Financial Literacy - Protecting your identity
Red flag rules to stem ID theft delayed

Hoofnagle says the red flag process is not foolproof. For example, he says that financial institutions need to keep an eye on sales where affiliate marketing agreements come into play. When consumers apply for a credit card or cell phone contract, oftentimes the agreement's privacy policy will provide for the right to share your information with third-party affiliates that sell products. Hoofnagle believes that some commissioned sales people may be highly incentivized to override the red flags.

He is also concerned that some banks may find ways to simply override authentication procedures.

"There has to be some counterweight to that problem," he says.

Heather Grover, a director of product management with Experian's Fraud & Identity Solutions, says that there has to be some balance between the consumer's best interest and an organization's need to keep its defenses opaque to thieves.

"Fraudsters are students of their craft and they'll really game the system as soon as they find the hole," she says.

Who opposes the rules?

The red flag rules give businesses the flexibility to design a program that works best with their respective business model and available resources.

However, some creditors and financial institutions aren't too happy about what they see as the added financial and bureaucratic burden of being forced to comply with the rules.

Some smaller institutions have complained that the red flag rules place an unnecessary financial and operational burden on them that they cannot afford. Many will face the prospect of having to hire a third-party company to ensure red flag rule compliance.

So while financial giants may have a legion of in-house staffers dedicated to fraud prevention, your local community bank may opt to use a third-party vendor to ensure red flag compliance.

The National Automobile Dealers Association, or NADA, says it supports the government's goal of trying to protect consumers from identity theft, but believes the red flag rules will hurt smaller dealers with limited financial resources.

"We anticipate most dealers will find it challenging to develop and implement a comprehensive identity theft program as required by the red flag rules," says Paul Metrey, director of regulatory affairs for NADA.

Metrey says the program will demand significant time and attention from managers and service providers. He says many provisions of the red flag rules have already been addressed in prior laws, like the FTC Safeguards Rule and FTC Privacy Rule.

Not surprisingly, lobbyists for the banking industry also rejected the rules as heavy handed.

The Illinois Bankers Association in a statement to the FDIC called the rules "excessive and overly burdensome."

Hoofnagle thinks that this opposition has led to foot-dragging on the part of the banks.

"I think that there are some banks that are waiting to be forced to implement them," he says.

There may be some reluctance to accept red flag rules as a best-practice measure, Grover says , but adds that many will eventually come around when they see the benefits of protecting their customers, as well as a decrease in fraud losses.

More: Review the list of red flag triggers.


Show Bankrate's community sharing policy
          Connect with us

Ask Dr. Don

Use bonds for school, avoid tax?

Dear Dr. Don, This is a bad news, good news situation that I'm asking about. I just received several Series EE and Series I savings bonds. I am the so-called payable-on-death beneficiary on the bonds. My mom, who purchased... Read more


Connect with us