FTC Releases Red Flag Program Template for Low Risk Entities
As we previously reported here, the Federal Trade Commission (“FTC”) extended the compliance date for the Red Flag Rules from May 1, 2009 to August 1, 2009. According to the FTC, the Red Flag Rules are risk-based in recognition of the burden that the Red Flag Rules could impose upon an entity that has only a small risk of identity theft. The FTC makes clear that higher risk entities should have more elaborate identity theft programs, while low risk entities may have less complex programs.
Read More