CIC solutions for ‘Red Flags’ compliance

**** Compliance is mandatory as of December 31st, 2010**** FTC delays again click here to read the release

Identity thieves use people’s personal information to open new accounts and misuse existing accounts, creating havoc for consumers and businesses. Financial institutions and creditors will soon be required to implement a program to detect, prevent and mitigate identity theft.

The Federal Trade Commission (FTC), the federal bank regulatory agencies, and the National Credit Union Administration (NCUA) have issued regulations (the Red Flags Rules) requiring financial institutions and creditors to develop and implement written identity theft prevention programs, as part of the Fair and Accurate Credit Transactions (FACT) Act of 2003. The programs must be in place by June 1, 2010, and must provide for the identification, detection, and response to patterns, practices, or specific activities – know as “red flags” – that could indicate identity theft.

The Red Flags Rules apply to “Financial Institutions” and “Creditors”

• Financial Institution – include state or national bank, a state or federal savings and loan association, a mutual savings bank, a state or federal credit union, or any other entity that holds a “transaction account” belonging to a consumer.
• Creditors – include finance companies, automobile dealers, mortgage brokers, utility companies and telecommunications companies.

Complying with the Red Flags Rules?

Under the Red Flags Rules, financial institutions and creditors must develop a written program that identifies and detects signs or – “red flags” – of identity theft. These may include unusual account activity, fraud alerts on a consumer report or attempted use of suspicious account application documents. These red flags fall into five categories”

• Alerts, notifications, or warnings from a consumer reporting agency;
• Suspicious documents;
• Suspicious personally identifying information;
• Unusual or suspicious activity on an account;
• Notices from customers, victims or identity theft or law enforcement authorities.

On June 1st, 2010 you must have the following;

• You must have a written information security policy
• You have to have an acceptable use plan (i.e. how you will use the above)
• You have to have an incident response plan (i.e. how you will respond to a breach of information by you or a third party.
• The program must be administered by senior management and updated on annually.
• A compliance report must be generated annually.
• The law does allow for the use of a third-party provider who has the ability to facilitate this mandatory compliance issues on your behalf.
• In your plan you must check against the list of red flags and CIC has the databases and information to help.

CIC has many solutions and partnerships to help you with all red flag compliance

CIC Credit is committed to fight against Fraud and offers a wide range of solutions for Red Flag-

1. Credit Reports with Hawk Alert,and or Fraud Shield with Fraud score!
2. Stand-alone Reports with verifications from multiple data sources
3. Tax Return & Social Verification direct from the IRS
4. AS1 report with fraud score, Social security verification, OFAC and many more view brochure here fraud_shield_ps_new.pdf (225.46 kb)
5. CIC Global Watch list sources included below

• Unverified Entities List
• Denied Entities List
• Denied Persons List

CIC offers two free solutions with every credit file

• InstantView - This tool allows the recipient of a CIC credit report to validate the report instantly online without having to repull the file.
• OFAC Alerts - CIC protects all credit reports with free OFAC search and alerts.

For More Information please call 800-352-5882