WASHINGTON (5/4/09)--State-chartered credit unions will have more time to comply with the Federal Trade Commission (FTC)’s identity theft “red flags” rule after the FTC announced that it will extend the date to August 1 from May 1. This is the second delay the FTC has issued for enforcement of the rules. Federal credit unions were required to comply with NCUA's red flag regulations on Nov. 1, 2008. Some state regulators expected state-chartered credit unions to comply at the same time as the federal credit unions--Nov. 1--regardless of the FTC's enforcement delay. Credit unions can check with their state examiners to confirm compliance dates. The FTC said it delayed enforcement to give institutions subject to the FTC’s oversight more time to develop and implement written identity theft prevention programs. The delay, like the one issued by the FTC in October, is limited to the ID theft red flags rule. It does not extend to the regulation regarding address discrepancies applicable to users of consumer reports, or to the rule regarding changes of address applicable to card issuers. The mandatory compliance date for these requirements was Nov. 1, 2008 for both federal and state chartered credit unions. The red flags rule was developed to implement parts of the Fair and Accurate Credit Transactions (FACT) Act of 2003. FACTA directed financial regulatory agencies, including the FTC, to promulgate rules requiring those under its supervision that have covered accounts to implement programs to identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. A covered account generally is a consumer account or any other account the institution determines carries a foreseeable risk of identity theft. Last month, the FTC launched a website to help entities covered by the red flags rule develop and implement identity theft prevention programs. The site features a publication, “Fighting Fraud with the Red Flags Rule: A How-To Guide for Business.” In addition, the FTC's extended enforcement policy indicates that FTC staff plan to publish a "red flag" template to enable smaller, low-risk entities to prepare their programs without undue burden. For more information, use the links.