BANKS, CREDIT UNIONS, MORTGAGE COMPANIES
The FACTA regulations primarily target financial institutions, but also extend to the organizations listed below that fall into a category called "Creditors." Financial institutions must carry on the diligence in "knowing your customer" that was legislated by the Bank Secrecy Act and the USA Patriot Act. Now, the Red Flag rules not only require you to identify a possibly identity thief, but to also find the potential identity theft victim. Stopping the damage of identity theft carries with it both a burden and a reward. Financial institutions are absorbing a large portion of the billion dollar losses each year to criminals who commit identity theft.
Mortgage brokers not under the regulation of the FDIC, OCC, OTS or NCUA must still comply with Red Flag because they fall into the definition of "Creditor". Federal law defines a creditor to be: any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew or continue credit. Accepting credit cards does not, in itself, make an organization a Creditor.
Mortgage Brokers who participate in the lending process by taking an application or otherwise arranging for credit fall under this definition. In seminar sessions where members of the regulatory agencies have been in attendance the discussion further clarified that the Red Flag detection must be in place at the point at which a dealer requests non-personal information for the purpose of arranging credit, in other words, the point at which the application is taken. Not just at the loan closing. Even if taking the application is the only part of the loan process in which you participate, some one down the line is going to rely on your ability to correctly identify the consumer and validate the identifying information you have been provided.
Still unsure if you are subject to Red Flag?
Take our Quiz to see if you fit the profile of a FACTA Section 114 Organization.
Attend an
NXG Webinar to learn more about Red Flag and what you must do to comply.
Need a
Red Flag template for a Written Identity Theft Prevention Plan? NXG provides Red Flag templates for Financial Institutions, complete with sample policies and procedures, and a 45 minute webinar session to help you learn how to complete the template.
Looking for
Detection, Prevention and/or Mitigation tools and services? NXG has an end-to-end solution or an a'la carte selection to complete your Red Flag Plan.
Learn More
HOSPITALS AND OTHER HEALTH CARE COMPANIES
While the FACTA regulations primarily target financial institutions, it also extends to the other groups who fit the definition of "Creditor." Federal law defines a creditor to be: any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew or continue credit. Accepting credit cards does not, in itself, make an organization a Creditor.
When asked for a clarification, the FTC explained that any company that provides goods or services and does not require payment in full at the time of delivery of those goods or services may fall into this category. Hospitals, and other health care organizations allow patients to obtain services and then bill in arrears, sometimes allowing a patient to make payments over time to complete their obligation. In addition, Section 114 cites the potential of medical fraud specifically as a problem that needs to be addressed, because there is more than just the financial risk at stake. If a criminal obtains medical treatment using a fraudulent identity thepotential exists for the medical records of the victim to become mixed with the medical history of the criminal who obtains the services. This could lead to serious consequences in the treatment of the victim in the future. For this reason, the requirement of health care companies to know "with a reasonable certainty" the identity of each person obtaining treatment is paramount.
Some healthcare organizations have asked if HIPAA requirements will also satisfy Red Flag. While HIPAA focuses on the protection and use of consumer non-public information to keep it out of the hands of criminals and others who would misuse the information, Red Flag focuses on identifying and validating "persons" in relation to the information they present to you. Both are very important and interlocking objectives, but not the same.
To better serve the healthcare industry, NXG Strategies has partnered with Aspen Re, a nationwide medical insurance provider, to bring you Aegis ID Protect. To access the special Aegis Red Flag website for health care professionals go to
www.aegisredflag.com or click
HERE.
Still unsure if you are subject to Red Flag?
CLICK HERE to access the healthcare quiz to see if you fit the profile of a FACTA Section 114 Organization.
Attend an
FREE webinar to learn more about Red Flag and what you must do to comply.
Need a
Red Flag template for a Written Identity Theft Prevention Plan? NXG provides Red Flag templates for Hospitals and Health Care Organizations complete with sample policies and procedures, and a 45 minute webinar session to help you learn how to complete the template.
Looking for
Detection, Prevention and/or Mitigation tools and services? NXG has an end-to-end solution or an a'la carte selection to complete your Red Flag Plan.
UTILITY COMPANIES AND MUNICIPAL UTILITY DISTRICTS
While the FACTA regulations primarily target financial institutions, it also extends to the other groups who fit the definition of "Creditor." Federal law defines a creditor to be: any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew or continue credit. Accepting credit cards does not, in itself, make an organization a Creditor.
When asked for a clarification, the FTC explained that any company that provides goods or services and does not require payment in full at the time of delivery of those goods or services is considered a "Creditor." Utility companies are specifically named as one of these groups. Municipalities that manage a utility district are also subject to this definition.
Still unsure if you are subject to Red Flag?
Take our Quiz to see if you fit the profile of a FACTA Section 114 Organization.
Attend an
NXG Webinar to learn more about Red Flag and what you must do to comply.
Need a
Red Flag template for a Written Identity Theft Prevention Plan? NXG provides Red Flag templates for Utility Companies and Municipalities complete with sample policies and procedures, and a 45 minute webinar session to help you learn how to complete the template.
Looking for
Detection, Prevention and/or Mitigation tools and services? NXG has an end-to-end solution or an a'la carte selection to complete your Red Flag Plan.
TELECOMMUNICATIONS COMPANIES
While the FACTA regulations primarily target financial institutions, it also extends to the other groups who fit the definition of "Creditor." Federal law defines a creditor to be: any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew or continue credit. Accepting credit cards does not, in itself, make an organization a Creditor.
When asked for a clarification, the FTC explained that any company that provides goods or services and does not require payment in full at the time of delivery of those goods or services is considered a "Creditor." Telecommunications companies are specifically named as one of these groups.
Still unsure if you are subject to Red Flag?
Take our Quiz to see if you fit the profile of a FACTA Section 114 Organization.
Attend an
NXG Webinar to learn more about Red Flag and what you must do to comply.
Need a
Red Flag template for a Written Identity Theft Prevention Plan? NXG provides Red Flag templates for Telecommunications organizations complete with sample policies and procedures, and a 45 minute webinar session to help you learn how to complete the template.
Looking for
Detection, Prevention and/or Mitigation tools and services? NXG has an end-to-end solution or an a'la carte selection to complete your Red Flag Plan.
VEHICLE DEALERS
While the FACTA regulations primarily target financial institutions, it also extends to the other groups who fit the definition of "Creditor." Federal law defines a creditor to be: any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew or continue credit. Accepting credit cards does not, in itself, make an organization a Creditor.
Vehicle dealers who participate in the lending process by taking an application or otherwise arranging for credit are named specifically as "Creditors" in the comments to the regulation. In seminar sessions where members of the regulatory agencies have been in attendance the discussion further clarified that the Red Flag detection must be in place at the point at which a dealer requests non-person information for the purpose of arranging credit, in other words, the point at which the application is taken - not just at the loan closing. Even if taking the application is the only part of the loan process in which you participate, some one down the line if going to rely on your ability to correctly identify the consumer and validate the identifying information you have been provided. That is why vehicle dealers are on the Red Flag "Creditor's" list.
Looking for
Detection, Prevention and/or Mitigation tools and services? NXG has an end-to-end solution to complete your Red Flag Plan specifically for vehicle dealers. Its called Compliance Guard.
Check it out!