Merchant Account Types

Merchant Account Providers

News & Advice

Merchant Account Tools


Merchant Account Guide > Merchant Account News > 'Red Flags Rules' deadline extended again


Print this article: Deadline extended again for merchants to implemen 'Red Flags Rules' Print 
Email this article: Deadline extended again for merchants to implemen 'Red Flags Rules' Email 

'Red Flags Rules' deadline extended again

Rules require merchants to have written plans to combat ID theft

By Seamus McAfee

Editors note: On July 29, 2009, the Federal Trade Commission again delayed the deadline for compliance with its Red Flags Rules until Nov. 1, 2009. Click here to read the FTC's press release announcing the delay. 

Merchants have a little more time to put together their plans for combating identity theft, the Federal Trade Commission has announced.

On April 30, 2009, the FTC said it was again extending the deadline on its "Red Flags Rules" requiring creditors and financial institutions to implement written ID theft prevention programs. The new deadline is Aug. 1, 2009. The previous deadline was May 1, 2009 -- which itself was an extension from the original Nov. 1. 2008, date.

The FTC said the delay was needed to allow those under the umbrella of the Red Flags Rules to review the legislation and further prepare for it, as well as to give Congress extra time to determine if the original law was too expansive.

In addition, entities with a low risk of identity theft will be issued a template to help them understand the rules. "Given the ongoing debate about whether Congress wrote this provision too broadly, delaying enforcement of the Red Flags Rules will allow industries and associations to share guidance with their members, provide low-risk entities an opportunity to use the template in developing their programs, and give Congress time to consider the issue further," FTC Chairman Jon Leibowitz said. The FTC said in its press release it had discovered last year many businesses were unsure about their coverage under the rules.

Set to affect a variety of entities including finance companies, car dealers and mortgage brokers -- the Red Flags Rules were a spinoff of the Fair and Accurate Credit Transactions Act (FACTA) of 2003, which amends the Fair Credit Reporting Act (FCRA) and was intended to recruit merchants in the fight to protect customers from the estimated 9 million cases of identity theft each year.  The name of the rles derives from a list issued by the FTC with 26 red flags signaling theft for which merchants should on the lookout.

See related: "Red Flags Rules" require merchants to help fight ID theft, FTC delays "Red Flags Rules" to May 1, 2009

Updated: July 29, 2009

Comments or Questions, Library of Stories

Three most recent Data security stories: