Skip to main content

Identity Theft Prevention Program: Definitions

Jonathan Foxx
Jul 11, 2014

Question: We are a mortgage lender and have an Identity Theft Prevention Program, but we are still not sure what is considered a “covered account,” or an “account,” or a "Red Flag," or even a “customer.” What are the definitions for these terms? Answer: Required by the Federal Trade Commission (FTC) and other Federal agencies, the Identity Theft Prevention Program must be implemented by “financial institutions” and “creditors.” The foregoing two categories of subject entities have been defined very broadly, so as to reach to all residential mortgage lenders and originators. Essentially, a financial institution or creditor that offers or maintains one or more covered accounts must develop and implement a written Identity Theft Prevention Program, the purpose of which is to detect, prevent, and mitigate identity theft in connection with the opening of a covered account or any existing covered account. A “covered account” consists of two classes: 1. An account that a financial institution or creditor offers or maintains, primarily for personal, family, or household purposes, that involves or is designed to permit multiple payments or transactions, such as a credit card account, mortgage loan, automobile loan, margin account, cell phone account, utility account, checking account, or savings account; and, 2. Any other account that the financial institution or creditor offers or maintains for which there is a reasonably foreseeable risk to customers or to the safety and soundness of the financial institution or creditor from identity theft, including financial, operational, compliance, reputation, or litigation risks. [16 CFR § 681.1(b)(3) (2010)] An “account” is a continuing relationship established by a person with a financial institution or creditor to obtain a product or service for personal, family, household or business purposes. For instance, an account would include an extension of credit, such as for the purchase of property or services involving a deferred payment. [16 CFR § 681.1(b)(1) (2010)] A “Red Flag” is a pattern, practice, or specific activity that indicates the possible existence of identity theft. [16 CFR § 681.1(b)(9) (2010)] A “customer” is a person who has a covered account with a financial institution or creditor. [16 CFR § 681.1(b)(6) (2010)] Jonathan Foxx is president and managing director of Lenders Compliance Group and Brokers Compliance Group, mortgage risk management firms devoted to providing regulatory compliance advice and counsel to the mortgage industry. He may be contacted at (516) 442-3456 or by e-mail at [email protected]
Published
Jul 11, 2014
'A Long Road To Normal'

Nominated again to lead The Fed, Powell tells Senate committee to expect three rate hikes, but 'if we have to raise interest rates more over time, we will.'

Regulation and Compliance
Jan 11, 2022
CFPB: Complaint Response Worsens At Big 3 Credit Bureaus

Report claims Equifax, Experian, and TransUnion routinely failed to fully respond to consumers with errors.

Regulation and Compliance
Jan 10, 2022
The Fed Names Chairs, Deputy Chairs For 12 Reserve Banks

In recent years, the Federal Reserve System has worked to increase the overall diversity of the Reserve Bank and branch boards of directors and continues to build on those efforts.

Regulation and Compliance
Jan 06, 2022
The Fed: Rate Hike Likely Coming in June

Federal Open Market Committee's December minutes reveal discussion of first hike in federal funds rate in 2Q of 2022, as well as of ending asset purchases by March.

Regulation and Compliance
Jan 05, 2022
AARMR No Protection For Savanah Scares

Conference provides opportunity for regulators to interact, discuss common topics

Regulation and Compliance
Jan 04, 2022
McCargo Sworn In As Ginnie Mae President

Former HUD official becomes the first female to lead the Government National Mortgage Association.

Regulation and Compliance
Jan 04, 2022