Six federal agencies issued a set of frequently asked questions (FAQs) today to help financial institutions, creditors, users of consumer reports, and issuers of credit cards and debit cards comply with federal regulations on identity theft and discrepancies in changes of address. The “Red Flags and Address Discrepancy Rules,” which implement sections of the Fair and Accurate Credit Transactions Act of 2003, were issued jointly on November 9, 2007, by the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS), and Federal Trade Commission (FTC).
The rules require financial institutions and creditors to develop and implement written Identity Theft Prevention Programs and require issuers of credit cards and debit cards to assess the validity of notifications of changes of address. The rules also provide guidance for users of consumer reports regarding reasonable policies and procedures to employ when consumer reporting agencies send them notices of address discrepancy.
The agencies developed answers to these FAQs to provide guidance on numerous aspects of the rules, including which types of entities and accounts are covered, establishment and administration of an Identity Theft Prevention Program, address validation requirements applicable to card issuers, and the obligations of users of consumer reports upon receiving a notice of address discrepancy. The FTC also has developed a Web site, www.ftc.gov/redflagsrule, with additional resources and guidance for creditors and financial institutions that are within its jurisdiction.