Financial Institutions Gearing up for Red Flag Rules Compliance


Let's see... Basel II, anti-money laundering requirements, Sarbanes-Oxley, Graham-Leach-Bliley. These are just a few of the regulatory schemes that financial institutions have to deal with. And as of November 1, 2008, yet another set of rules will apply: the "red flag rules."


The Federal Trade Commission, the Federal Reserve, the National Credit Union Administration and other financial regulators in the United States are "phasing in" what they call the Red Flag Rules, ConsumerAffairs.com reports. These rules, set out in the Fair and Accurate Credit Transactions Act, require financial institutions to set up written plans for identifying "red flag" transactions that could indicate identity theft or fraud.


The law became effective January 1 of this year, but full compliance is not expected until November 1. That said, November 1 is not that far away, and some companies aren't aware that the Red Flag Rules exist. To combat that lack of knowledge, the FTC issued a business alert early this month outlining what the rules are designed to do, which companies are subject to them, and where to get additional information.


Compliance technology providers and compliance consultants are, of course, wasting no time marketing their tools and services to help banks and others prepare for the Nov. 1 deadline. One example is Compliance Coach, which offers an identity theft red flags training course.