To Home Page To Home Page
General Description
Requirements
Policy Provisions
Performance Evaluation
Subject Experts
Red Flags Response
Policy

Document Number: REDFLAG--115 Revision #: 1.0
Document Owner: Executive VP Date Last Updated: 08/17/2012
Primary Author: Executive VP Status: Approved
Date Originally Created: 01/03/2012

General Description
Description:

Information about the red flags response relative to Red Flags Identity Theft Policy.


Purpose:

Delineation of policy.


Scope:

All faculty, staff, students, and administrators


Responsibility: Executive VP
VP of Business and Finance

Back to Top

Requirements
Relevant Knowledge: In order to comply with this policy you should know:
Current University policy
Federal statutes
Local statutes
Standard company policies
Standards of good practice
State statutes

Terms and Definitions: Additional training

Corrective Action

Loss of privilege, general

Termination

Back to Top

Policy Provisions
1.

Red Flags Response


1.1

Response to Alerts, Notifications or Warnings from a Consumer Reporting Agency


When a company representative is presented with an alert, notification or warning from a consumer reporting agency, they must act quickly in an effort to prevent or mitigate loss for the customer and the University.  Appropriate responses are as follows:

1. Take additional steps to verify identity.

2. Flag relevant accounts.

3. Monitor account activity.

4. Decline account application.

5. Validate address.

6. Document with a Suspicious Activity Report (SAR).

7. Notify existing customer on record.

8. Other

 


1.2

Response to Suspicious Documents


In the course of business, a company representative may be presented with suspicious documents. Appropriate responses are as follows:

1. Verify using third party resources.

2. Verify using existing account records.

3. Decline application.

4. Decline account access.

5. Document with a Suspicious Activity Report (SAR).

6. Notify law enforcement (if necessary)

7. Notify existing customer on record

8. Other

 


1.3

Response to Suspicious Identifying Personal Information


When a person provides suspicious or inconsistent identifying information to a company representative, the response is as follows:

1. Escalate verification to a higher level.

2. Decline account application.

3. Decline account access.

4. Notify existing customer on record.

5. Change account access information.

6. Change account numbers.

7. Document with a Suspicious Activity Report (SAR).

8. Involve law enforcement.

9. Other

 


1.4

Response to Unusual Use of or Suspicious Activity Related to the Covered Account


Company representatives shall be vigilant in protecting customer accounts when transacting, servicing, or processing business. When suspicious activity or unusual patterns emerge in covered accounts, the appropriate responses are as follows:

1. Use Personal Knowledge questions for verification.

2. Validate address.

3. Decline account access.

4. Document with a Suspicious Activity Report (SAR).

5. Notify existing customer on record.

6. Change account access information.

7. Change account numbers.

8. Involve law enforcement.

9. Other

 


1.5

Response to Notice From Customers, Victims of Identity Theft, Law Enforcement Authorities, or Other Persons Regarding Possible Identity Theft in Connection with Covered Accounts

 


Company representatives that are notified of a security incident from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft in connection with covered accounts must immediately inform senior management and the Identity Theft Prevention Officer. Appropriate responses are as follows:

1. Decline account access

2. Close fraudulent account

3. Document with a Suspicious Activity Report (SAR)

4. Notify existing customer on record

5. Open new account

6. Do Not Attempt to Collect on the Fraudulent Account from the True Identity

7. Cooperate with law enforcement

8. Other

 


Back to Top

Performance Evaluation
Performance Metrics: Compliance with standard policy and procedure
Compliance with federal mandate

Consequences: Further training
Job Termination

Back to Top

Subject Experts
The following may be consulted for additional information.
Executive VP

VP of Business and Finance

Back to Top

This page created 03/07/2014 using Zavanta® version 6.0