The Federal Trade Commission (FTC) issued a press release on July 29, 2009, announcing another three-month delay in its enforcement of the Red Flags Rule. The enforcement date, which had been scheduled for August 1, 2009, will now be postponed until November 1, 2009.
The Red Flags Rule is an anti-fraud regulation, aimed at reducing identity theft by requiring "creditors" to develop programs to identify, detect and respond to "red flags," that might indicate an act of identity theft. (You can learn more specifics about the Red Flags Rule in a prior DGS post.)
This delay was issued in response to the House Appropriations Committee’s recent request that the FTC defer enforcement in order to minimize the impact of the Rule on health care providers and other small businesses.
In its press release, the FTC publicized that it will increase its efforts to educate small businesses about compliance requirements and that it intends to provide additional materials and guidance to do so. A specific link for small and low-risk entities will be set up on the FTC’s Red Flags Rule website to enable these entities to easily access materials that are relevant to their compliance needs.
The FTC already offers a Red Flags Rule FAQs section, which addresses many compliance and enforcement issues.