The Red Flags Rule

516
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
516
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

The Red Flags Rule

  1. 1. The Red Flags Rule <br />Your Guide to Compliance<br />
  2. 2. Mary Louisa L’Hommedieu is experienced in a wide variety of corporate, health care, and employment matters. She devotes a substantial portion of her practice to the resolution of business and regulatory disputes in the health care, long-term care and pharmacy industries. She has litigated numerous cases in state and federal courts and before administrative bodies, and has authored articles and presented seminars on corporate, health care, employment and real estate topics.<br /> <br />Prior to joining the firm, Mary Louisa served as a judicial attorney for the Honorable William B. Hoffman of the Fifth District Court of Appeals, and as judicial attorney for the Honorable Patricia A. Cosgrove of the Summit County Court of Common Pleas. She graduated cum laude from the University of Akron School of Law in 1996, where she was a member and an Associate Editor of the Akron Law Review.<br /> <br />Mary Louisa is a member of the Cleveland and Ohio Bar Associations, as well as a member of the American Health Lawyers Association, OHCA (where she serves on the Facility Standards Committee), and AOPHA. She lives in Hudson, Ohio with her husband and two children.<br />
  3. 3. The Red Flags Rule: Overview<br />What is the Red Flags Rule?<br />Who must comply?<br />What you have to do:<br />Implement a written Identity Theft Prevention Program <br />Steps to a compliant plan<br />Penalties for failure to comply<br />Questions and Answers<br />
  4. 4. The Red Flags Rule: What is it?<br />What is the Red Flags Rule?<br />Requires all financial institutions and creditors to implement written programs to detect, prevent and mitigate identity theft<br />Rule has been in effect since January 1, 2008, with enforcement scheduled to begin November 1, 2009.<br />
  5. 5. Who must comply? Financial Institutions<br />“Financial Institutions” include:<br />All banks, saving associations, and credit unions (even if they do not hold transaction accounts belonging to a consumer) <br />Any other person or business that directly or indirectly holds a transaction account belonging to a consumer<br />
  6. 6. Who must comply? Creditors<br />“Creditors” include:<br />Definition is broad<br />Any business or organization that regularly defers payment for goods or services: <br />Utility companies<br />Health care providers<br />Telecommunications companies<br />Professional service providers<br />
  7. 7. Who must comply? Creditors<br />“Creditors” include:<br />One who regularly grants loans, arranges for loans or the extension of credit or makes credit decisions <br />Finance companies<br />Mortgage brokers<br />Real estate agents<br />Automobile dealers<br />Retailers offering financing <br />
  8. 8. Who must comply? Creditors<br />“Creditors” include:<br />Anyone who regularly participates in the decision to extend, renew or continue credit <br />Third-Party debt collectors<br />
  9. 9. Who must comply? Covered Accounts<br /><ul><li>If your business is a bank, or a “creditor” you must now determine if you have “Covered Accounts”</li></ul>Covered Accounts <br />Current and prior accounts covered<br />
  10. 10. Who must comply? Covered Accounts<br /><ul><li>Two kinds of “Covered Accounts”</li></ul>Consumer Account<br />High Risk Account<br />
  11. 11. Who must comply? Covered Accounts<br />Two kinds of “Covered Accounts”<br />Consumer Account<br />Primarily for personal family or household purpose<br />Involves or is Designed to permit multiple payments<br />Credit card account<br />Mortgage loan<br />Automobile loan<br />Margin account<br />Cell phone account <br />Utility account<br />
  12. 12. Who must comply? Covered Accounts<br />Two kinds of “Covered Accounts”<br />High Risk Accounts<br /><ul><li>Includes any other account that a financial institution or creditor offers or maintains for which there is a reasonably foreseeable risk to customers or to the safety and soundness of the financial institution or creditor from identity theft, including financial, operational, compliance, reputation, or litigation risks</li></li></ul><li>Who must comply? Covered Accounts<br />Two kinds of “Covered Accounts”<br />High Risk (contiunued)<br />Includes: <br />Small business accounts<br />Sole proprietorship accounts<br />Single transaction consumer accounts<br />Vulnerable to identity theft<br />
  13. 13. Who must comply? Covered Accounts<br />“Covered Accounts”<br />Also consider how the account is opened:<br />Remote access?<br />Higher potential for Identity Theft<br />
  14. 14. How to Comply: The Written Plan<br />Identity Theft Prevention Program<br />Written Plan<br />Four Elements:<br />Reasonable policies to identify the “red flags” of identity theft<br />Program must be designed to detect the red flags<br />Spell out appropriate actions<br />Planned re-evaluation<br />
  15. 15. How to Comply: The Written Plan<br />Identity Theft Prevention Program<br />Reasonable policies to identify the “red flags” of identity theft<br />Red Flags defined<br />Analysis of red flags applicable to your operation<br />
  16. 16. How to Comply: The Written Plan<br />Identity Theft Prevention Program<br />Program must be designed to detect the red flags<br />Once red flags identified, develop specific policies and procedures to detect<br />Example: Fake Id<br />Policy to detect possible forgeries<br />
  17. 17. How to Comply: The Written Plan<br />Identity Theft Prevention Program<br />Spell out appropriate actions<br />Develop specific policies to deal with red flags when they appear<br />Reporting<br />Safety<br />
  18. 18. How to Comply: The Written Plan<br />Identity Theft Prevention Program<br />Planned Re-evaluation<br />Time frame for re-evaluation fluid<br />“Periodically”<br />
  19. 19. How to Comply: Steps to a Compliant Plan<br />Incorporation of the Rules<br />Board of Directors must approve Plan<br />If no Board, must be approved by President, COO, or Senior Level employee<br />Plan must specifically state who is responsible for implementation and administration<br />Plan must provide for adequate staff to implement and administer<br />If outsourced, must demonstrate who in company will monitor compliance of outside contractors<br />
  20. 20. Penalties for failure to comply<br />Enforcement begins November 1, 2009<br />Previous delays<br />$2,500 per violation<br />What is a violation?<br />
  21. 21. Mary Louisa L’Hommedieu, Esq.<br />28601 Chagrin Boulevard, Suite 500<br />Woodmere, Ohio 44122<br />216-831-0042<br />216-831-0542 (fax)<br />mlhommedieu@meyersroman.com<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×