understanding red flag regulations and ensuring compliance
play

UNDERSTANDING RED FLAG REGULATIONS AND ENSURING COMPLIANCE - PowerPoint PPT Presentation

Feb 23, 2024 •249 likes •421 views

UNDERSTANDING RED FLAG REGULATIONS AND ENSURING COMPLIANCE University of Cincinnati Red Flags Rule Protecting Against Identity Fraud Objectives Background What is the FTC Red Flags Rule? Why do we need it? Who must comply?

  1. UNDERSTANDING RED FLAG REGULATIONS AND ENSURING COMPLIANCE University of Cincinnati Red Flags Rule Protecting Against Identity Fraud

  2. Objectives • Background – What is the FTC Red Flags Rule? – Why do we need it? – Who must comply? – Ensure everyone understands what a “Red Flag” is – Ensure everyone is clear about their responsibilities for compliance

  3. What is the Red Flags Rule • The rule supplements existing legislation aimed at preventing identity theft • Applies to financial institutions and creditors with covered accounts • Sets out how affected institutions/accounts must develop, implement and administer their Identity Theft Prevention Programs • Picks up where data security leaves off

  4. What is identity theft? • Fraudulent use of someone’s personal information • Impersonating another individual to gain services/benefits/funds/resources – Includes medical identity theft • Serious crime – may wreak havoc on your finances, credit history and reputation

  5. Personally Identifiable Information Medical information for any Consumers customer • First, middle, or last name • Doctor names and claims • Date of birth • Insurance claims • Address • Prescriptions • Telephone or wireless numbers • Treatment or diagnoses • Social Security number • Any related personal medical • Maiden name information • Account numbers Credit card information • Account number (whole or part) • Expiration date • Cardholder name • Cardholder address

  6. What is a Red Flag? • A pattern, practice, or specific activity that indicates the possible existence of identity theft. • Regulation provides many examples of ‘Red Flags’ and the following categories are outlined in the regulations: – Alerts, notifications, or other warnings received from consumer reporting agencies or service providers. – Presentation of suspicious documents. – Presentation of suspicious personal identifying information. – Unusual use of, or other suspicious activity related to, a covered account. – Notice from customers, victims of identity theft, or law enforcement

  7. Regulation Requirements Under the authority of the Federal Trade Commission (FTC) the new rule requires certain businesses and organizations to: – Develop – Implement; and, – Administer Identity Theft Prevention Programs

  8. Program Elements Must include policies and procedures to: • Develop and implement written policies and procedures to identify relevant red flags and incorporate them into the plan and controls • Train staff • Detect the potential red flags identified • Define the appropriate actions the organization will take when red flags are detected • Respond appropriately to any red flags that are detected to determine if fraudulent activity has occurred • Ensure the plan and controls are updated periodically to address changing risks • Have senior management oversight

  9. Example of Red Flags • Documents provided for identification appear to have been altered or forged • The photograph or physical description on the identification is not consistent with the appearance of the applicant or customer presenting the identification • An application appears to have been altered or forged, or gives the appearance of having been destroyed and reassembled. • Personal identifying information provided is inconsistent when compared against external information. • The Social Security number provided is the same as that submitted by others. • Social Security numbers do not match on all documents. • The customer fails to provide all required personal identifying information on an application or in response to notification that the application is incomplete • Personal identifying information provided is not consistent with personal identifying information on file. • Excessive address changes. • Unusual number of inquires on the account. • A student asking for their student number because they lost their ID card.

  10. Who Must Comply? • Financial Institutions – State or national bank, savings and loan, mutual savings bank, credit union or any person that directly or indirectly holds a transaction account belonging to a consumer • Creditors – Businesses or organizations that regularly defer payments for goods or services and bill customers later – Anyone who regularly participates in decision to extend, renew, or continue credit – Includes third-party debt collector • Covered Accounts – A consumer account offered or maintained, primarily for personal, family or household purposes, that involves or is designed to permit multiple payments or transactions. These are accounts where payments are deferred and made by a borrower periodically over time. – Any other account that a financial institution or creditor offers or maintains for which there is a reasonably foreseeable risk to customers of identity theft

  11. Four Steps to Compliance • Identify likely red flags in your operations • Detect red flags in day-to-day operations • Prevent and mitigate identity theft – Respond appropriately – Mitigate the harm done • Update your program – Conduct periodic risk assessment – Educate staff

  12. What To Do When a Red Flag Surfaces? • Most important - notify your manager immediately • Gather all related documentation • Write a description of the situation • Monitor the account involved • Contact the customer • Change passwords if needed • Notify law enforcement • Or determine no response is warranted in this case

  13. How Does This Affect UC? • All campus units that work with “covered accounts” are subject to these regulations • Examples include any units that offer: – Deferred payment plans – Direct lending – Other extension of credit – Or hold other accounts where there is a foreseeable risk of identity theft

  14. Examples of Impacted Departments • Office of the Bursar • Student Financial Aid • Human Resources • Campus Services • Academic Health Center

  15. Support UCIT Office of Information Security provides support by: • offering/conducting security risks assessments • communicating through this training program • providing guidelines for secure computer data • providing resource and educational materials • providing security tools and software • providing support for safeguard failure response

  16. Every Department Plays a Role Each department: • is required to have a security policy • is responsible for training staff • needs to be aware of red flags • needs to assure that staff are familiar with the web sites for safeguarding information of these three types: – administrative – technical – physical

  17. Resources • Available resources : Many policies, procedures and resources are available that support our efforts to protect non-public personal information. A list of related resources can be found on the UCIT Information Security web page: http://www.uc.edu/infosec.html

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Entities and Individuals in the Crosshairs Understanding Key Provisions, Ensuring Compliance and

Entities and Individuals in the Crosshairs Understanding Key Provisions, Ensuring Compliance and

Presenting a live 90-minute webinar with interactive Q&A Mexico's New Anti-Corruption Laws and Implementing Regulations: Private Entities and Individuals in the Crosshairs Understanding Key Provisions, Ensuring Compliance and Mitigating

867 views • 43 slides
FCPA Compliance is No Longer Enough Understanding Key Provisions, Ensuring Compliance and

FCPA Compliance is No Longer Enough Understanding Key Provisions, Ensuring Compliance and

Presenting a live 90-minute webinar with interactive Q&A Anti-Corruption Reform in Mexico: FCPA Compliance is No Longer Enough Understanding Key Provisions, Ensuring Compliance and Mitigating Legal Risks WEDNESDAY, DECEMBER 9, 2015 1pm

420 views • 27 slides
Ensuring HIPAA Compliance When Transmitting PHI via Patient Portals, Email and Texting Protecting

Ensuring HIPAA Compliance When Transmitting PHI via Patient Portals, Email and Texting Protecting

Presenting a live 90-minute webinar with interactive Q&A Ensuring HIPAA Compliance When Transmitting PHI via Patient Portals, Email and Texting Protecting Patient Privacy, Complying with State and Federal Regulations, and Meeting Meaningful

747 views • 53 slides
Sampling Strategies for Circular A-133 Audits: Ensuring Compliance and Internal Controls

Sampling Strategies for Circular A-133 Audits: Ensuring Compliance and Internal Controls

Presenting a live 110-minute teleconference with interactive Q&A Sampling Strategies for Circular A-133 Audits: Ensuring Compliance and Internal Controls Selecting a Methodology, Developing an Audit Sampling Plan, and Understanding

711 views • 39 slides
Pride flags Sadie, Yael, & Yossi Original Pride Flag Traditional Gay Pride Flag Philly

Pride flags Sadie, Yael, & Yossi Original Pride Flag Traditional Gay Pride Flag Philly

Pride flags Sadie, Yael, & Yossi Original Pride Flag Traditional Gay Pride Flag Philly Pride Flag Transgender Flag Progress Pride Flag Lesbian Flag Non-binary Flag Gender Fluidity flag Bisexual flag Pansexual Flag Asexual flag THANK

563 views • 13 slides
Flag Basics Agenda A1. The Pledge of Allegiance A2. The National Anthem A3. Flag

Flag Basics Agenda A1. The Pledge of Allegiance A2. The National Anthem A3. Flag

California Cadet Corps Curriculum on The Flag Flag Basics Agenda A1. The Pledge of Allegiance A2. The National Anthem A3. Flag Smarts A4. Folding the Flag A5. History of the Flag A6. Raising the Flag A7.

1.78k views • 158 slides
Brazils Anti -Corruption Law in 2015: Complying with the New Implementing Regulations

Brazils Anti -Corruption Law in 2015: Complying with the New Implementing Regulations

Presenting a live 90-minute webinar with interactive Q&A Brazils Anti -Corruption Law in 2015: Complying with the New Implementing Regulations Navigating Key Provisions, Minimizing Corruption Risks, and Ensuring Compliance TUESDAY, AUGUST

524 views • 30 slides
CMS Will Show No Mercy: Ensuring EMTALA Compliance for Psychiatric Patients in the ED

CMS Will Show No Mercy: Ensuring EMTALA Compliance for Psychiatric Patients in the ED

CMS Will Show No Mercy: Ensuring EMTALA Compliance for Psychiatric Patients in the ED Presentation for Missouri Hospital Association Gregg J. Lepper Greensfelder, Hemker & Gale, P.C. September 14, 2017 EMTALA Compliance CMS EMTALA

671 views • 44 slides
The GTHA has adopted a competition compliance policy and is vigilant in ensuring that all of its

The GTHA has adopted a competition compliance policy and is vigilant in ensuring that all of its

The GTHA has adopted a competition compliance policy and is vigilant in ensuring that all of its actions are in compliance with Canadian competition law. We remind our members that, as competitors, they should not discuss any issues relating to

585 views • 30 slides
Disabilities Division Transition Planning for Compliance with New Federal Regulations Overview

Disabilities Division Transition Planning for Compliance with New Federal Regulations Overview

North Dakota Developmental Disabilities Division Transition Planning for Compliance with New Federal Regulations Overview of the Federal Regulations A final rule (CMS 2249F) was issued in January 2014 that affects home and community- based

357 views • 24 slides
Advertising Compliance Ensuring you are code compliant Nicole McLay Assistant Secretary

Advertising Compliance Ensuring you are code compliant Nicole McLay Assistant Secretary

Advertising Compliance Ensuring you are code compliant Nicole McLay Assistant Secretary Regulatory Education and Compliance Branch Regulatory Practice and Support Division, TGA ARCS Annual Conference 21 August 2018 About the Advertising Code

468 views • 25 slides
Ensuring Compliance With Small Business Set-aside Requirements: Lessons For Small and Large

Ensuring Compliance With Small Business Set-aside Requirements: Lessons For Small and Large

Ensuring Compliance With Small Business Set-aside Requirements: Lessons For Small and Large Businesses June 7, 2011 Presented by Dismas Locaria Venable, LLP Lynne Gummo SC&H Group, LLC Phone: (410) 403-1500 Toll Free: (800)

467 views • 21 slides
Ensuring Equal Access: SJSUs ADA Compliance Office website a presentation featuring the ATI

Ensuring Equal Access: SJSUs ADA Compliance Office website a presentation featuring the ATI

Ensuring Equal Access: SJSUs ADA Compliance Office website a presentation featuring the ATI Compliance website @SJSU a presentation featuring the ATI Compliance website @SJSU purpose: ensuring equal access We are committed to providing an

562 views • 28 slides
Requirements, IRC 2704 Discounting Regulations Ensuring Current and Future Estate Plans and Trusts

Requirements, IRC 2704 Discounting Regulations Ensuring Current and Future Estate Plans and Trusts

Presenting a live 90-minute webinar with interactive Q&A Massive Estate Planning Changes for 2016 and Beyond: Meeting New IRS Basis Consistency Requirements, IRC 2704 Discounting Regulations Ensuring Current and Future Estate Plans and

717 views • 69 slides
4 th ANTI MONEY LAUNDERING/COUNTER FINANCING OF TERRORISM CONFERENCE COMPLIANCE: ENSURING

4 th ANTI MONEY LAUNDERING/COUNTER FINANCING OF TERRORISM CONFERENCE COMPLIANCE: ENSURING

4 th ANTI MONEY LAUNDERING/COUNTER FINANCING OF TERRORISM CONFERENCE COMPLIANCE: ENSURING RELEVANCE IN THE INTERNATIONAL FINANCIAL COMMUNITY OCTOBER 12, 2015 JAMAICA PEGASUS HOTEL WHO BEARS THE COST OF CORRUPTION AND CORRUPT

352 views • 8 slides
Corporate Misconduct: Implications for Companies Understanding Key Provisions of the Yates Memo,

Corporate Misconduct: Implications for Companies Understanding Key Provisions of the Yates Memo,

Presenting a live 90-minute webinar with interactive Q&A DOJ Guidance on Individual Accountability for Corporate Misconduct: Implications for Companies Understanding Key Provisions of the Yates Memo, Ensuring Compliance and Mitigating Legal

502 views • 35 slides
Regulation A and Regulation CF Forum on Small Business Capital Formation November 19, 2015 Sara

Regulation A and Regulation CF Forum on Small Business Capital Formation November 19, 2015 Sara

Regulation A and Regulation CF Forum on Small Business Capital Formation November 19, 2015 Sara Hanks CEO, CrowdCheck, Inc. Regulation A Changes to Regulation A effective June 19, 2015 Tier 1: Up to $20 million State and SEC

157 views • 5 slides
Pay for Performance Regulation Design Changes Greg Cook Director, Market and Infrastructure

Pay for Performance Regulation Design Changes Greg Cook Director, Market and Infrastructure

Pay for Performance Regulation Design Changes Greg Cook Director, Market and Infrastructure Policy Board of Governors Meeting General Session November 13, 2014 ISO implemented pay for performance regulation in June 2013 as required by FERC

317 views • 9 slides
COVID-19 Child Care Stakeholders Call May 19, 2020 May 29, 2020 May 29, 2020 2 Agenda:

COVID-19 Child Care Stakeholders Call May 19, 2020 May 29, 2020 May 29, 2020 2 Agenda:

COVID-19 Child Care Stakeholders Call May 19, 2020 May 29, 2020 May 29, 2020 2 Agenda: Welcome: Janice Molnar Updates on CARES Act Scholarships & Supplies: Meredith Chimento Background Checks - Legally-Exempt Informal Child Care

266 views • 16 slides
WORKPLACE ASSESSMENT CHECKLIST FOR COVID-19 All workplaces are required to have an appropriate

WORKPLACE ASSESSMENT CHECKLIST FOR COVID-19 All workplaces are required to have an appropriate

WORKPLACE ASSESSMENT CHECKLIST FOR COVID-19 All workplaces are required to have an appropriate plan on how to deal with the Coronavirus (COVID-19). Appropriate measures in place will decrease the number of infections and potentially save lives.

245 views • 5 slides
SUB BALANCING AREA REGULATION WESTERN AREA POWER ADMINISTRATION SUB BALANCING AREA REGULATION

SUB BALANCING AREA REGULATION WESTERN AREA POWER ADMINISTRATION SUB BALANCING AREA REGULATION

SUB BALANCING AREA REGULATION WESTERN AREA POWER ADMINISTRATION SUB BALANCING AREA REGULATION Western is contractually obligated for approximately 30 MW of regulation for LSE interchange deviation. The other 30 MWs is used to manage

845 views • 11 slides
AER Better Regulation Reform Program Wrap-up Final Guidelines Presenta(on on AER

AER Better Regulation Reform Program Wrap-up Final Guidelines Presenta(on on AER

AER Better Regulation Reform Program Wrap-up Final Guidelines Presenta(on on AER Final Guidelines 13 January 2014 Bev Hughson, Darach Energy Consul(ng Services Agenda for Wrap

759 views • 37 slides
Californias Oil and Gas Regulation Distric strict t Rule les s 226 260 0 and d 3156 56

Californias Oil and Gas Regulation Distric strict t Rule les s 226 260 0 and d 3156 56

Californias Oil and Gas Regulation Distric strict t Rule les s 226 260 0 and d 3156 56 COG OGR/2 R/2260 260 Req equi uirem emen ents ts Gener Gen eral al Goals Provide background for the COGR Regulation Explain

516 views • 36 slides
Introduction to building blocks in the context of fibre regulation Stakeholder workshop 10

Introduction to building blocks in the context of fibre regulation Stakeholder workshop 10

Introduction to building blocks in the context of fibre regulation Stakeholder workshop 10 December 2018 Fibre regulation team Overview We propose to apply the Building Blocks Model (BBM) to the fibre regime What do we mean by Building

394 views • 18 slides

More recommend