The Federal Trade Commission has delayed enforcement of the “Red Flags Rule,” which requires creditors and financial institutions to develop and implement written identity theft prevention programs, for six months.
The final rule, issued last year by the FTC, the federal bank regulatory agencies, and the National Credit Union Administration as part of the Fair and Accurate Credit Transactions Act, took effect Jan. 1, 2008. Full compliance with the rule is required as of Nov. 1, 2008. However, the FTC announced that it would delay enforcement until May 1, 2009, because of confusion and uncertainty by some entities and industries about their coverage under the rule.
