The Fair and Accurate Credit Transaction Act (FACTA) is an amendment to the Fair Credit Reporting Act (FCRA) and includes the Red Flags Rule, implemented in 2008. The Red Flags Rule calls for financial institutions and creditors to implement red flags to detect and prevent against identity theft. Institutions are required to have a written Identity Theft Prevention Program (ITPP) to govern their organization and protect their consumers.
The FTC defines a “Red Flag” as a pattern, practice or specific activity that indicates the possible existence of identity theft. FTC guidelines include 26 examples of patterns that should be considered in an identity theft prevention program. These examples fall into the following categories: