Identity theft has become a multi-billion dollar issue that continues to accelerate. Protecting against it has become a multi-million dollar business. A survey conducted by the Federal Trade Commission (FTC) in 2006 estimated that 8.3 million American consumers, or 3.7 percent of the adult population, became victims of identity theft in 2005. Reported incidents collected by the agency in its annual fraud analysis showed 258,427 cases logged in their databases.
Stepping into this foray is the U.S. Federal Government’s Fair and Accurate Credit Reporting Act and its “Identity Theft Red Flags and Address Discrepancies” provisions. This Act defines specific “Red Flags” that organizations must monitor, act upon, and have a documented program in place to address. Some of these items may be addressed by existing policies and procedures, others may be new. Regardless, responding to this is not an option. The joint final rules and guidelines were effective January 1, 2008 with a mandatory compliance date of November 1, 2008.
The end victims of identity theft, the consumers, are rarely held responsible for fraudulent debts incurred in their name. Rather, creditors are frequently attempting to collect the bad debt, or simply writing it off. Compliance with the regulations can likely reduce the incidence of identity theft suffered by your organization, which, in turn, may result in lower end costs. With a compliance date only a few short months away, your organization’s response should begin quickly. What can you do to be prepared?