Red Flags Rule and commercial accounts

Published: September 29, 2009 by Guest Contributor

By: Kristan Keelan

Most financial institutions are well underway in complying with the FTC’s ID Theft Red Flags Rule by:

1.  Identifying covered accounts
2.  Determining what red flags need to be monitored
3.  Implementing a risk based approach

However, one of the areas that seems to be overlooked in complying with the rule is the area of commercial accounts.  Did your institution include commercial accounts when identifying covered accounts?  You’re not alone if you focused only on consumer accounts initially.

Keep in mind that commercial credit and deposit accounts also can be included as covered accounts when there is a “reasonably foreseeable risk” of identity theft to customers or to safety and soundness.

Start by determining if there is a reasonably foreseeable risk of identity theft in a business or commercial account, especially in small business accounts.   Consider the risk of identity theft presented by the methods used to open business accounts, the methods provided to access business accounts, and previous experiences with identity theft on a business account.

I encourage you to revisit your institution’s compliance program and review whether commercial accounts have been examined closely enough.

Related Posts

Experian experts provided insight on how data furnishers can help support small businesses amidst the pandemic while complying with recent regulations.

Published: April 15, 2020 by Laura Burrows

It’s important for lenders to get a comprehensive view to find the most qualified candidates. Using alternative credit data can expand your choices.

Published: July 9, 2019 by Kelly Nguyen

The 2019 report reveals new consumer and lending insights, an overview of the regulatory landscape, and what's next for machine learning and alt data.

Published: May 22, 2019 by Stefani Wendel