What are Red Flag Rules? This concept is not to be confused with “Red Lining”. Red Flag Rules tell you how to develop and implement an identity theft prevention program in your life or business. Any program must have four basic elements to create a framework within which to deal with the threat of identity theft.
1. Policies and procedures must be put in place to RECOGNIZE the red flags of identity theft that may occur in a company’s day-to-day operations. Red Flags, in this instance, may be described as suspicious patterns or practices, or specific activities that indicate the possibility of identity theft. If a customer must provide proof of his/her identity to you, and the method they use looks suspicious, that is considered a Red Flag.
2. Coming up with a list of Red Flag issues for your business is imperative. It you do not put procedures in place to recognize a red flag, as in fake, forged or altered identification sources, then you have not fully fulfilled the requirements of a good program.
3. Describe the specific actions you will take to detect and act when given a fake ID.
4. Put into place a timetable to review the Red Flag list you have implemented in order to keep up with the changing financial landscape within which you operate.
Just because you have written things like this down, it doesn’t constitute having taken care of the problem. You must have procedures in place to implement, review, act and/or change the identified threats in the daily round of your business. Determining the risks to your business and how to act when they do pop up is of paramount importance to having a successful program in place.
Security of any data you collect is crucial. We’ve all heard the stories on the news of corporation’s having their computer’s hacked, and losing large amounts of consumer data. What will you put in place to keep this from happening?
In our next article, we will continue this subject and discuss who must comply with Red Flag Rules. Stay Tuned.