Identity Theft Program Template for Low-Risk Entities

The Federal Trade Commission published a compliance template designed to assist financial institutions and creditors “at low risk for identity theft” in developing the Identity Theft Prevention Program required by the FTC’s Identity Theft Red Flags and Address Discrepancies Rule: Complying with the Red Flags Rule: A Do-It-Yourself Prevention Program for Businesses and Organizations at Low Risk for Identity Theft (.pdf)

The Red Flags Rule requires many businesses and organizations to implement a written Identity Theft Prevention Program to detect the “red flags” of identity theft in their operations. By focusing on red flags, you should be better able to spot an imposter using someone else’s identity. The Rule applies to companies that provide products or services and bill customers later. To find out if the Red Flags Rule applies to your business, read Fighting Fraud with the Red Flags Rule: A How-To Guide for Business (.pdf).

The FTC has designed the compliance template to help businesses  at low risk for identity theft design their own Identity Theft Prevention Program. In Part A, you determine whether your business or organization is at low risk. In Part B, if your business is in the low risk category, the template helps you to design your written Identity Theft Prevention Program.