The Commodity Futures Trading Commission (CFTC) and the Securities and Exchange Commission (SEC) are jointly issuing final rules and guidelines to regulate entities to establish programmes to address risks of identity theft.
These rules and guidelines implement provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act, which amended section 615(e) of the Fair Credit Reporting Act and directed the Commissions to adopt rules requiring entities that are subject to the Commissions’ respective enforcement authorities to address identity theft.
Go deeper with GlobalData
Access deeper industry intelligence
Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.
The CFTC’s rules would apply to CFTC-regulated entities that qualify as "financial institutions" or "creditors" under the Fair Credit Reporting Act.
The rules, specifically, require financial institutions and creditors to develop and implement a written identity theft prevention programme, designed to detect, prevent, and mitigate identity theft in connection with certain existing accounts or the opening of new accounts.
The rules include guidelines to assist entities in the formulation and maintenance of programs that would satisfy the requirements of the rules.
The rules also establish special requirements for any credit and debit card issuers that are subject to the Commissions’ respective enforcement authorities, to assess the validity of notifications of changes of address under certain circumstances.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataThe CFTC voted 5 to 0 via seriatim to approve the final regulations, which will become effective 30 days after publication in the Federal Register.
