Resources

{ Banner Image } Print PDF
Share
Subscribe to Publications

New Federal Requirements for Municipal Utilities

COMPLIANCE REQUIRED BY NOVEMBER 1, 2008

October 10, 2008

If your municipality provides utility services, including water services, with individual customer accounts, then your municipality has until November 1, 2008, to adopt and implement written identity theft prevention policies.  Additional requirements apply if your municipality uses consumer credit reports to establish residential utility accounts.  Failure to implement such policies can result in civil penalties of up to $2,500 per violation.

The new requirements, known as "Red Flag Rules," were issued by the Federal Trade Commission in 2007 as part of the Fair and Accurate Credit Transactions Act of 2003 ("FACT Act").  The FACT Act added new provisions to the Fair Credit Reporting Act (15 U.S.C. §1681, et seq.).  One purpose of the FACT Act was to provide new protections to consumers against the growing problem of identity theft.

The Red Flag Rules apply to "financial institutions" and "creditors" with "covered accounts."  The FTC has defined creditors as including utility companies and non-profit and government entities that defer payment for goods or services.  Covered accounts are defined as accounts used mostly for personal, family, or household purposes and that involve multiple payments or transactions.  These include utility accounts.  The FTC has taken the position that municipalities and other government entities that provide utility services to residents will be treated as "utilities" under the Red Flag Rules.

If your municipality provides utility services to residents, using individual accounts, then the Red Flag Rules require your municipality to implement a written program to detect the warning signs, or "red flags" of identity theft in connection with the opening of new accounts and the maintenance of existing accounts.  "Red flags" include, for example, unusual account activity, fraud alerts on a consumer report, or attempted use of suspicious account application documents.  Your municipality must also describe policies to prevent and mitigate identity theft and include a plan to update the program and to train staff to effectively implement the program.

Miller Canfield would be happy to discuss how the Red Flag Rules may affect your individual entity.  For more information on compliance and the development of policy language, please contact Tom Colis.

Miller, Canfield, Paddock and Stone, P.L.C. Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek