ID Theft Red Flags FAQ IID2 – If a financial institution or creditor detects Red Flags and, as a result, suspects that an applicant is an identity thief, what response do the Red Flags Rules require?

Compliance > Lending > FCRA
Q:  If a financial institution or creditor detects Red Flags and, as a result, suspects that an applicant is an identity thief, what response do the Red Flags Rules require?
 
A:  The Red Flags Rules state that the Program of a financial institution or creditor must include policies and procedures for appropriately responding to identity theft that are commensurate with the degree of risk posed.  The Rules do not require a specific response to any particular situation but provide an illustrative list of appropriate responses. Appropriate responses to the situation described above could include not opening the account, filing a suspicious activity report (“SAR”) (for those financial institutions and creditors that are subject to SAR rules), notifying law enforcement, and/or contacting the customer whose identity has been stolen. See 12 C.F.R. § __.90(d)(2)(iii) and 16 C.F.R. § 681.2(d)(2)(iii).
 
 
ADDITIONAL INFORMATION:
This information was obtained from the Interagency FAQs for Identity Theft Red Flags and Address Discrepancies - https://www.federalreserve.gov/newsevents/pressreleases/files/bcreg20090611a1.pdf
 
 

Add Feedback