Red Flags

Identity theft takes many forms. Common methods used in stealing an identity have been designated by the federal bank regulatory agencies as red flags. A red flag is a pattern, practice or specific activity that indicates the possible existence of identity theft. When an applicable red flag has been identified, a financial institution or creditor is required to analyze the red flag and respond appropriately.

Common Red Flags categories include:

• Receiving alerts, notifications, or warnings from consumer reporting agencies or service providers.
• Presentation of suspicious documents when opening, accessing, or maintaining an account.
• Presentation of suspicious personally identifying information, including suspicious address changes.
• Unusual use of or suspicious activity related to the account.
• Notice from customers, victims of identity theft, law enforcement or other persons regarding possible identity theft on the account held by the financial institution or creditor.

Red Flags Rule Definition

According to the Red Flags Rule, a covered account is:

• An account primarily for personal, family or household purposes that involves or is designed to permit multiple payments or transactions (such as a credit card account), mortgage loan, automobile loan, cell phone account, utility account, checking account, or savings account).
• Any other account for which there is a reasonably foreseeable risk to customers or the safety and soundness of the financial institution or creditor from identity theft.

Each financial institution or creditor must periodically determine whether it offers or maintains a covered account, consider its methods for opening and accessing covered accounts, and consider its previous experience with identity theft.