FTC Issues Guidance on Red Flags Rule to Utility Companies
The Federal Trade Commission’s Red Flags Rule aims at curbing identity theft by requiring creditors to have written programs that detect the relevant warning signs – or “red flags” – of identity theft by May 1, 2009. By now, most utility companies understand that the Federal Trade Commission’s Red Flags Rule apply to them; however, numerous questions remain about how utility companies can implement a compliant written identity theft program. In response, the FTC recently issued a business update entitled, “The 'Red Flags' Rule: What Utility Companies Need to Know About Complying with New Requirements for Fighting Identity Theft." ( click for full article)
This FTC business update emphasizes the importance of utility companies implementing and maintaining identity theft programs. For instance, the FTC notes that utility companies may be the first to spot the red flags of identity theft, which include suspicious activity of thieves using stolen information to establish utility service. In addition, identity thieves may use proof of utility service to get driver’s licenses illegally or to apply for government benefits using a bogus address.
These red flags may include, for example, unusual account activity, fraud alerts on a consumer report, or attempted use of suspicious account application documents. The utility company's written program must describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program. The program must be managed by the Board of Directors or senior employees of the creditor, include appropriate staff training, and provide for oversight of any service providers.
Troutman Sanders LLP offers a full array of services to help bring utility companies into compliance with the Red Flags Rule.