In 2010, the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-
Frank Act”) amended the Fair Credit Reporting Act (“FCRA”) section 615(e) to include
the Securities and Exchange Commission (“SEC”) and the Commodity Futures Trading
Commission (“CFTC”) to the list of federal agencies that must jointly adopt and
separately enforce regulation of identity theft red flags. To that end, on April 10, 2013,
the SEC and the CFTC jointly issued their final rules and guidelines for entities regulated
by each of the respective agencies under Regulation S-ID – Identify Theft Red Flags
Rules (the “Rule” or “Regulation S-ID”).1 The new regulation became effective on May
20, 2013 and requires all affected firms to have policies and procedures in place by
November 20, 2013.
To read the full PDF article, click here.