Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003; Final Rule
Federal Register, November 9, 2007, Page 63717-63775
Office of the Comptroller of the Currency, Treasury (OCC); Board of Governors of the Federal Reserve System (Board); Federal Deposit Insurance Corporation (FDIC); Office of Thrift Supervision, Treasury (OTS); National Credit Union Administration (NCUA); and Federal Trade Commission (FTC or Commission).
Joint final rules and guidelines
The OCC, Board, FDIC, OTS, NCUA and FTC (the Agencies) are jointly issuing final rules and guidelines implementing section 114 of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act) and final rules implementing section 315 of the FACT Act. The rules implementing section 114 require each financial institution or creditor to develop and implement a written Identity Theft Prevention Program (Program) to detect, prevent, and mitigate identity theft in connection with the opening of certain accounts or certain existing accounts. In addition, the Agencies are issuing guidelines to assist financial institutions and creditors in the formulation and maintenance of a Program that satisfies the requirements of the rules. The rules implementing section 114 also require credit and debit card issuers to assess the validity of notifications of changes of address under certain circumstances. Additionally, the Agencies are issuing joint rules under section 315 that provide guidance regarding reasonable policies and procedures that a user of consumer reports must employ when a consumer reporting agency sends the user a notice of address discrepancy.
The joint final rules and guidelines are effective January 1, 2008. The mandatory compliance date for this rule is November 1, 2008.
OCC: Amy Friend, Assistant Chief Counsel, (202) 874-5200; Deborah Katz, Senior Counsel, or Andra Shuster, Special Counsel, Legislative and Regulatory Activities Division, (202) 874-5090; Paul Utterback, Compliance Specialist, Compliance Department, (202) 874-5461; or Aida Plaza Carter, Director, Bank Information Technology, (202) 874-4740, Office of the Comptroller of the Currency, 250 E Street, SW., Washington, DC 20219. Board: David A. Stein or Ky Tran-Trong, Counsels, or Amy Burke, Attorney, Division of Consumer and Community Affairs, (202) 452-3667; Kara L. Handzlik, Attorney, Legal Division, (202) 452-3852; or John Gibbons, Supervisory Financial Analyst, Division of Banking Supervision and Regulation, (202) 452-6409, Board of Governors of the Federal Reserve System, 20th and C Streets, NW., Washington, DC 20551. FDIC: Jeffrey M. Kopchik, Senior Policy Analyst, (202) 898-3872, or David P. Lafleur, Policy Analyst, (202) 898-6569, Division of Supervision and Consumer Protection; Richard M. Schwartz, Counsel, (202) 898-7424, or Richard B. Foley, Counsel, (202) 898-3784, Legal Division, Federal Deposit Insurance Corporation, 550 17th Street, NW., Washington, DC 20429. OTS: Ekita Mitchell, Consumer Regulations Analyst, Compliance and Consumer Protection, (202) 906-6451; Kathleen M. McNulty, Technology Program Manager, Information Technology Risk Management, (202) 906-6322; or Richard Bennett, Senior Compliance Counsel, Regulations and Legislation Division, (202) 906-7409, Office of Thrift Supervision, 1700 G Street, NW., Washington, DC 20552. NCUA: Regina M. Metz, Staff Attorney, Office of General Counsel, (703) 518-6540, National Credit Union Administration, 1775 Duke Street, Alexandria, VA 22314-3428. FTC: Naomi B. Lefkovitz, Attorney, or Pavneet Singh, Attorney, Division of Privacy and Identity Protection, Bureau of Consumer Protection, (202) 326-2252, Federal Trade Commission, 600 Pennsylvania Avenue, NW., Washington DC 20580.