FACTA and Red Flags Rule – Here’s What You Need to Know

If you’ve read our blog posts before you might have seen mention of the term “FACTA” sprinkled around. The Fair and Accurate Credit Transactions Act (FACTA) is a federal law in the United States that was passed into law in late 2003. The staple feature of FACTA was the allowance of American consumers to receive one free credit report every twelve months from each of the three major major credit reporting institutions.

FACTA was created for many reasons; including improving the resolution of consumer disputes, improving the accuracy of consumer records, improving the access and use of consumer credit information, and working to prevent identity theft. FACTA established many regulations concerning proper information handling and management, and worked to make consumer credit information more accessible to consumers.

One of the key components created within FACTA is known as the Red Flags Rule, which regulates how certain organizations need to implement and utilize their programs and policies that combat against identity theft. The Red Flags Rule generally applies to two groups; financial institutions, and creditors. While creditors can include any company that advances funds and regularly interacts with consumer credit agencies (car dealerships, for example), the rule excludes many professionals who do not receive full payment at the time when services are provided (doctors and lawyers, among others).

The Red Flags Rule has four main components;

Identify threats – Look for, and be aware of any threats or “red flags” that may be present. These can include things such as;

  • Suspicious documents
  • Suspicious identifying information (addresses, names etc.)
  • Unusual or suspicious use of accounts
  • Alerts and notices from consumer reporting agencies
  • Alerts and notices from customers, law enforcement, other businesses and identity theft victims, in connection with covered accounts

Detect threats – Make procedures to identify threats when they are present, and how to act if something goes wrong.

Prevent threats – Take measures to prevent threats from coming to light.

Maintain and update the policies – Keep your program and policies up to date based on relevant available information on threats that are present.

Unlike the Red Flags Rule, FACTA applies to virtually all consumers in the United States, as well as most businesses. FACTA includes stipulations which include secure disposal and management of consumer information, as well as the penalties associated with the failure to do so.

Allstate’s expert information management team knows how to help your business stay compliant with relevant United States information management laws. Our document storage and information management system allows for secure access to data 24/7.

We also maintain a team of privacy professionals that provide the backbone to our data breach reporting service. Our teams will assess the situation of your case and help determine how to report your breach depending on circumstances and legal requirements.

If your business is looking for a reliable partner that it can trust to protect sensitive and secure data, contact us today to find out which of our services fit the needs of your business.

  • Categories