According to the Federal Trade Commission (FTC), more than nine million Americans have their identity stolen every year. But identity theft doesn’t just impact consumers; it can drain the cash from your business too. If a thief purchases something from your business, you’re left holding the bag, with no cash to show for it.
The Fair and Accurate Credit Transactions Act (FACTA) was passed in 2003 and the “Red Flags” rule, which requires creditors to have programs in place to recognize and prevent identity theft, has been in effect since January 2008. Enforcement of the rules begins on May 1, 2009. That means if your business fits the criteria, you need to be prepared.
How do I know if my business is affected?
If your business extends credit to consumers or if you make decisions about your customers using credit reports, you will be required to accommodate the “Red Flags” rules. According to the “Red Flags How To Guide for Business” this act may not apply to you if you simply accept credit cards. You need to read the rules carefully as they are open to broad interpretation and you do not want to be out of compliance. The “how to” guide is a good reference source to help you determine your status.
What are the “Red Flags” rules requirements?
The rules require that your business implement a written Identify Theft Prevention Program designed to detect the warning signs - red flags - of identify theft into your day-to-day operations. The idea is that with a program in place, you will be better prepared to spot suspicious patterns and take steps to prevent an identity theft from taking place. And ultimately, this can prevent loss to your business.
What must the program include?
Your program must include four key components.
1. Reasonable policies and procedures to identify the “red flags” of identity theft such as detection of “fake” identification.
2. A way to detect those “red flags” you’ve identified.
3. Spell out appropriate actions your business will take when “red flags” are detected.
4. How you will address your program periodically to ensure it reflects new risk factors.
The “red flags” rules must spell out requirements on how you will incorporate them in your daily operations and must be approved by a Board of Directors or a senior level employee. The rules do allow you flexibility based on the size of your business - this is not a “one size fits all” approach. You’ll need to consider risk, sources and categories of red flags you could encounter in your business.
At first glance, this might seem like just one more way the government has a hand in your business. But it not only protects the consumers who do business with you, it could protect your company from the possibility of a huge cash loss too. Head on over and pick up your copy of the “Red Flags How To for Business” and get started today.
What do you think about this rule? Do you consider it to be a good thing for your business? Please leave a comment below.
* * * * *
About the Author: Denise O’Berry is a small business expert who provides tools, tips and advice to help small business owners be successful. O’Berry is the author of “Small Business Cash Flow: Strategies for Making Your Business a Financial Success.” Her blog can be found at Just for Small Business.