Enforcement of the Red Flags Rule (RFR) begins December 31, 2010. RFR requires “creditors” with “covered accounts” to implement programs to identify, detect, and respond to patterns, practices or specific activities that could indicate identity theft.
Does your association need to comply? The RFR provides that creditors who handle accounts with a reasonable foreseeable risk of identity theft comply with RFR. Creditors are any entity that regularly defers payment for goods or services or provides services and then bills customers later. Associations maybe considered creditors if they allow installment payments of levied assessments or if they bill-back certain charges to owners AFTER the services are provided. Because of this uncertainty we recommend that associations comply with the RFR. Monetary penalties as high as $3,500 per violation can be imposed if you are not in compliance.
To comply, you can use the form provided by the FTC or a form developed by CAI for associations.
As always if you have any questions or need help in customizing the form please feel free to contact one of our attorneys at 303.432.9999.