Summary of Red Flags Identity Theft Rules

Key Points by Anna DeSimone

On May 1, 2009 all non-depository mortgage brokers and lenders must implement a comprehensive program to detect, prevent and mitigate identity theft. Red Flags rules are implemented under the Fair and Accurate Credit Transactions Act. The requirement for an internal program became effective November 1, 2008 for federally chartered depository institutions. Enforcement of rules were delayed until May 1st, 2009 for creditors and state-chartered banks operating under the jurisdiction of the Federal Trade Commission (FTC) including all mortgage companies. Listed are 8 “key points” of the Red Flags Rule.

1. Financial institutions include banks, thrifts, credit unions and entities that hold a “transaction account” where a consumer can make payments, drafts or transfers. Examples are checking & savings accounts and broker accounts where consumers can write checks.

2. Creditors include organizations that regularly extend, renew or continue credit; companies that make arrangements to extend/renew/continue credit; and assignees of a companies who extend/renew/continue credit. Examples are: finance companies, utility companies; automobile dealers, telecommunication companies, mortgage brokers and mortgage lenders.

3. Covered Accounts include credit cards, checking/savings accounts, car loans, cell phone service, utilities, margin accounts and mortgage loans.

4. Identity Theft Program is a written plan that must reflect the creditor’s size, structure and business model. The program requires a designated employee to oversee the program, complete audits, monitor compliance and report to management.

5. Red Flags consists of alerts, discrepancies, warnings, variance, or unusual activity that is noticed by the creditor.

6. Red Flag Detection is a workflow step where a comparative review is made among documents furnished by the borrower, the information reported on the loan application, verification responses and information reported by credit repositories. Detection steps may include the use of SSN validation tools, fraud checks and factual ID reports.

7. Response and Mitigation involve an assessment of the risk to the lender and/or exposure to identity theft to the consumer. Examples of responses include the receipt of explanations from borrowers and/or supporting documents that clear discrepancies or unwarranted “false positives.” Mitigation is evidenced through a paper trail or interactive comment submitted to a factual ID vendor.

8. Address Discrepancies are notices sent to lenders by credit agencies informing the lender of a substantial difference between the information provided on the request order form with the agency’s database. Mandatory response steps include cross-checking data, verifying directly with the consumer and submitting a confirmation to the credit agency.

Need More Information?

Bankers Advisory can provide a customized Red Flags Plan that is especially tailored for your business model. We are co-hosting webinars along with Kroll Factual Data which will include demonstrations of how red flags are detected and mitigated using an real-time interactive system. Please contact our Director of Marketing & Communications, Lucia Arno-Bernsen at 617-489-2008 to request a policy guide order form or information on webinars.

Red Flag Webinars – Thursday, April 16, Tuesday, April 28, Wednesday, May 20

All webinar times are 3 p.m. Eastern (1 p.m.Mountain) $45 fee

  • 781-402-6415

Anna DeSimone founded Bankers Advisory in 1986 and is a nationally recognized authority in residential mortgage lending. She has received numerous industry awards and has authored more than 40 best practices guides and hundreds of articles.

Comments are closed.