In response to growing concerns over identity theft, on July 18, several federal agencies -- including the Federal Reserve, the Federal Deposit Insurance Corp., the Office of the Comptroller of the Currency, the Office of Thrift Supervision, the National Credit Union Association and the Federal Trade Commission -- proposed a rule that would require financial institutions and creditors to implement identity theft prevention programs. The proposal states that programs should include policies and procedures for detecting, preventing and mitigating identity theft in connection with account openings and existing accounts.
Further, the proposed regulations include guidelines listing patterns, practices and specific forms of activity that should raise a "red flag" signaling a possible risk of identity theft, according to a release from the agencies. The regulations would require that an identity theft prevention program include policies and procedures for detecting any red flag relevant to a financial institution's operations and implementing a mitigation strategy appropriate for the level of risk.
Banking advocates, however, find fault with the proposed rules. "Our concern is primarily the compliance burden," says Nessa Feddis, senior federal council at the American Bankers Association (ABA; Washington, D.C.). The Notice of Proposed Rulemaking (NPRM) lists numerous potential red flags, some of which aren't appropriate or effective for some institutions, she explains, adding that there should be a lot of flexibility in developing and crafting an ID theft prevention program.
While the ABA plans to submit comments on the NPRM urging the agencies to consider less-rigid requirements, according to Feddis, as of press time, only two comments had been submitted to the FDIC in response to the NPRM. "It is definitely apparent that identity theft is a growing problem," wrote Tim Cooper, EVP for Spearman, Texas-based First State Bank ($75 million in assets) in his comment letter. "However, banks should not be placed in the position of policing this problem and definitely not regulated to do so."
"It's always hard requesting formal plans from financial institutions because things vary so much from institution to institution," says Ariana-Michele Moore, senior analyst in Celent's (Boston) banking group. Moore contends that the proposed rules could delay the approval process and affect customers' access to credit. * --Nancy Feig
Raise That Flag
The federal agencies' Notice of Proposed Rulemaking lists 31 red flags in connection with an account application or an existing account, including: