- The regulation and guidelines implement sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003.
- The regulation requires financial institutions and creditors to implement a written identity theft prevention program.
- The regulation requires card issuers to assess the validity of change of address requests before issuing additional or replacement debit or credit cards.
- The regulation requires users of consumer reports to reasonably verify the identity of the subject of a consumer report in the event the user receives a notice of address discrepancy from the consumer reporting agency.
- The guidelines are intended to assist financial institutions in implementing the regulation.
- Supplement A to the guidelines contains a list of 26 "red flags" that financial institutions and creditors may consider incorporating into their identity theft prevention programs.
- The regulation and guidelines are effective on January 1, 2008, and mandatory compliance is required by November 1, 2008.
FDIC-Supervised Banks (Commercial and Savings)
Chief Executive Officer
Chief Information Security Officer
- FIL-22-2006, Prohibition Against Discrimination in Credit
Transactions, issued March 9, 2006
- FIL-27-2005, Guidance on Response Programs for
Unauthorized Access to Customer Information and
Customer Notice, issued April 1, 2005
- FIL-7-2005, Guidelines Requiring the Proper Disposal of
Consumer Information, issued February 2, 2005
- FIL-22-2001, Guidelines Establishing Standards for
Safeguarding Customer Information, issued March 14,
Interagency Final Rule Regarding Identity Theft Red Flags
and Address Discrepancies
Senior Policy Analyst Jeffrey Kopchik at (202) 898-3872
or JKopchik@fdic.gov, or Counsel Richard Schwartz at
(202) 898-7424 or firstname.lastname@example.org
FIL-100-2007 - PDF (PDF Help)
FDIC financial institution letters (FILs) may be accessed
from the FDIC's Web site at
To receive FILs electronically, please visit
Paper copies of FDIC financial institution letters may be
obtained through the FDIC's Public Information Center,
3501 Fairfax Drive, E-1102, Arlington, VA 22226 (1-877-
275-3342 or 202-416-6940).