The FTC announced that it is delaying until August 1, 2009 the effectiveness of its red flags rule requiring financial institutions to develop written identity theft prevention programs. (The November 1, 2008 compliance date for corresponding rules adopted by other federal agencies is unaffected by the FTC’s action regarding its own red flags rule.) See http://www.ftc.gov/opa/2009/04/redflagsrule.shtm for the FTC announcement, which also indicates that the FTC will be issuing a identity theft program template designed for entities with a low risk of identity theft. The compliance template will be available on http://www.ftc.gov/redflagsrule, an FTC website with a variety of resources on identity theft prevention programs.
Alert May 05, 2009