The Red Flags Rule and Why It’s Important

The Red Flags Rule requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs – red flags – of identity theft in their day-to-day operations, take steps to prevent the crime, and mitigate its damage.

The Red Flags Rule tells businesses how to develop, implement and administer an identity theft program with 4 basic elements:

  1. Program must include reasonable policies and procedures to identify the red flags of identity theft that may occur in the day-to-day operations. Red Flags are suspicious patterns or practices, or specific activities that indicate the possibility of identity theft.
  2. Program must be designed to detect the red flags identified.
  3. Program must spell out appropriate actions you’ll take when you detect red flags.
  4. Program must detail how it will be updated to reflect new threats.

Financial institutions are defined by the Red Flags Rule as a state or national bank, a state or federal savings and loan association, a mutual savings bank, a state or federal credit union, or a person that, directly or indirectly, holds a transaction account belonging to a consumer.

Creditors are defined by the Red Flags Rule based on conduct. If the business defers payments for goods and services or bills customers, grant or arrange credit, or participates in the decision to extend, renew, or set the terms of credit while regularly using consumer reports in connection with a credit transaction, giving information to credit reporting companies in connection with a credit transaction, or advances funds to, or for, someone who must repay them with funds or pledged property, it is a creditor under the Red Flags Rule if it deals with covered accounts.

Financial institutions and creditors are required to conduct a periodic risk assessment to determine if they have “covered accounts.” Those with covered accounts must implement a written program. Covered Accounts can be split into 2 categories:

  1. A consumer account for customers for personal, family, or household purposes that involves or allows multiple payments or transactions. Examples: credit card accounts, mortgage loans, auto loans, and checking and savings accounts.
  2. Any other account that a financial institution or creditor offers or maintains for which there is reasonably foreseeable risk to customers or to the safety and soundness of the financial institution or creditor from identity theft.

The bottom line is that a program can help businesses spot suspicious patterns and prevent the costly consequences of identity theft for consumers.

AccuShred won a torch award for Ethics - Read more about our business model

Latest News

How One-Time Purge Shredding Can Elevate Business Security

March 6, 2024

Secure, Automate, Protect: A Blueprint for Modern IT Security

February 20, 2024

Unpacking 2023’s Most Impactful Cybersecurity Threats

February 6, 2024

Go To Blog

Upcoming Shred Days

City of Sylvania

Location: Sylvania Courthouse Parking Lot
April 20, 2024 9:00am-1:00pm

Horizons Planning Corp

Location: Horizons Planning Corp
April 22, 2024 3:00pm-6:00pm

Genthe CDJR

Location: Genthe CDJR
April 27, 2024 9:00am-12:00pm

All Days and Details

Testimonials

They did an excellent job in showing up on time, and very efficiently shredding all of the private information right in front of me. This is the second time I have had a large amount of shredding, and I would recommend them to anyone needing this service. They have a great staff and were very […]

Craig S.

More Testimonials