The Red Flags Rule is an FTC rule that requires financial institutions to implement a written program designed to detect, prevent, and mitigate identity theft.
Red Flags Rule
Frequently asked questions
What is the purpose of the Red Flags Rule? Toggle description visibility
The purpose of the Red Flags Rule is to identify potential “red flags” in financial transactions that could indicate identity theft, money laundering, or other fraudulent activities.
What are the four elements of the Red Flags Rule? Toggle description visibility
According to the FTC, the four elements of the Red Flags Rule are:
Identifying relevant red flags by considering signals such as suspicious account activity, tips from other sources, alerts from credit reporting companies, and more
Using identity verification and authentication methods to detect red flags
Taking specific actions if red flags are detected, such as suspending accounts
Updating the strategy to address evolving threats
What does the Red Flags Rule require banks to establish? Toggle description visibility
The Red Flags Rule requires financial institutions to establish written programs that detail how the organization identifies, detects, and mitigates the impact of identity theft and fraud.