ID Theft Red Flags FAQ IIA4 – Do the Red Flags Rules and Guidelines apply to the foreign branches of U.S. banks?

Compliance > Lending > FCRA
Q:  Do the Red Flags Rules and Guidelines apply to the foreign branches of U.S. banks?
 
A:  No.  The FCRA, like many federal consumer protection laws, does not expressly address extraterritorial applicability. Because a foreign branch of a U.S. bank is not an entity located in the United States, the Red Flags Rules and Guidelines do not apply.  This conclusion is consistent with a number of consumer protection regulations that exclude foreign branches of U.S. banks from coverage.  See Regulation Z, Official Staff Commentary, 12 C.F.R. part 226, supplement I, § 226.1(c)-1; Regulation E, Official Staff Commentary, 12 C.F.R. part 205, supplement I, § 205.3(a)-2; Regulation M, Official Staff Commentary, 12 C.F.R. part 213, supplement I, § 213.1-1. Other regulations that impose customer information collection and verification requirements, such as the Customer Identification Program regulations implementing the USA PATRIOT Act, do not apply extraterritorially.  See 31 C.F.R. § 103.121.
 
Nevertheless, as a matter of safety and soundness, financial institutions are strongly encouraged to implement an effective identity theft prevention program throughout their operations, including in their foreign offices, consistent with local laws.
 
 
ADDITIONAL INFORMATION:
This information was obtained from the Interagency FAQs for Identity Theft Red Flags and Address Discrepancies - https://www.federalreserve.gov/newsevents/pressreleases/files/bcreg20090611a1.pdf
 

Add Feedback