Red Flag Rule Deadline Extended

The Federal Trade Commission, on October 30 announced that the deadline for complying with its “Red Flag” rules will be extended from November 1, 2009 to June 1, 2010. The rules apply to financial institutions and certain creditors and require that the entities subject to the rules to “to develop and implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities – known as “red flags” – that could indicate identity theft.” Apparently, members of congress made the request. This is at least the second time the compliance date has been pushed back. Information about the rules is available at There continues to be controversy over who exactly is subject to the rules. On October 30, the United States District Court for the District of Columbia enjoined the FTC from enforcing the rules against lawyers. Despite the delays, the question is when the rules will take effect, not if they will. If you don’t have policies in place, now’s the time.