Sunday, April 12, 2009

Are you a creditor? How FACTA compliance may affect your organization

It is not uncommon today for people today to rarely carry cash or coin on their person, and why would they need to? Most vendors accept credit/debit cards (one notable exception is Price’s Chicken Coop in Charlotte, NC; you must have cash and you had better know EXACTLY what you want to order when the cashier engages you. One wrong word and you get a quick rebuke!). We live in a credit society. Who are the creditors?

FACTA defines the terms “credit” and “creditor” the same as section 702 of the Equal Credit Opportunity Act:
• The term "credit" means the right granted by a creditor to a debtor to defer payment of debt or to incur debts and defer its payment or to purchase property or services and defer payment therefore.
• The term "creditor" means any person who regularly extends, renews, or continues credit; any person who regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who participates in the decision to extend, renew, or continue credit.

This definition of creditor casts a large and wide net. In fact, the American Medical Association (AMA) recently wrote the FTC essentially pleading exemption under the FACTA covered accounts. However, in response, the FTC stated that it “believe[s] that the plain language and purpose of the Rule dictate that health care professionals are covered by the Rule when they regularly defer payment for goods or services. We also believe that implementation of the Rule will help reduce the incidence of medical identity theft; and that the burden on health care professionals need not be substantial.”

We seem to be getting further from the typical line of thinking with the term creditor and identity theft, but now that electrons carry out our human fiduciary responsibilities, the door is now wide open to applying the term “creditor” to most any firm.

Firms should consider implementation of a solid continuous controls monitoring for transactions (CCM-T) framework that can help them comply with the FACTA Red Flag Rules. More information on FACTA and CCM-T's application for FACTA compliance in the coming weeks.

Joe Oringel
Visual Risk IQ
Charlotte NC, USA

No comments: