cards are not considered creditors and therefore have no compliance obligation.

The program must be integrated into the daily operations of the business, but can be tailored to the specific risks a particular business' credit program possesses.

An example of a "red flag" could be an alert from a credit reporting company regarding suspicious activity, identification documents or online behavior indicating attempts to access information by unauthorized third parties.