If your organization sells products or services on credit, take note: May 1, 2009, is the deadline to comply with the identity theft requirements in the Fair and Accurate Credit Transactions Act (FACTA).
Dubbed the “red flag” rules, they require all financial institutions and creditors to create and implement a written program for “detection, prevention and mitigation” of identity theft of consumers’ data. In general, if a business regularly extends credit (or arranges for someone else to do so), the red flag rules apply. Accepting credit cards doesn’t make you a covered “creditor.”
Businesses must comply if there’s a “reasonably foreseeable risk” that identity theft could occur against a new or existing business account. If there is such a risk, you must develop a plan to “detect, prevent and mitigate” the theft and its effects.
The Federal Trade Commission (FTC) has identified 26 examples of red flags that could be incorporated into your program. The potential penalty for noncompliance: up to $2,500 per violation.
For more information on the red flag identity theft rules, go to www.BusinessManagementDaily.com/redflagrules.
- 7 ways to get the most out of Millennial employees
- Landlords: Don't miss out on these 10 top deductions
- Tell well-intentioned managers: You must route all ADA accommodation requests through HR
- Establish clear performance expectations so courts can judge if employee was meeting them
- Clear Work Rules—Like a No-Lying Policy—Help Employers Beat Unemployment Comp Claims