New Identity Theft Red Flags Rule Survey Sheds Light on Compliance Efforts
We've known for roughly six months now that the Identity Theft Red Flags Rule compliance deadline is Nov. 1, barely four months away. How close, then, are banking institutions to meeting that deadline?
That is the question of the summer, and the answer will be found in the results of our new Identity Theft Red Flags Rule Compliance Survey. The goal of this survey (which ends on Friday, June 27, hint, hint) is to take the pulse of the marketplace - to get a sense directly from banking/security leaders:
I can't divulge any of the early returns on key questions (like, 'are you going to meet the deadline?'), but I will offer these tidbits:
May I add, too, that the survey is timely? As you know, regulatory compliance is like a college exam - no one really starts prepping til the clock starts ticking. Well, with only four-plus months to go, institutions are scrambling, and I see some all-nighters in their future. The time is now.
So, if you've not done so already, please take a few minutes to complete this important survey. When the final results are tallied and analyzed, they'll be presented in our July 9 webinar, ID Theft Red Flags Roundtable - Tips from Regulators and Practitioners on How to Meet Nov. 1 Compliance.
And while Identity Theft Red Flags Rule compliance is the talk of the summer, I can't wait for fall and winter. That's when the discussion will turn to examination and program management.
Remember, no institution has been examined yet for Identity Theft Red Flags Rule compliance - the regulatory agencies haven't even rolled out the questions they'll be asking of financial institutions. The questions are being polished now and will be released shortly. It's fair to say, though, that these examination issues will cover some of the hottest topics, including board approval, program documentation, employee/customer awareness and vendor management.
And what of program management? Well, it's one thing for an institution to bring together disparate elements to conceive an identity theft prevention program that covers all 26 discrete "red flags." Quite another to actually deploy such a program with a mix of in-house and third-party resources.
If there's one uber-theme for financial institutions in 2008, it's "Vendor Management," and you can expect it to be much discussed this fall and beyond in relation to Identity Theft Red Flags Rule compliance.
One more time: Here's the link: https://www.bankinfosecurity.com/survey_idred.php Take the survey, and let's gather back here in a couple of weeks to discuss the results.