Over the past year, regulators of financial institutions and the Federal Trade Commission (FTC) have convened to combat identity theft by implementing several of the required regulations under the Fair and Accurate Credit Transactions Act. Several new rules were adopted and finalized under the "FACT Act." 

One of the most significant is the “Red Flags Rule.” This includes mandatory requirements for the development and implementation of an Identity Theft Program. These requirements under Sections 114 and 315 of the Act were published on November 9, 2007, and will have an effective date of January 1, 2008.

The rules cover a wide variety of industry types such as utilities, banks, credit card issuers, cellular service providers, retailers that that offer installment payments, or any business that provides products or services on a deferred-payment basis. The Act requires businesses to implement measures that will help prevent, detect, and mitigate identity theft.


As part of our commitment to help merchants meet this requirement, AMS is pleased to offer RiskAlert; a comprehensive web-based  solution from our partner company Remitpro, Inc. RiskAlert provides an easy framework for businesses to be become compliant with the identity verification portion of the legislation. The on-demand solution requires no additional software to be loaded on your workstation or PC. RiskAlert  greatly reduces processing  time by automating the identity validation process and offers many advantages over manual record searching.

Red Flags

RiskAlert is a great asset in helping your business identify and detect potential red flags each time a new account is opened or if an existing account is suspected of fraud . A red flag is a pattern, practice or an activity that indicates the possible existence of identity theft. Red Flags fall into five categories:

• Alerts, notifications, or warnings from a consumer reporting agency
• Suspicious document
• Suspicious personally identifying information, such as a suspicious address
• Unusual use of – or suspicious activity relating to – a covered account
• Notices from customers, victims of identity theft, law enforcement authorities, or other businesses about possible identity theft in connection with covered accounts

Covered Accounts

Determining if your business is covered by the Act is contingent on whether or not you maintain "covered accounts" which are accounts primarily for personal, family or household purposes that involve or permit multiple payments or transactions. This also applies to any account where there is foreseeable risk to consumers or the safety and soundness of the financial institution or creditor from identity theft.