FTC Delays Red Flags Rule
By Amy Kudlacek
Many of you may have already seen the Federal Trade Commission's (FTC) press release dated October 22, 2008. This release states that the FTC will delay the Red Flags/ID Theft Program mandatory compliance date from November 1, 2008 to May 1, 2009. The release states that the delay applies to both creditors and financial institutions. While many of you may be jumping for joy, don't start the celebration quite yet.
If you read the press release carefully, it appears that this extension is not for chartered banks but rather for other entities under the FTC's jurisdiction. Many of these entities were unaware that their financial activities would cause them to be a covered "creditor" or "financial institution" under the Red Flags rule. The press release clearly states that "today's announcement and the release of an Enforcement Policy Statement do not affect other federal agencies' enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance."
We contacted our local FDIC office and they are not aware of any extension that would apply to FDIC regulated banks. So from what we can tell, it looks like banks will need to ensure compliance with the Red Flags rule by November 1, 2008.
If, by a stroke of luck, it is determined that the delay would apply to banks, we suggest that you proceed as usual with the November 1, 2008, date. You basically get to practice your Red Flags program without the regulatory scrutiny. So you can't go wrong.
If we learn more we will keep you informed.