Red-flag rules stipulate that financial institutions and creditors establish a written program to "detect, prevent and mitigate identity theft in connection with the opening of certain accounts or existing accounts," according to a Federal Trade Commission report (.pdf file).
The rules offer more than two dozen examples of suspicious behavior that financial institutions and creditors should consider warnings.The presentation of altered documents, a suspicious address change, a fraud alert on a credit report and other unusual account activities are among the red flags.
The rules stem from the Fair and Accurate Credit Transactions Act of 2003. Relevant financial institutions have until November to come into full compliance or be subject to penalties.
