In an earlier blog post, we covered the basics of the FTC’s Red Flags Rule – which requires certain types of businesses and financial organizations create an Identity Theft Prevention Program designed to detect the “red flags” (i.e. signs indicative of potential identity theft activity) unique to their day-to-day operations.
Since every business deals with different types of red flags and levels of risk, the FTC does not endorse or enforce any kind of one-size-fits-all compliance program. They have, however, provided guidelines describing the 4 core elements of ID theft prevention programs – which we’ll walk through in this blog post. (more…)
> Continue Reading
The “Red Flags Rule” is a set of regulatory requirements outlined in the Fair and Accurate Credit Transactions Act (FACTA) and enforced by the Federal Trade Commission. Essentially, the rule requires businesses to protect themselves and their customers against identity theft by defining “red flags” (i.e. any suspicious account activity, informational inconsistencies, or other signals that may be indicative of identity theft), putting systems in place to detect and act on those red flags, and formally documenting that system. 
KYC, or “Know Your Customer,” refers to the due diligence processes used to verify customers’ identities. KYC is completed not only when a company is first introduced to a customer, but also during various times throughout the customer/company relationship. Financial institutions use various KYC strategies as part of their required effort to ensure that none of their customers are engaged in terrorist financing (as is required for 
The Office of Foreign Assets Control, or OFAC, is a financial intelligence and enforcement agency within the U.S. Department of Treasury’s Terrorism and Financial Intelligence division (TFI). It administers trade and economic sanctions against organizations and individuals identified as a threat to the national security, economy, and foreign policy of the United States. In conjunction with other agencies of the federal government, OFAC also enforces legal penalties on any U.S. entities that undermine those sanctions by engaging in business or financial transactions with prohibited foreign entities. Federal law requires all U.S. entities (i.e. both U.S.-based businesses and individual citizens) to 1) comply with OFAC regulations and 2) provide OFAC with evidence of your due diligence in maintaining that compliance. 