Nonprofit Alert: Mandatory FTC Identity Theft Program, July 2010July 13, 2010 | Download PDF
The Federal Trade Commission (FTC) issued the Red Flags Rule for financial institutions and creditors to fight identity theft. The rule requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect warning signs – or "red flags" – of identity theft in their day-to-day operations, take steps to prevent crime, and mitigate the damage it inflicts. The Red Flags Rule applies to financial institutions and creditors. The rule requires a periodic risk assessment to determine if the entity has covered accounts. A written program needs to be in place only if the entity has covered accounts.