home   |  contact   |  about IADA   | events & training  |  news  
IVRS system   
idaho automobile dealers association
view the catalog
order forms
order stock items
order online today
 

Search the IADA website

 

   Zurich

The FTC Red Flags Rule


The Basics:

The idea behind the Red Flags Rule is to require businesses that offer credit to establish policies to detect and thwart identity thieves. The primary goal of the Red Flags Rule in the dealership context is to prevent an identity thief from financing or leasing a vehicle in someone else’s name.

With that said, however, the Rule applies to much more than just automobile finance or lease transactions. It applies to all consumer finance accounts and may apply to some business accounts throughout the dealership. Indeed, the first requirement under the Rule is for dealers to review all of the different types of accounts they offer to identify those that could be subject to identity theft. After dealers have determined each account type that could be at risk of identity theft, they must then figure out what indicators of identity theft may be relevant to those types of accounts, implement procedures to detect those indicators, determine what reasonable steps the dealer should take if they are detected, and then create a Program that administers and updates these and other steps on an ongoing basis.

Appointing a Team to Develop and Implement the ITPP
The first step that a dealer should take in complying with the Red Flags Rule is to appoint the internal personnel who will be responsible for the dealership’s Identity Theft Prevention Program (ITPP).

Board of Directors/Senior Management
The Rule requires the dealership’s board of directors, an appropriate committee of the board, or a designated employee at the level of senior management to be involved in the Program’s oversight, development, implementation, and administration. The oversight function should include assigning specific responsibility for the Program’s implementation, reviewing required compliance reports by staff who are assigned implementation functions, and approving material changes to the Program as new identity theft risks emerge.

In addition, the board of directors or an appropriate board committee must approve the initial written Program. If the dealership does not have a board of directors, the approval must come from a designated employee at the level of senior management.

Staff
The Rule contemplates that “staff” will be responsible for implementing the Program and drafting and presenting compliance reports to the board.

Team Approach
Thus, establishing the ITPP lends itself to a task force or team approach not only because of the multiple duties involved, but also because the Red Flags Rule envisions a division of responsibility between management and staff.

This article is adapted from A Dealer Guide to the FTC Red Flags and Address Discrepancy Rules: Protecting Against Identity Theft (L50), which can be ordered online at www.nada.org/mecatalog or by calling NADA at 800-252-NADA, ext. 2.

<<< Go Back to Previous Page

 home   |  contact   |  about IADA   | events  |  news  

 Copyright Idaho Automobile Dealers Association, Inc. - 2006 -2010

Site designed and supported by Readywebgo