|
 |
 |
 |
 |
|
The federal financial institution regulatory agencies and the Federal Trade Commission have sent to the Federal Register for publication final rules on identity theft “red flags” and address discrepancies. The final rules implement sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003. The final rules require each financial institution and creditor that holds any consumer account, or other account for which there is a reasonably foreseeable risk of identity theft, to develop and implement an Identity Theft Prevention Program (Program) for combating identity theft
Eight federal regulators on Wednesday released a notice of proposed rulemaking (NPR) requesting comment on a model privacy form that financial institutions can use for their privacy notices to consumers required by the Gramm-Leach-Bliley Act (GLB Act). The privacy notices must describe an institution's information sharing practices, and, for certain types of sharing, consumers have the right to opt out. The notices must be provided when a consumer first becomes a customer of a financial institution and then annually for as long as the customer relationship lasts. Last October, President Bush signed into law the Financial Services Regulatory Relief Act of 2006, amending the GLB Act to require the agencies to propose a model form that is succinct and comprehensible to consumers, allows consumers easily to compare privacy practices of financial institutions, and uses easily readable type font.
The OCC, Board, FDIC, OTS, NCUA, FTC, CFTC, and SEC (the Agencies) are proposing amendments to their rules that implement the privacy provisions of the Gramm-Leach-Bliley Act (GLB Act), Title V, Subtitle A. These rules require financial institutions to provide initial and annual privacy notices to their customers. As required under Section 728 of the Financial Services Regulatory Relief Act of 2006 (Regulatory Relief Act or Act), the Agencies are proposing a safe harbor model privacy form that financial institutions may use to provide disclosures under the privacy rules.
Kmart Corporation has agreed to settle Federal Trade Commission charges that it engaged in deceptive practices in advertising and selling its Kmart gift card. As part of the settlement, Kmart will implement a refund program and publicize it on its Web site. This is the agency’s first law enforcement action involving gift cards. “Consumers have a right to know when gift cards come with strings attached,” FTC Chairman Deborah Platt Majoras said. “If fees or restrictions apply, gift card issuers must fully and clearly disclose them.”
The Federal Trade Commission today issued its annual report, "Consumer Fraud and Identity Theft Complaint Data" on complaints consumers have filed with the agency. For the seventh year in a row, identity theft tops the list, accounting for 36 percent of the 674,354 complaints received between January 1 and December 31, 2006. Other categories near the top of the complaint list include shop-at-home/catalog sales; prizes, sweepstakes and lotteries; Internet services and computer complaints; and Internet auction fraud.
At the request of the Federal Trade Commission, a federal court has shut down a payment processing operation that allegedly helped fraudulent telemarketers take millions of dollars from consumers' bank accounts. According to the FTC's complaint, since at least January 2003 the operation has aided at least nine Canada-based, advance-fee credit card schemes that induce consumers to allow an electronic debit of several hundred dollars from their bank account in exchange for an unsecured credit card; but consumers never receive a credit card or, at best, they receive a "benefits package" containing relatively worthless items.
The Federal Trade Commission (FTC) is responsible for economic issues that affect both consumers and businesses. Its primary function is to help maintain a competitive market environment that benefits both sides and in this respect, identity theft is seen as negatively affecting both consumers and businesses. In an effort to combat this problem, the FTC provides information and resources that enables the development of effective countermeasures against identity theft. The FTC has developed a website that gives information on how to deter the threat of identity theft, which it refers to as a "one stop national resource" to learn about identity theft. The website provides material that defines identity theft and procedures to deal with it if it occurs.
You are receiving this information because you have notified a consumer reporting agency that you believe that you are a victim of identity theft. Identity theft occurs when someone uses your name, Social Security number, date of birth, or other identifying information, without authority, to commit fraud. For example, someone may have committed identity theft by using your personal information to open a credit card account or get a loan in your name. For more information, visit www.consumer.gov/idtheft or write to: FTC, Consumer Response Center, Room 130-B, 600 Pennsylvania Avenue, N.W. Washington, D.C., 20580. The Fair Credit Reporting Act (FCRA) gives you specific rights when you are, or believe that you are, the victim of identity theft. Here is a brief summary of the rights designed to help you recover from identity theft.
Following a public comment period, the Federal Trade Commission has issued final summaries of identity theft and general consumer rights and revised furnisher and user notices under the Fair Credit Reporting Act (FCRA) and the Fair and Accurate Credit Transactions Act of 2003 (FACTA). Consumer reporting companies are required to notify consumers of their rights under FACTA and steps they can take to protect themselves against identity theft and difficulties resulting from identity theft.
The identity theft rights summary includes the major new identity theft rights granted to consumers by FACTA, including the right to place fraud alerts on their credit reports, to block businesses and credit bureaus from reporting information in their credit files that is a result of identity theft, and to obtain from businesses information about accounts or transactions in their name that result from identity theft. The identity theft rights summary will be provided by consumer reporting companies to consumers who contact the agencies because they believe they are victims of fraud or identity theft.
The Federal Trade Commission today said that provisions of the recently enacted Fair and Accurate Credit Transactions Act will help reduce identity theft and help victims recover. In testimony to the House Ways and Means Committee’s Subcommittee on Social Security, Howard Beales, Director of the FTC’s Bureau of Consumer Protection, said that many of the provisions will go into effect over the course of this year.
The testimony says one of the newly enacted provisions requires the three major credit reporting agencies to provide consumers with a free copy of their own credit report every 12 months. The requirement will become effective in December but will be phased in over nine months from West to East. The reports allow consumers to discover and correct errors in their credit records and to assure that accounts have not been fraudulently opened in their names.
On June 30, 2000, Congress enacted the Electronic Signatures in Global and National Commerce Act(1) ("ESIGN" or "the Act"), to facilitate the use of electronic records and signatures in interstate and foreign commerce by ensuring the validity and legal effect of contracts entered into electronically. Careful to preserve the underlying consumer protection laws governing consumers' rights to receive certain information in writing, Congress imposed special requirements on businesses that want to use electronic records or signatures in consumer transactions. Section 101(c)(1)(C)(ii) of the Act requires businesses to obtain from consumers electronic consent or confirmation to receive information electronically that a law requires to be in writing. The Act went into effect in October 2000.
I. INTRODUCTION Purpose and Scope of the Guide This Small-Entity Compliance Guide1 is intended to help financial institutions2 comply with the Interagency Guidelines Establishing Information Security Standards (Security Guidelines).3 The guide summarizes the obligations of financial institutions to protect customer information and illustrates how certain provisions of the Security Guidelines apply to specific situations. The appendix lists resources that may be helpful in assessing risks and designing and implementing information security programs. Although this guide was designed to help financial institutions identify and comply with the requirements of the Security Guidelines, it is not a substitute for the Security Guidelines. Moreover, this guide only addresses obligations of financial institutions under the Security Guidelines and does not address the applicability of any other federal or state laws or regulations that may pertain to policies or practices for protecting customer records and information.
FACILITATING AFFILIATION AMONG BANKS, SECURITIES FIRMS, AND INSURANCE COMPANIES
This alert is intended to raise awareness of an Internet virus, Bugbear.B, that recently surfaced as a potentially serious threat to financial institutions and to prompt banks and bank technology service providers to take immediate steps to mitigate the threat to their organizations and customers. BACKGROUND Viruses are an increasing threat to Internet-connected systems. The Bugbear.B virus is the latest and most capable variant that threatens financial institutions. Institutions with the capability to access the Internet, including dial-up connections, may be vulnerable to the Bugbear.B virus and other viruses, and should institute appropriate measures to mitigate the risks posed to their servers, desktops, laptops, and other computing devices.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
RSS Syndication