Highlights:
- The regulation and guidelines implement sections 114 and 315 of the Fair and Accurate Credit
Transactions Act of 2003.
- The regulation requires financial institutions and creditors to implement a written identity
theft prevention program.
- The regulation requires card issuers to assess the validity of change of address requests before
issuing additional or replacement debit or credit cards.
- The regulation requires users of consumer reports to reasonably verify the identity of the
subject of a consumer report in the event the user receives a notice of address discrepancy from
the consumer reporting agency.
- The guidelines are intended to assist financial institutions in implementing the regulation.
- Supplement A to the guidelines contains a list of 26 "red flags" that financial institutions and
creditors may consider incorporating into their identity theft prevention programs.
- The regulation and guidelines are effective on January 1, 2008, and mandatory compliance is
required by November 1, 2008.
Distribution:
FDIC-Supervised Banks (Commercial and Savings)
Suggested Routing:
Chief Executive Officer
Chief Information Security Officer
Related Topics:
- FIL-22-2006, Prohibition Against Discrimination in Credit
Transactions, issued March 9, 2006
- FIL-27-2005, Guidance on Response Programs for
Unauthorized Access to Customer Information and
Customer Notice, issued April 1, 2005
- FIL-7-2005, Guidelines Requiring the Proper Disposal of
Consumer Information, issued February 2, 2005
- FIL-22-2001, Guidelines Establishing Standards for
Safeguarding Customer Information, issued March 14,
2001
Attachment:
Interagency Final Rule Regarding Identity
Theft Red Flags
and Address Discrepancies
Contact:
Senior Policy Analyst Jeffrey Kopchik at (202) 898-3872
or JKopchik@fdic.gov, or Counsel Richard Schwartz at
(202) 898-7424 or rischwartz@fdic.gov
Note:
FDIC financial institution letters (FILs) may be accessed
from the FDIC's Web site at
www.fdic.gov/news/news/financial/2007/index.html.
To receive FILs electronically, please visit
http://www.fdic.gov/about/subscriptions/fil.html.
Paper copies of FDIC financial institution letters may be
obtained through the FDIC's Public Information Center,
3501 Fairfax Drive, E-1102, Arlington, VA 22226 (1-877-
275-3342 or 202-416-6940).
|