Co-authored by Gregory E. Xethalis.
On February 28, the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) jointly issued proposed rules and guidelines intended to help protect investors from identity theft by ensuring that certain SEC- and CFTC-regulated entities create programs to detect and respond to identity theft red flags.
The proposal, if implemented, will affect broker-dealers, investment advisors, investment companies, futures commission merchants, commodity pool operators, commodity trading advisors, retail foreign exchange dealers, introducing brokers, swap dealers and major swap participants. The Dodd-Frank Wall Street Reform and Consumer Protection Act amended section 615(e) of the Fair Credit Reporting Act, transferring from the Federal Trade Commission to the SEC and CFTC authority over identity theft guidelines for financial institutions and creditors. The proposed rules cover two areas to address identity theft. First, the proposed rules and guidelines would require financial institutions and creditors to develop and implement a written identity theft prevention program that is designed to detect, prevent, and mitigate identity theft in connection with certain existing accounts or the opening of new accounts. Second, the proposed rules would establish special requirements for any credit and debit card issuers to assess the validity of notifications of changes of address under certain circumstances. The SEC and CFTC are seeking comment from the public on or before May 7.