WASHINGTON (12/23/10)—State-chartered credit unions will officially become subject to Federal Trade Commission enforcement of the Fair and Accurate Credit Transactions Act (FACTA) red flag rules on Dec. 31. The FACTA red flag rules require entities with “covered accounts” to establish and implement identify theft prevention measures. Federal credit unions and banks have been subject to similar red flag rules since late 2008, but the FTC repeatedly postponed the enforcement of its red flag rules to allow Congress to reconsider whether FACTA required too many businesses to adopt red flag identity protection programs. Among many opponents of the broad language of the 2003 law, the American Bar Association had sued the FTC for its interpretation of who is a “creditor” subject to its FACTA rules. President Barack Obama signed “The Red Flag Program Clarification Act” on Dec. 18 which eliminated a number of businesses that otherwise had to comply. The Credit Union National Association’s (CUNA) Senior Vice President for Compliance Kathy Thompson noted that state chartered credit unions remain subject to the FTC’s rules, and that the FTC will begin enforcement on January 1, 2011. “Many state credit union regulators for some time have been reviewing their state chartered credit unions’ identity theft programs in light of the FACTA requirements, and the FTC announced last May that it was postponing enforcement only through the end of 2010 to give Congress an opportunity to act,” she added. “I don’t think that any credit union will be scrambling to have a compliant red-flag ID theft program in place,” said Thompson. The red-flag rule aims to avert instances of identity theft by requiring financial institutions and entities not excluded by the new law to implement programs that identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. Consumer accounts or other accounts that financial institutions find to have a risk of identity theft are covered by the rule.