home   |  contact   |  about IADA   | events & training  |  news  
IVRS system   
idaho automobile dealers association
view the catalog
order forms
order stock items
order online today
 

Search the IADA website

 

   Zurich

Red Flags Rule Due Date Is Almost Here

For more than a year now you have been hearing about the impending Red Flags Rule. The rule became effective January 1, 2008. Your Risk Assessment and Identity Theft Prevention Plan is due by June 1, 2010. So, have you considered your dealership’s Red Flags?

The Federal Trade Commission identified twenty-six red flags as potential indicators of identity theft. For dealers, the list is probably shorter, given the types of situations a dealer is likely to encounter. Your Risk Assessment must consider the potential indicators listed below as you develop your Identity Theft Detection and Prevention Plan and Program.

Information from a Consumer Reporting Agency

1. A consumer report includes a fraud or active duty alert.

2. A consumer reporting agency provides a notice of address discrepancy.

3. A consumer reporting agency provides a notice of credit freeze in response to a request for a consumer report.

4. A consumer report indicates a pattern of activity inconsistent with the history and usual pattern of activity of an applicant or customer, for example:

a. A recent and significant increase in the volume of inquiries.
b. An unusual number of recently established credit relationships.
c. A material change in the use of credit, especially with respect to recently established credit relationships.
d. An account was closed for cause or identified for abuse of account privileges by a financial institution or creditor.

Documents and Identification

5. Documents provided for identification appear to have been altered or forged.

6. The appearance of the applicant or customer presenting the identification is inconsistent with the photograph or physical description on the identification.

7. Information provided by the person opening a new account or customer presenting the identification is inconsistent with other information on the identification.

8. Information on file, e.g.- a signature card, is inconsistent with other information on the identification.

9. An application appears to have been altered or forged, or appears to have been destroyed and reassembled.

Personal Information

10. Personal information provided by the customer presenting the identification is inconsistent when compared against external information sources. For example:

a. The address does not match any address in the consumer report.
b. The Social Security Number (SSN) has not been issued, or is listed on the Social Security Administration’s Death Master File.

11. Personal information provided is internally inconsistent. For example, there is a lack of correlation between the SSN range and date of birth.

12. Personal information provided is associated with known fraudulent activity. For example:

a. The address on an application is the same as the address provided on a fraudulent application.
b. The phone number on an application is the same as the number provided on a fraudulent application.

13. Personal information provided is of a type commonly associated with fraudulent activity. For example:

a. The address on an application is fictitious, a mail drop, or prison.
b. The phone number is invalid, or is associated with a pager or answering service.

14. The address, SSN, or home or cell phone number provided is the same as that submitted by other persons opening an account or other customers.

15. The customer cannot provide all required information on an application after notice the application is incomplete.

16. Personal information provided is not consistent with information that is on file.

17. The customer cannot provide authenticating info beyond that which generally would be available from a wallet or consumer report.

Notice from Customers or Others Regarding Customer Accounts

18. The dealer receives notice of unauthorized charges in connection with a customer’s account.

19. The dealer receives notice that it has opened a fraudulent account for a person engaged in identity theft.

20. The dealer detects or is informed of unauthorized access to a customer’s personal information.

These items should be part of your dealership checklist and should trigger a response to the consumer, the credit reporting agency and/or law enforcement when encountered.

Beyond implementing the written program, dealerships will also need to designate an individual (typically someone at the senior management level) to oversee the program’s development, implementation and administration. Do this first. The designated individual will serve as a reference for others whenever a situation related to the program arises. This person will make the final call. He or she will also collect reports from staff about all matters related to the dealership’s identity-theft program. He or she will also be responsible for maintaining and updating the program and plan. Make sure you pick wisely, because June 1st is almost here and your program coordinator has lots to do before then.

• Risk Assessment and Identity Theft Prevention Plan is due by June 1, 2010.
• Designate Sr. Manager to oversee program development, implementation and administration.
• Perform a Risk Assessment considering the listed Identity Theft indicators.

<<< Go Back to Previous Page

 home   |  contact   |  about IADA   | events  |  news  

 Copyright Idaho Automobile Dealers Association, Inc. - 2006 -2010

Site designed and supported by Readywebgo