Costa Mesa, Calif. Experian, a global information services company, says that many of its products and services support Red Flag rules compliance for a variety of institutions.
The Red Flag rules went into effect January 2008 as provisions of 2003’s Fair and Accurate Transactions Act (FACTA). They require credit-granting institutions to establish reasonable procedures designed to detect, prevent and mitigate identity theft in connection with their customer accounts.
The guidelines set forth in the provisions allow institutions to implement the identity theft prevention procedures in a manner best suited to their business operations and requirements. Businesses will be able to augment current protection practices as needed to meet the Red Flag rules requirements.
"Compliance with the Red Flag rules will require different actions for every affected institution,” said Gary Kearns, president, Experian’s Decision Analytics. “Experian offers tailored services ranging from cross checking and suspicious activity identification to more complex data intelligence-driven fraud products that meet many of the Red Flag rules requirements.”
“Precise IDSM, the flagship Experian authentication service, will be an effective tool for many institutions seeking to achieve Red Flag Rules compliance,” said Stan Oliai, senior vice president, Experian’s Fraud and Identity Solutions group. “Precise ID incorporates several identity authentication and validation components that can be configured to meet the needs of most organizations.”
The Red Flag rules provisions affect a wide range of financial institutions and their customer accounts. Any business that provides credit or allows payments or transactions by consumers and small businesses likely falls under the Red Flag rules requirements. Full compliance is required by November 2008.
“The Red Flag rules are broad in scope. Institutions will need to consider their particular account practices, such as how their type of accounts are offered and how accounts are opened and accessed, in developing their written identify theft prevention program,” said Anne Fortney, partner, Hudson Cook law firm. “Depending on business circumstances, a variety of components, data sources and cross-checking systems may need to be incorporated into a Red Flag rules compliant program.”
A recent Experian Webinar provided information to institutions interested in learning more about Red Flag rules, program requirements and products that may meet an organization’s requirements. To download an archived copy of the presentation, visit experian.com/redflags.