SEC’s Proposal to Prevent and Detect Identity Theft
The Securities and Exchange Commission has bared a proposal aiming to help protect investors from identity theft by ensuring that broker-dealers, mutual funds, and other SEC-regulated entities create programs to detect and respond appropriately to red flags.
The SEC issued the proposal jointly with the Commodity Futures Trading Commission (CFTC).
Section 1088 of the Dodd-Frank Act transferred authority over certain parts of the Fair Credit Reporting Act from the Federal Trade Commission (FTC) to the SEC and CFTC for firms they regulate.
The proposed rules are substantially similar to rules adopted in 2007 by the FTC and other federal financial regulatory agencies that were previously required to adopt such rules.
The rule proposal would require SEC-regulated entities to adopt a written identity theft program that would include reasonable policies and procedures to identify relevant red flags, detect the occurrence of red flags, respond appropriately to the detected red flags, and update the program.
The proposal would include guidelines and examples of red flags to help firms administer their programs.
The proposal will be published in the Federal Register with a 60-day public comment period.