	Featured Article: FTC Raises the White Flag over Red Flags? State Holiday Alerts: State DNC Restrictions for November and December. Compliance Webinar: State Laws You Need to Know. MoneyGram set to pay $18 Million to settle charges from FTC. When I first sat down at my computer to start writing this article on the FTC's Red Flags Rule a couple of weeks ago, I have to admit I was experiencing a bit of déjà vu. Going all the way back to January of 2008, when the Red Flags rules first went into "effect," I had been diligently monitoring developments and telling anyone in the teleservices arena who would listen that call centers need to develop Red Flags programs, and quickly! Even though the FTC had announced that it was not going to enforce the new rules until (initially at least) November 1, 2008, I confidently prognosticated that this was a one-time delay and that call centers had to start preparing right away. When the FTC delayed the initially delayed enforcement deadline until May 1, 2009, I honestly thought that this was a unique circumstance, one that would certainly not be repeated. The FTC had gone on record numerous times to the effect that it took data privacy extremely seriously, and what better way to establish its data privacy bona fides than to start enforcing Red Flags? Again, looking to the new "deadline" of May 1, 2009, I did my part as an attorney, an ATA Fulcrum Award Winner, and gosh darnit, as an American, to help spread the word to call centers everywhere to take Red Flags seriously. Certainly, two delays associated with the enforcement of an important data privacy rule was more than enough to give U.S. businesses the time needed to comply. When the FTC announced in late April of this year that, yet again, the Red Flags juggernaut had to be postponed (this time until November 1, 2009), I did my best to spin this news as something that: 1) I had of course foreseen; and 2) provided yet more proof that the FTC was taking its time on Red Flags because it was ...setting up a sophisticated and elaborate investigatory process aimed at identifying truly egregious instances of Red Flags violations that would quickly and effectively halt any such practices? Worked for me. Amazingly, however, I was starting to get the impression that somehow, I was "losing my audience" when it came to Red Flags. People were yawning ...even worse, I heard reports that I was being referred to as "the boy who cried ?Red Flags'" behind my back. Long story short, this time around, I did the smart thing - rather than publish my standard missive a few days before the new "enforcement" deadline, I chose to wait a bit and see what the FTC decided to do. And it's a good thing I did - the FTC decided yet again (as reported in a press release dated October 30, 2009) to postpone the enforcement date for Red Flags, this time to June 1, 2010. So, the new bottom line is - assuming that the FTC has run out of reasons to delay enforcement of Red Flags, financial institutions and creditors now have an additional seven months to implement an effective Red Flags program. A "financial institution" is defined as a bank, savings and loan, credit union, or other entity that holds a "transaction account" belonging to a consumer. (A "transaction account" is an account that enables payments or transfers to be made - examples include checking account, savings accounts that permit automatic transfers, and share draft accounts.) A "creditor" is a business that regularly extends, renews or continues credit and/or arranges for someone else to extend, renew, or continue credit. Examples include finance companies, automobile dealers, mortgage brokers, utilities, and telecommunications companies - but keep in mind that simply accepting credit cards does not make you subject to these rules. If your company meets the definition of either "financial institution" or "creditor," AND you provide "covered accounts" (like credit card accounts, mortgage and car loans, cell phone accounts, checking or savings accounts), then you are at the front lines of compliance for Red Flags purposes. All such front line companies must have a "Program" in place by June 1, 2010, that identifies, detects, and prevents red flags (patterns and practices that indicate the possible existence of identity theft), and that remediates any problems that are identified. Where it gets interesting for telemarketing operations providing services to financial institutions and creditors is the extension of these rules to "service providers." A service provider is an entity that provides service directly to a financial institution or creditor (which would, among many other types of entities, include call centers) where "covered accounts" are in play. Financial institutions and creditors are on the hook, under the Red Flags rules, to "exercise appropriate and effective oversight of service provider arrangements" - in other words, financial institutions and creditors must provide for the detection, prevention, and mitigation of identity theft even where an activity is outsourced to a service provider. Bottom line - if you are a telemarketer (or in fact any type of service provider) providing services to entities covered by the Red Flags rules, what you're going to need is: a written procedure to handle Red Flags a means to disseminate your clients' Red Flags Program(s) to your employees, so that they understand the nature of what it is they should be on the lookout for; a "Red Flags Officer" who's job it is to coordinate the reporting of such instances and to handle escalation of them as appropriate; and, a training program specifically geared to instructing your employees about their duties with regard to Red Flag identification and reporting. And for the record, I'm not the "boy" who cried Red Flags - I'm the "attorney" who cried Red Flags. And maybe, just maybe ...this time around, the FTC is going to follow through and actually start enforcing the Red Flags rule beginning June 1, 2010. And you can count on me to be among the first people who will write about this ...but something tells me I should probably hold off until the first week of July. Join industry experts Joe Sanscrainte and Ryan Thurman as they explore the recent change in legislation and trend toward increased enforcement of telemarketers. You can't afford to miss this session packed with all the updated information your enterprise needs to know. Title: Compliance Webinar: State laws you need to know Date and Time: November 17, 2009 from 1:00 PM - 2:00 PM EST (10:00 AM - 11:00 AM PST) Register Today: https://www1.gotomeeting.com/register/156701641 The following holiday restrictions on outbound calling to consumers have been verified for November and December in the specified states: Wednesday, November 11: Veteran's Day - Alabama, Louisiana, Mississippi, Rhode Island and Utah. Thursday, November 26: Thanksgiving Day - Alabama, Louisiana, Mississippi, Rhode Island and Utah. Friday, November 27: Acadian Day / Post Thanksgiving Day - Alabama, Louisiana and Utah. MoneyGram set to pay $18 Million to settle charges from FTC: The Federal Trade Commission (FTC) charged that between 2004 and 2008 agents of MoneyGram International, Inc. (the nation's second-largest money transfer system) allowed fraudulent telemarketers to use its money transfer system to con U.S. consumers into wiring more than $84 million dollars. In order to settle these charges MoneyGram is set to pay $18 million and will be required to implement a comprehensive anti-fraud program and to properly monitor its agents.

Featured Article: FTC Raises the White Flag over Red Flags?
State Holiday Alerts: State DNC Restrictions for November and December.
Compliance Webinar: State Laws You Need to Know.
MoneyGram set to pay $18 Million to settle charges from FTC.

When I first sat down at my computer to start writing this article on the FTC's Red Flags Rule a couple of weeks ago, I have to admit I was experiencing a bit of déjà vu. Going all the way back to January of 2008, when the Red Flags rules first went into "effect," I had been diligently monitoring developments and telling anyone in the teleservices arena who would listen that call centers need to develop Red Flags programs, and quickly! Even though the FTC had announced that it was not going to enforce the new rules until (initially at least) November 1, 2008, I confidently prognosticated that this was a one-time delay and that call centers had to start preparing right away.

When the FTC delayed the initially delayed enforcement deadline until May 1, 2009, I honestly thought that this was a unique circumstance, one that would certainly not be repeated. The FTC had gone on record numerous times to the effect that it took data privacy extremely seriously, and what better way to establish its data privacy bona fides than to start enforcing Red Flags? Again, looking to the new "deadline" of May 1, 2009, I did my part as an attorney, an ATA Fulcrum Award Winner, and gosh darnit, as an American, to help spread the word to call centers everywhere to take Red Flags seriously. Certainly, two delays associated with the enforcement of an important data privacy rule was more than enough to give U.S. businesses the time needed to comply.

When the FTC announced in late April of this year that, yet again, the Red Flags juggernaut had to be postponed (this time until November 1, 2009), I did my best to spin this news as something that: 1) I had of course foreseen; and 2) provided yet more proof that the FTC was taking its time on Red Flags because it was ...setting up a sophisticated and elaborate investigatory process aimed at identifying truly egregious instances of Red Flags violations that would quickly and effectively halt any such practices?

Worked for me. Amazingly, however, I was starting to get the impression that somehow, I was "losing my audience" when it came to Red Flags. People were yawning ...even worse, I heard reports that I was being referred to as "the boy who cried ?Red Flags'" behind my back.

Long story short, this time around, I did the smart thing - rather than publish my standard missive a few days before the new "enforcement" deadline, I chose to wait a bit and see what the FTC decided to do. And it's a good thing I did - the FTC decided yet again (as reported in a press release dated October 30, 2009) to postpone the enforcement date for Red Flags, this time to June 1, 2010.

So, the new bottom line is - assuming that the FTC has run out of reasons to delay enforcement of Red Flags, financial institutions and creditors now have an additional seven months to implement an effective Red Flags program. A "financial institution" is defined as a bank, savings and loan, credit union, or other entity that holds a "transaction account" belonging to a consumer. (A "transaction account" is an account that enables payments or transfers to be made - examples include checking account, savings accounts that permit automatic transfers, and share draft accounts.) A "creditor" is a business that regularly extends, renews or continues credit and/or arranges for someone else to extend, renew, or continue credit. Examples include finance companies, automobile dealers, mortgage brokers, utilities, and telecommunications companies - but keep in mind that simply accepting credit cards does not make you subject to these rules.

If your company meets the definition of either "financial institution" or "creditor," AND you provide "covered accounts" (like credit card accounts, mortgage and car loans, cell phone accounts, checking or savings accounts), then you are at the front lines of compliance for Red Flags purposes. All such front line companies must have a "Program" in place by June 1, 2010, that identifies, detects, and prevents red flags (patterns and practices that indicate the possible existence of identity theft), and that remediates any problems that are identified.

Where it gets interesting for telemarketing operations providing services to financial institutions and creditors is the extension of these rules to "service providers." A service provider is an entity that provides service directly to a financial institution or creditor (which would, among many other types of entities, include call centers) where "covered accounts" are in play. Financial institutions and creditors are on the hook, under the Red Flags rules, to "exercise appropriate and effective oversight of service provider arrangements" - in other words, financial institutions and creditors must provide for the detection, prevention, and mitigation of identity theft even where an activity is outsourced to a service provider.

Bottom line - if you are a telemarketer (or in fact any type of service provider) providing services to entities covered by the Red Flags rules, what you're going to need is:

a written procedure to handle Red Flags

a means to disseminate your clients' Red Flags Program(s) to your employees, so that they understand the nature of what it is they should be on the lookout for;

a "Red Flags Officer" who's job it is to coordinate the reporting of such instances and to handle escalation of them as appropriate; and,

a training program specifically geared to instructing your employees about their duties with regard to Red Flag identification and reporting.

And for the record, I'm not the "boy" who cried Red Flags - I'm the "attorney" who cried Red Flags. And maybe, just maybe ...this time around, the FTC is going to follow through and actually start enforcing the Red Flags rule beginning June 1, 2010. And you can count on me to be among the first people who will write about this ...but something tells me I should probably hold off until the first week of July.

Join industry experts Joe Sanscrainte and Ryan Thurman as they explore the recent change in legislation and trend toward increased enforcement of telemarketers. You can't afford to miss this session packed with all the updated information your enterprise needs to know.

Title: Compliance Webinar: State laws you need to know
Date and Time: November 17, 2009 from 1:00 PM - 2:00 PM EST (10:00 AM - 11:00 AM PST)
Register Today: https://www1.gotomeeting.com/register/156701641

The following holiday restrictions on outbound calling to consumers have been verified for November and December in the specified states:

Wednesday, November 11: Veteran's Day - Alabama, Louisiana, Mississippi, Rhode Island and Utah.
Thursday, November 26: Thanksgiving Day - Alabama, Louisiana, Mississippi, Rhode Island and Utah.
Friday, November 27: Acadian Day / Post Thanksgiving Day - Alabama, Louisiana and Utah.

MoneyGram set to pay $18 Million to settle charges from FTC:
The Federal Trade Commission (FTC) charged that between 2004 and 2008 agents of MoneyGram International, Inc. (the nation's second-largest money transfer system) allowed fraudulent telemarketers to use its money transfer system to con U.S. consumers into wiring more than $84 million dollars. In order to settle these charges MoneyGram is set to pay $18 million and will be required to implement a comprehensive anti-fraud program and to properly monitor its agents.