A. The purpose of the chapter is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the program in compliance with the Federal Trade Commission's Red Flag Rule (Part 681 of Title 16 of the Code of Federal Regulations) implementing sections 114 and 315 of the Fair and Accurate Credit Transaction Act (FACTA) of 2003.
B. Under the Red Flag Rule, every financial institution and creditor is required to establish an "Identity Theft Prevention Program" tailored to its size, complexity and the nature of its operation. Each program must contain reasonable policies and procedures to:
1. Identify relevant red flags for new and existing covered accounts and incorporate those red flags into the program;
2. Detect red flags that have been incorporated into the program;
3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and
4. Ensure the program is updated periodically, to reflect changes in risk to customers or to ensure the safety and soundness of the creditor from identity theft. (2019 Compilation)