Users of Credit Card Merchant Accounts: What is Your 'Red Flag Rule' Risk Level?
The Federal Trade Commission (FTC) is implementing a 'Red Flags Rule' program to combat identity theft. Since credit cards are such a target for identity theft, any business that uses merchant accounts to take credit cards will be required to produce a written Identity Theft Prevention Program under this rule. The only real question is whether your business is considered to be at low risk, or high risk, for identity theft activities. If your business is determined to be a high risk, then you will have to construct a comprehensive plan, which could be expensive to develop and administer. However, for 'low risk' businesses, the FTC has developed a streamlined program to implement.
To determine the risk level for your business the FTC wants you to ask yourself these questions:
Do you know your clients personally? If you have a level of familiarity with your costumers, it is unlikely that someone will be able to impersonate them. This would be considered low risk.
Do you usually provide your services at your customers' homes? Identity thieves tend to be more transient in order to avoid being caught. If you deal with regularly with customers in their own homes, your business could be considered low risk.
Have you ever experienced an incident of identity theft? If your business has been established for a while and nobody has complained that their identity was fraudulently used to make a purchase, then your business is low risk.
Are you in a business where identity theft is uncommon? If there are no reports of identity theft in your industry, and it does not seem to be a current target for this criminal activity then you can consider your business to be low risk.
If, on the basis of these questions, you can demonstrate that your business is in the low risk category then you will be able to fulfill your requirements under the 'Red Flags Rule' by filling out a simple form describing the identity theft prevention measures that you have in place.
