Alert May 05, 2009

Enforcement of FTC Red Flags Identity Theft Rule Delayed until August 1, 2009

The FTC announced that it is delaying until August 1, 2009 the effectiveness of its red flags rule requiring financial institutions to develop written identity theft prevention programs.  (The November 1, 2008 compliance date for corresponding rules adopted by other federal agencies is unaffected by the FTC’s action regarding its own red flags rule.)  See for the FTC announcement, which also indicates that the FTC will be issuing a identity theft program template designed for entities with a low risk of identity theft.  The compliance template will be available on, an FTC website with a variety of resources on identity theft prevention programs.