The November 1, 2008, date for complying with the FACT Act identity theft red flag regulations is just around the corner. While most institutions believe they will make this mandatory compliance date, there are a number of checkpoints institutions should consider. First, make certain you have addressed your service providers and their compliance with the red flag regs. One way to accomplish this is to include provisions in your provider contracts that address red flag compliance. Next, make sure you have scheduled time with your Board for their approval of your identity theft prevention program–don’t wait until the last minute as calendars fill up quickly. Finally be sure you have trained your staff on the new law and its impact on their day-to-day responsibilities–training is required under this law.
For assistance in complying with the various red flag components, consider the Wolters Kluwer Financial Services Red Flag Tool Kit.