- The exam procedures are intended to assist financial institutions in implementing the Identity Theft Red Flags, Address Discrepancies, and Change of Address Regulations, reflecting the requirements of Sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003.
- The regulations require
- financial institutions and creditors to implement a written identity theft prevention program;
- card issuers to assess the validity of change of address requests; and
- users of consumer reports to verify the identity of the subject of a consumer report in the event of a notice of address discrepancy.
- The regulations and guidelines took effect on January 1, 2008, and compliance is required by November 1, 2008.
- Risk management examiners will examine institutions for compliance with the red flags regulation (12 CFR 334.90) during risk management examinations. Compliance examiners will examine institutions for compliance with the address discrepancies and change of address regulations (12 CFR 334.82 and 334.91) during compliance examinations.
FDIC-Supervised Banks (Commercial and Savings)
Chief Compliance Officer
Chief Information Security Officer
- FIL-100-2007, Identity Theft Red Flags, November 15, 2007
- FIL-32-2007, Identity Theft, FDIC's Supervisory Policy on Identity Theft, April 11, 2007
- FIL-27-2005, Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, April 1, 2005
- FIL-7-2005, Guidelines Requiring the Proper Disposal of Consumer Information, February 2, 2005
- FIL-22-2001, Guidelines Establishing Standards for Safeguarding Customer Information, March 14, 2001
Identity Theft Red Flag, Address Discrepancies, and Change of Address Examination Procedures
Identity Theft Red Flag, Address Discrepancies, and Change of Address Examination Procedures - PDF (PDF Help)
Jeffrey Kopchik, Senior Policy Analyst, at
firstname.lastname@example.org or (202) 898-3872; or Richard Schwartz,
Counsel, at email@example.com or (202) 898-7424
FIL-105-2008 - PDF (PDF Help)
To receive FILs electronically, please visit
FDIC financial institution letters (FILs) may be accessed
from the FDIC's Web site at
Paper copies of FDIC financial institution letters may be
obtained through the FDIC's Public Information Center,
3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-
275-3342 or 703-562-2200).