The Green Sheet Online Edition
April 14, 2008 • Issue 08:04:01
Online friend in fraud fight
According to regulatory software and services company Compliance Coach Inc., identity theft affects 8.3 million U.S. consumers every year, reflecting $15.6 billion in financial losses.
It is no wonder, then, that merchants are under ever increasing scrutiny by card Associations and government agencies to protect cardholder data. Along with the Payment Card Industry Data Security Standard, the federal government is getting into the mix with the FACTA (Fair and Accurate Credit Transaction Act) Identity Theft Red Flags Rule.
Financial institutions and creditors such as auto dealerships, phone companies, pay day businesses, and even property management firms and landlords - more than 2 million U.S. companies that take credit applications or offer credit - must comply with certain federal guidelines by Nov. 1, 2008. All such businesses must:
- Perform a risk assessment
- Identify all covered accounts
- Identify relevant red flag warnings of possible identity theft
- Implement fraud detection and response procedures
- Develop a written identity theft program
- Get that program approved by board of directors/senior management/owner
- Train staff on identity theft prevention
What is more, businesses are required to periodically update identity theft prevention programs and make annual reviews of their compliance status. "If you're a small to mid-size business ... and you're trying to focus on your day-to-day revenues and your business, this is a lot of work," Compliance Coach's Chief Executive Officer Sai Huda said.
According to Huda, CompliancePal - the first online, on-demand software application that guides businesses through all the necessary steps to becoming compliant - does that work for them, leading businesses through five steps:
- Assessing identity theft risk
- Mapping of red flags to appropriate detection and response procedures
- Composing a personalized Identity Theft Prevention Program
- Implementing training program
- Formalizing the businesses' Compliance Status Report
Huda said if a business is noncompliant and a breach happens, that business could be fined up to $25,000 per violation. But the pain doesn't stop there. Negative publicity, loss of business and possible lawsuits may ensue. "Just to get your name back takes a long time and a lot of money," Huda said. "That is a huge intangible risk to any business."
Without a service such as CompliancePal, it would cost a business at least $10,000 in lawyers, consultants and the allocation of internal resources to gain compliance, Huda added. Huda is exploring a variety of partnerships and distributorships for the product. "Obviously, we want to reward anybody that can get this to the audience that needs it.
"We're open to a variety of commission structures. It could be a percent of each sale. It could be volume based, or incentives."
Compliance Coach Inc.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.