WASHINGTON (9/11/08)—Federal financial regulators, including the National Credit Union Administration (NCUA), are soon expected to issue guidelines for examiners charged with reviewing financial institution compliance with an identity theft “red flags” rule. The red-flags rule, as required under the Fair and Accurate Credit Transaction (FACT) Act, was issued jointly last November by the federal credit union, bank and thrift regulators and the Federal Trade Commission. The rules require financial institutions and other creditors to develop and implement a written program that is designed to detect, prevent, and mitigate identity theft. There is a Nov. 1 compliance deadline. Credit Union National Association (CUNA) Senior Assistant General Counsel Jeff Bloch said it is CUNA's understanding that the exam guidance is in the final stages of preparation and will be issued shortly. Bloch said, based on information unveiled Aug. 11 by the Office of Thrift Supervision, CUNA expects the NCUA instruction to examiners to include that:
* A credit union’s red flags program can build on existing foundations for information security, such as Customer Identification Programs, and does not have to start from scratch; * A credit union should use existing tools as much as is possible; * The program should be a collaborative effort among all departments; and * Each program should reflect a credit union’s unique circumstances.
A study released Wednesday by TowerGroup, a research firm that focuses on financial services issues, predicted that less than one-third of the country’s financial institutions may be ready for the Nov. 1 compliance date. “Regulators are expected to be reasonable with institutions that have made a good-faith effort to comply,” according to TowerGroup. But the firm advised financial institutions to “step up their efforts to develop and deploy programs to prevent identity theft, or they face the inevitable consequences of noncompliance.” CUNA continues to provide resources to help credit unions with compliance. CUNA, with CUNA Mutual Group, offers an archived Webinar targeted to credit union staff responsible for compliance, information security, and fraud prevention. CUNA is also offering a Sept. 29 audio conference with advice from industry experts. As an additional resource, CUNA’s director of compliance information, Valerie Moss, posed the seven red-flags questions credit unions should be asking during the few months left before the mandatory compliance date in an August Credit Union Magazine
article. To access these resources, use the resource links below.