Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Red Flags Rule: Are You Exempt?Red Flags Rule: Think you are exempt? Think again!Kroll offers up the top questions organiz...
Question #3: What easy, extra steps could                                        Question #4: How much does our organizati...
Prochain SlideShare
Chargement dans…5

Kroll. Red Flags Applicability. Think Again.

182 vues

Publié le

Publié dans : Business, Économie & finance
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Kroll. Red Flags Applicability. Think Again.

  1. 1. Red Flags Rule: Are You Exempt?Red Flags Rule: Think you are exempt? Think again!Kroll offers up the top questions organizations should be asking themselves to determineapplicability and, if necessary, achieve complianceOn December 18th, President Obama signed the Red Flags Program Clarification Act of 2010 intolaw. At first glance, the Act effectively narrows the scope of those organizations deemed “creditors”and, thus, obligated to comply, but many do not realize that it also contains provisions potentiallydrawing in organizations that maintain accounts “subject to a reasonably foreseeable risk ofidentity theft.” Not surprisingly, the Act has caused no small amount of confusion amongmany organizations.The FTC is expected to release further guidance and update their website on the Act’s implicationsfor businesses, but, in the meantime, many companies are left wondering: Do we have to comply?Below, Brian Lapidus, chief operating officer for Kroll’s Fraud Solutions division, outlines questionsthat organizations need to be asking themselves now to head off potential liability issues later–bydefining known risk factors and identifying ways to better protect their customers, employees, andbottom line from crimes like fraud and identity theft.Question #1: Are we really exempt? Question #2: Do we foresee any businessWith so much confusion as to who must changes that might cause the organization tocomply with the Red Flags Rule, this is one meet the requirements for compliance?question that an organization can’t ignore. Have your organization’s products, market,Until further guidance arrives from the FTC, it or business model changed? Is there anis important to recognize that certain factors acquisition or merger on the horizon?increase the likelihood that your organization You may not be subject to the Red Flagsis considered a covered entity. Are any of the Rule now, but things change. Ensure youraccounts in your care at a high risk for identity organization is always aware of how newtheft? Do you utilize consumer credit reports at business developments can impact yourall or, at any time, report delinquent accounts liability. According to the FTC’s posted businessto a collection agency? Any organization that guide, “business models and services change.routinely submits information on non-paying That’s why you must conduct a periodic riskconsumers to collections agencies, which assessment of your operations to help youin turn submit such information to a credit determine if you’ve acquired any coveredreporting agency, is not exempt from the Red accounts through changes to your businessFlags Rule. structure, processes, or organization.” And if you do anticipate a future change in status, it’s never too early to start considering what policy and procedural changes might be necessary to maintain compliance.
  2. 2. Question #3: What easy, extra steps could Question #4: How much does our organizationwe take right now to detect or mitigate currently absorb in fraud costs?identity theft? Consider the statistics: according to a 2010Most likely, there are many simple steps that Javelin report, the total cost of fraud amongcould be implemented now to make basic Red U.S. businesses in 2009 was $54 billion, a 12.5Flags detection part of your security culture. percent increase over fraud losses in 2008.Opportunities include training employees to This increase was driven largely by the growthrecognize signs of identity theft or checking in new accounts fraud, which rose 17 percentan ID to authenticate a customer during a from $18 billion to $21 billion. Costs are alsobusiness transaction. Certainly, small changes rising as organizations take on more of thethat don’t distract too much from day-to-day fraud loss tab to lessen the burden on theirbusiness and require minimal investment are customers (e.g., 100% of the top 25 financialeasier than jumping into a comprehensive institutions surveyed now, for the first time,Red Flags program. Need some motivation? offer zero liability fraud guarantees for debitCompare the time it takes to make some cards, according to Javelin’s 2009 “Bankingmodifications in basic processing steps or Identity Safety Scorecard” survey). Goodprocedures to the time and resources taken customer service? Absolutely! But hard onaway when required to assist a customer who the bottom line. Just think how implementinghas already become a victim of identity theft. policies and procedures to identify red flags and mitigate risks of identity theft now could potentially help save billions later. For more information on Red Flags Rule compliance and other data security issues, visit www.krollfraudsolutions.com or check out the Kroll Fraud Solutions blog “A Dialogue on Data Security.” Kroll’s Fraud Solutions 866 419 2052 www.krollfraudsolutions.com www.kroll.comThis article was prepared for general information purposes only and does notconstitute legal or other professional advice. Always consult with your ownprofessional and legal advisors concerning your own situation and any specificquestions you may have.© 2011 Kroll Inc. All rights reserved. Compliance #LIT021611; Item #NM0202111